Preventing Identity Theft

identity theft word cloud graphic

Identity theft is a serious crime where a thief steals and subsequently uses critical portions of your personal information, such as your full name, date of birth, or social security number usually to commit financial fraud. An identity thief uses your information to fraudulently apply for credit in your name, file a fraudulent tax return on your behalf, gain access to medical services, or impersonate you on social media.  These criminal acts can damage your credit score and potentially deny you access to your own credit resources; and can potentially cost you a significant amount of time and money in legal costs to restore your reputation. You may not know that you are the victim of identity theft until you experience a direct financial consequence (unexpected bills, credit collections, or denied loans) related to the actions that the thief has taken on your behalf by using your stolen information.

On the basis of the summary description of the problem above, the protection of the critical portions of your personal identifying information (PII) is paramount to the prevention of identity theft. Secondly, proactive early detection, or prevention services to alert you or to specifically block certain actions from occurring without your knowledge and/or approval are often a worthwhile investment.

Protecting Your PII

Tax fraud: The IRS has a type of two-factor authentication via an “IP PIN” available to prevent someone from fraudulently filing a tax return on your behalf.  For tax year 2015, the IRS paid out over 5.8 billion dollars in fraudulent refunds to criminals using stolen identity information to file fraudulent tax returns. Information on the IP PIN feature can be found here: https://www.irs.gov/individuals/get-an-identity-protection-pin. Also, you should consider opening an online account at irs.gov and at the Social Security Administration so that a potential identity thief can’t potentially open one on your behalf. If you create an online account, you can then subsequently lock that account out permanently if you wish requiring all further interaction with the IRS to occur via written correspondence and postal mail.

Credit bureaus, monitoring, and alerting services: You can use a credit monitoring and alerting service such as LifeLock, ProtectMyID, etc. These paid services typically file recurring “fraud alerts” or “security alerts” with all four major credit bureaus (Equifax, Experian, Trans Union, and Innovis) on your behalf to prevent the use of your personal information without your direct involvement (via positive contact) and actively monitor (real time) your credit history. You can also do many of these things yourself if you are proactive. You can request a free credit report with all four credit bureaus once per year, plus if you file a “fraud alert” with the bureaus every ninety days you can run an additional report at no charge.  Filing an alert causes lenders to more carefully verify your identity whenever your personal information is used to apply for credit. Consumers who can demonstrate that they are victims or are likely to be victims of identity theft due to involvement in a data breach involving PII can apply for a long-term, “extended fraud alert” with all four credit bureaus that lasts up to seven years (a police report and/or other documentation may be required). Check the SSNs associated with your children as well periodically.  Identity thieves often use information from minors since that information is not usually readily used or monitored. Parents or guardians may want to consider freezing the credit files of their younger children or dependents to prevent fraudulent use until there is a need to unfreeze them in the future when they will be actively used.
 
Checking and savings accounts
: Most banks offer a real-time monitoring service for checking, savings, ATM/Debit, and credit card accounts that alert you whenever a transaction occurs. This can help you to limit fraudulent use of your account to as few transactions as possible since you are immediately aware that a transaction that you do not recognize has occurred and you can rapidly contact your bank.
 
Medical identity theft: Guard your Social Security, Medicare, and health insurance plan identification numbers. Only give your number(s) to your physician or other approved health care providers. Review your insurance statement and explanation of benefits forms or Medicare summary notices to make sure that any claims match services that you actually received. Report all questionable charges to your health insurance provider or Medicare promptly. Request and carefully review a copy of your medical records at least bi-annually for inaccuracies and conditions that you don’t actually have that may have shown up in your records due to fraudulent use.

Steps You Can Take

  • Secure your social security number. Don’t carry your social security card in your wallet or write the number on your checks. Only give out your social security number (SSN) when absolutely necessary to trusted individuals.
  • Don’t respond to unsolicited requests for personal information (your name, birthdate, social security number, or bank account number) by phone, by mail, or online.
  • Cover the keypad or keyboard when typing your passwords on computers and at ATMs.
  • Collect your postal mail promptly. Always ask the post office to put your mail on hold when you are away from home and you cannot promptly retrieve your mail.
  • Pay attention to your billing cycles. If any bills or financial statements are late, contact the sender.  Sometimes a thief will file a change of address on your behalf.
  • Review your credit receipts. Ask for any carbon copies, incorrect charge slips, or refund slips as well.  Promptly compare your receipts monthly with your account statements and look for any unauthorized transactions.
  • Shred all old receipts, all new credit offers received in the mail, any old account statements, and all expired cards, to prevent “dumpster divers” from getting your personal information.
  • Store any personal information in a safe place both at home and at work.
  • Use complex passwords that identity thieves cannot guess easily and multifactor authentication when available so that compromised credentials cannot be easily used to gain access to accounts.  Change your passwords regularly and change them immediately if any company that you do business with has a security breach.
  • Order your credit report at least once a year and review it carefully to be certain that it doesn't include accounts that you have not opened. Check it more frequently if you suspect someone has gained access to your account information.