Identity theft is an increasingly prevalent problem in these high-tech days. Indeed, a recent piece of research showed that one quarter of data breach victims go on to suffer identity theft. You might be one of them in the future, through no fault of your own – or, perhaps, you might become a victim because you’ve been careless online, or in the real-world for that matter.
Most of the financial losses in an identity theft are suffered by credit card issuers and banks, as victims are rarely held responsible for fraudulent debts incurred in their name. But victims often bear the responsibility of contacting their banks and credit issuers after an identity theft has occurred.
Finding out that your credit card has been used by a stranger can chill your blood. As with nearly every endeavour, prevention is the best medicine. Here are some tips for best practices and habits to get into in order to thwart identity thieves.
- Safeguard your National Insurance number. This is a crucial piece of information. Don't even tell anyone your number if you can help it.
- Shred everything that has your name, address, and other personal information. Use a cross-cut shredder, not a strip-cut shredder, because cross-cutting creates fragments that are much harder to piece back together
- Don't provide personal information to people who contact you over the phone, through postal mail, or by email. Ask them how you can get in touch with them so you can investigate. You might start with a simple Internet search for complaints about the organisation contacting you.
- Keep sensitive documents in a secure place. Birth certificates, tax returns, insurance policies, and the like should go in a fireproof safe ideally, or at least a locked drawer at home – or in a safety deposit box in a vault.
- Never give anyone your password for anything. No tech or customer service rep should ever ask you what your password is. This is a dead giveaway that you're dealing with a potential identity thief or, at best, an incompetent support tech.
- While we're on the subject of passwords: Don't use a weak or obvious password like your birth date or dog's name. Strong passwords incorporate capital and lowercase letters, numbers, and, if possible, non-alphanumeric characters (see our advice on strong passwords).
- Protect your PC. I'm not going to labour this point because we've written extensively about it many times, but you need to run a firewall and antivirus software on any PC.
- Don't fall prey to phishing. Don't click links in unsolicited email, and don't enter information on strange websites. Don't even enter information on familiar websites that have changed recently. Call the company and ask if they've redesigned their site. Always check a site's encryption before entering personal information – look for https:// in the address bar, along with a green lock icon.
How to know if your identity has been compromised
Sometimes an identity is compromised despite a person's best efforts, as we mentioned in the introduction. Three things can tip you off that you may be a victim:
- Bills. A dead giveaway is if your bills stop coming or if you start getting bills for credit cards you never applied for. Likewise, an unknown charge on your credit card or a mysterious transfer of funds out of your account requires an immediate call to your bank (obviously enough).
- Calls. Phone calls or letters about purchases you didn't make are another big signal. Someone I know found out his identity was stolen after he was contacted by PC World about purchasing an extended warranty on a computer he never bought.
- Bad reputation. If you're turned down applying for a new credit card or line of credit because your credit rating is bad – and to the best of your knowledge it shouldn't be – then check your credit reports. It costs £2 to obtain your statutory credit file online, although there are ways you can get a freebie as this article explains. If a crook has used your stolen personal data to set up a new credit account of some kind, you'll see it in the report.
If, despite your best efforts, the bad guys compromise your identity, don't panic; help is available. Visit the Action Fraud web page and follow the instructions on what to do. Suffice it to say that you need to alert the authorities, and the financial institution that you’ve had funds plundered from.