4 Tips to Prevent Online Identity Theft
With just a few taps on a keyboard, you can easily make a purchase or sign up for a new subscription or service online. However, each of these transactions often involves the exchange of sensitive personal data—valuable information that's ripe for cybercriminals to exploit.
Online identity theft has become more widespread, especially as school, work and even healthcare have quickly shifted online since the pandemic began. According to data from the Federal Trade Commission, Americans filed 1.4 million reports of identity theft in 2021 (PDF), more than any other type of fraud complaint. While more than 395,000 complaints involved personal information that was used to claim government benefits, bank transfer and payment schemes amounted to the most significant dollar losses at over $756 million.
With the threat growing and the possible avenues for attack multiplying, it's more important than ever to understand the risk of online identity theft—and what you can do to protect yourself.
How identity theft happens
Online identity theft occurs when someone steals your personal information to commit fraudulent activities. This can happen in several ways.
In recent years, several large companies have experienced public data breaches in which hackers stole customer information that consumers legitimately provided to these businesses. You may provide your first and last name, date of birth, address or Social Security number when you sign up for cable or utility services, make an online purchase, register for an event, enroll in school or register as a new patient at a doctor's office. If these organizations don't have strong enterprise security in place, hackers can easily exploit their security vulnerabilities and illegally access customer information.
Cybercriminals have become increasingly sophisticated in their approach. Ransomware—a cyberattack that involves hackers stealing data, encrypting it and demanding a ransom to give organizations access back to their data—has become the predominant threat. In 2020, these attacks increased a whopping 485% (PDF).
Hackers have also turned to email phishing schemes to steal personal data. If employees or consumers lack cyber awareness and mistakenly click links in one of these emails, they could land on a fake website and unknowingly provide their information to hackers. With advances in technology, hackers even have adopted an emerging tactic called smishing, where they send text messages to try to steal people's information.
If hackers can access your data, they can do a lot of financial and personal damage. They can use your personal information to open a new credit card in your name or to make fraudulent purchases if they have access to your current credit card information. They can open a new account in your name for utility or cable services, steal your tax refund, use your health insurance information to access medical care or even access your unemployment benefits.
Online identity theft can undermine any sense of trust you have that a company will keep your information safe. It can make you wary of providing any information online, even if it may be more convenient. However, you can take proactive measures to protect yourself from this threat.
Preventing identity theft online
As you engage with service providers online, post on social media and upload your information on different websites, identity theft will continue to be a risk. Here are some steps you can take to reduce the likelihood you experience one of these incidents.
1 Be aware of phishing schemes
Never click a link from an email address you don't recognize or from an unsolicited sender. Many email providers have gotten better about strengthening their security defenses, so a lot of suspicious emails end up in your spam folder. However, some hackers can get through, so if you're unsure about an email or know you never requested information from the sender, it's better to be safe and delete the email.
2 Practice better password protection
Your password can be exposed if a company experiences a data breach. This is a risk in and of itself, but there's an even greater risk that a hacker can access your personal information if you often use the same password across multiple sites.
To prevent this, use unique passwords on different sites—especially your online banking and email accounts. Never share your passwords with anyone, especially over the phone. Hackers often use this approach with senior citizens, who may be more vulnerable.
Most companies will never ask for your password or personal information by phone or email if they make the initial contact. However, scammers will when they try to impersonate a legitimate company. Being aware of this tactic could prevent you from mistakenly sharing your information.
3 Regularly check your bank and credit card statements
If hackers do access your information, they may begin to make credit card purchases or withdrawals from your account.
Be vigilant and actively monitor your accounts. Many financial institutions—including First Citizens—have mechanisms in place to monitor fraudulent activity, such as real-time account and transaction alerts. You can also monitor your credit report to see if anyone has opened a new account in your name. And you can ask the three main credit bureaus to freeze a card or account if you suspect fraud.
Staying on top of your account activity can help you minimize the impact, notify your financial institutions or service providers, and contact the proper authorities right away if someone is able to unlawfully access your accounts.
4 Keep your software updated
Hackers can exploit security vulnerabilities to access personal data, which is why it's important to make sure you're using technology with the most up-to-date protection.
Companies often send security patches and updates to stay one step ahead of hackers. For example, if your smartphone provider sends an alert with its latest security patch, you should make these security updates on your phone as soon as possible.
The same thing goes for any mobile or software applications you use. In some cases, software vendors may make automatic updates, but if not, make sure you have the latest version of their application installed on your device. These mobile device best practices can help prevent malware, or malicious software that can infiltrate your phone or laptop to steal your personal data.
Proactively protecting yourself online
The increase in digital channels means online identity theft will always be a risk. The key is to take actionable steps to reduce this risk as much as possible.
Use strong passwords, and never click suspicious links or provide your personal information over the phone. Make sure you always download the latest version of the apps you use, and ensure the latest security updates are installed on your devices. Hackers will use any opening they can find to steal information, so putting these strategies together can help you identify and prevent potential security vulnerabilities identity thieves are just waiting to exploit.