It starts off innocuously enough. A few small purchases that you don't quite remember making appear on your credit card or debit card statement. They look plausible, but you're busy and will check them out later.
Then the real fun begins. Someone racks up a credit card bill of several hundred dollars in a state you've never been to. You get a phone call wanting to confirm the purchase of a laptop computer for someone overseas. A bank or finance company starts calling you about payments on a car loan or mortgage that you know nothing about.
Welcome to a club that has several million members in the United States alone. If something like that's happened to you, then you're the victim of identity theft.
If it hasn't happened to you, then you might want to read this TechTip for advice on how to protect yourself from identity theft.
Just what is identity theft anyway?
As its name states, identity theft (also called identity fraud) involves someone assuming your identity. Their reason for doing it is pretty easy to understand. They want to get hold of your money (or worse). They want to defraud companies. They want to accumulate cash and goods, on your dime, for personal gain or satisfaction.
The key point, and the key danger, of identity theft is that someone is pretending to be you in order to commit a crime. They're using your name, your Social Security Number (or the equivalent in wherever you live), and maybe even your own financial accounts to do illegal deeds.
And identity theft isn't just limited to taking your money or using your name to defraud. Some perpetrate identity theft for spying, blackmail, drug trafficking, or money laundering.
The different forms of identity theft
Most cases of identity theft fall into two categories. The first, and best known, is financial identity theft. This involves someone accessing your bank, credit card, and investment accounts. From there, they gradually bleed your money away or just snatch away outright.
The other category is criminal identity theft. That's when someone becomes you. It might be a criminal on the run, or someone who is trying to make a clean break with their past. They assume your identity – including your education and work history – in order to find legitimate work or to build a new life for themselves.
How the identity thieves can sting you
There are a number of ways that this can happen, both offline and online.
In the online world, one of the most popular of these is the use of fraud emails. Some of these emails will alert you to a situation with an account – for example, at a bank, with eBay, or with PayPal. Of course, the email includes a link. You click that link and you're taken to a Web page that's a better-than-decent facsimile of a legitimate site. Once there, you're expected to enter your account and personal information. And you can imagine what happens after that.
This sort of thing is easy to spot (as you'll see soon), but a lot of people do fall for it.
Another way identity thieves can catch you is by hijacking a legitimate online merchant's payment page. You know the one, where you enter your address and credit card information. Unfortunately, that page is one the identity thieves have set up and your information becomes theirs to toy with.
In the offline world, it can be quite easy for someone to get information from you. Sometimes, all it takes is a phone call. Many people don't think twice about answering certain questions.
It can be an easy matter for someone to lift documents that contain your vital information. More than a couple of unfortunates have been stung by simply tossing bank statements or pay slips into their garbage or recycling. Some bold thieves will actually steal mail from mailboxes. It's amazing what information people can glean from your bills or even a letter from the tax man.
And let's not forget about someone lifting your wallet. Far too many people carry far too much identification with themselves, making their wallets a treasure trove of personal information that an identity thief can use.
Don't become a victim
There are a number of ways in which you can protect yourself from identity theft. The most important of these is to keep your wits about you. If you're vigilant, your chances of getting taken are reduced.
If you're disposing of old documents – like pay stubs and bills – don't throw them out or recycle them. If you can, shred those documents using a cross cut shredder. This type of shredder doesn't cut paper into strips, but turns it into confetti. A number of these types of shredders can also grind up old credit and bank cards.
When at an ATM or making a purchase with a debit card, shield the keypad with your hand or with your wallet. You never know who's looking over your shoulder.
Speaking of wallets, try to lighten your load a little. Don't carry all of your ID with you. If possible, take only what you need.
When doing a secure transaction online (or one that you think is secure), look in the bottom right corner of your Web browser window. You should see a padlock icon. If you double click that icon, a smaller window will open that shows you the security information for the page and site.
One way that many Web sites ensure their security is by getting a signed digital certificate. Most sites get their certificates from certificate authorities. Two of the best know certificate authorities are VeriSign and Thwate. In fact, most Web sites use them; you can generally trust sites with certificates from either firm.
Earlier, I talked about fraud emails. The easiest way to not be taken in is to read those messages carefully and not to click the links. If you do click a link, remember to check your Web browser's address bar. The URL won't be one that you'll recognize; it will probably be a strange, long, and convoluted address.
Remember: if in doubt, don't click any suspect link or give out your information either online or over the phone. Check the source out. Recently, a friend of mine got a new credit card. He received a strange phone call purporting to be from the bank that issued the card. The call was to confirm an online transaction he'd made. My friend wouldn't confirm anything, and he called the bank immediately to check this out. It turns out that the call was legitimate. It could have gone the other way, though.
What to do if you're a victim
Even if the identity thief has only made a few small, illicit purchases, contact your local or national law enforcement authorities. Get a copy of their report and, if possible, the case number. You may need this information for the next steps.
Next, contact your bank, financial institution, or credit card company. Close any accounts that have been compromised. If the identity thief has opened any other accounts in your name, close them if you can.
Then, contact all of the credit bureaus in your area. In North America, there are three: TransUnion, EquiFax, and Experian. Let them know that you've been the victim of identity theft and that a fraud alert should be applied to your accounts. By doing this, the identity thief will not be able to open a new account; a representative of the financial firm will have to contact you first.
In the United States, a key piece of government-issued identification is the Social Security Number. Many other countries have something similar – like the Social Insurance Number in Canada. An identity thief can do a lot of damage if he or she gets hold of that information. In the United States, contact the Social Security Administration (or the equivalent department in your country) to report a theft.
If the identity thieves have really been active, it can take a long time for you to clear up the mess. Your credit rating could be damaged, even just temporarily. You'll face a lot of stress, and probably a number of collection calls and letters. And there's a good chance that you won't be able to prosecute the thief. That person may never be caught.
Where you can go for more information
If you need more information about identity theft and what to do about it, there's a lot of information available from government departments around the world.
In the United States, check out the Web sites of the Federal Trade Commission and the Department of Justice. The Canadian Privacy Commissioner and Minster of Public Safety also have more information.
For some reason, Europeans seem to be less susceptible to identity theft. Even so, you can get information on this subject from the European Anti-Fraud Office.
Australia has an anti-fraud awareness week, and in New Zealand identity theft is rare but the government has at least one Web page discussing it.
Do you have any tips about avoiding identity theft? If so, feel free to leave a comment on this TechTip.