Danger! Danger! Identity thieves are everywhere! So says the Federal Trade Commission, which reports that identity fraud affects approximately 8 million to 10 million Americans each year (about 4% of the population).
Don't hit the panic button just yet. "Fraud" is the key word here. It means that lumped into crimes of outright identity theft (hijacking other people's vitals and opening new accounts in someone else's name) is the much more common crime of credit fraud (when an existing credit card or bank account is used without the owner's permission). Reports of the former are actually declining, though instances of the latter (say, when you're double-charged for a purchase) remain common.
Still, that doesn't mean that you should leave the door wide open and the porch light on. Here's a one-minute identity-safety-check drill to protect yourself online and off.
0:54: Go online to patrol account activity. Instead of waiting for your mail carrier to deliver paper statements for review, check your accounts online every few days. Actually look at your credit card and bank account statements, instead of just glancing over them quickly or passing them along to your spouse to pay off. This is usually the first place unauthorized activity will show up.
0:49: Call your credit card company or bank if an account statement is late. A missing bill may mean that some meanie called the company using your name, and changed the billing address to prevent you from catching their shopping spree.
0:40: Stop pickpockets in their tracks by photocopying the contents of your wallet. Keep copies in a safe place, so you can quickly cut off unauthorized shopping sprees. If you're one of the few people who actually knows where your Social Security card is located, don't carry it with you! Stash it away in a safe place, and only carry a minimum number of ID and credit cards with you.
0:37: Put a guard dog on your mailbox, particularly when tax forms, annual statements, and bills arrive. Deposit outgoing mail directly into post office boxes, not in your own mailbox. A shocking number of thieves troll mailboxes for your personal information. If you're going on vacation, place a hold on your mail at the post office. Also, take your name off the junk mail lists. See "Silence the Sales Pitches" for a list of ways to opt-out of sales pitches and preapproved credit card offers. Buy a cheap shredder, gather any official documents destined for the trash, and pretend you work at Enron during commercial breaks.
0:31: Look out for Aunt Edna. Many identity thefts are committed by someone close to the victim. That probably shouldn't be as big a surprise as it is: Family members have easy access to all the necessary documents and can keep a close eye on their mark (often, the elderly). Even work acquaintances can poke around your desk after office hours without raising eyebrows. Unfortunately, you can never drop your guard. It may feel weird to narc out someone with the same last name, but shared DNA doesn't give anyone the right to rip off a loved one.
0:29: Make creditors call you before any funny business occurs. Ask the credit reporting agencies to put a fraud alert on your file. (By calling one, all three will comply.) It requires lenders to request additional documentation from you anytime you request credit. If you get a call about a credit application you didn't fill out, you can stop a thief in his tracks. It will also opt you out of preapproved offers. Fraud alerts expire, so make a note of when you need to re-up.
To protect yourself against electronic n'er-do-wells...
0:21: Password-protect everything. Use a complex assortment of nonsensical words, numbers, and random punctuation marks. Once you have your password memorized, it's time to change it. Seriously, though, change your passwords often, and share them with no one. If you have a weak short-term memory, record them far from the devices they are protecting.
0:16: Don't click that! By now, you've probably gotten several hundred notices from banks with whom you do no business, telling you there's a problem with your non-existent account. This is called "phishing" (as in "fishing for a sucker to take the bait"). Thieves will pose as bank representatives, Internet service providers, government agents, and ex-boyfriends to get you to reveal personal information. Hang up the phone, and whatever you do, don't give out personal information on the phone, through the mail, or online unless you initiate the contact or know the caller.
For less obvious come-ons, tour your computer to see whether anyone's lurking. The CERT Coordination Center (operated by Carnegie Mellon University) has a library of Internet security tips -- from installing initial security measures to responding to incidents and fixing email abuses. PDAstreet.com has bulletin boards where you can learn about the latest concerns (and cool stuff) for nearly every handheld device.
0:13: Cloak your credit card number when you shop. Many credit card companies provide virtual credit card numbers for safe online shopping.
0:03: Don't put the good stuff on a handheld device. If you do lose your PDA, or if someone manages to crack your electronic Fort Knox, having your Social Security number, a list of bank and brokerage accounts, and a map to those buried gold bars only compounds the potential damage. (If you're a young blonde heiress who's not camera-shy, you might also want to consider stashing your revealing photos and videos in an actual vault.)
If you're really paranoid, make the FTC's ID Theft website your home page. It's regularly updated with the latest scams.
Got another minute?
For more on protecting yourself from fraud, read about:
Dayana Yochim double-locks her door at night, has a big dog, and checks her statements for foul play all the time.