At Experian, consumer credit and finance education is our priority. This post may contain links and references to one or more of our partners, but we provide an objective view to help you make the best decisions. For more, see our Editorial Policy.
In this article:
There's no surefire way to avoid becoming a victim of identity theft. Even if you're extra careful with how you handle your personal information online, it still may be susceptible to data breaches and other attacks from hackers.
There are, however, some steps you can take to reduce the risk of identity theft, and even to make your information less valuable to a criminal who gets their hands on it.
1. Monitor Your Credit
While it's possible for someone to steal your information by taking your purse or wallet or burglarizing your home, many incursions that lead to identity theft occur without the victim knowing.
To make sure nobody has opened up new accounts under your name, make sure to check each of your credit reports at least yearly. You can get your Experian, Transunion and Equifax credit reports for free at AnnualCreditReport.com.
If possible, pull one report every four months so that you're looking at your reports throughout the year. Through Experian, you can get a free copy of your Experian credit report every 30 days.
With a credit freeze, no one can view your credit reports, including lenders. So if a thief steals your Social Security number and plans to open credit accounts in your name, they'll be denied. Keep in mind, though, you'll also be denied for legitimate applications unless you lift the freeze. If you place a fraud alert, creditors are encouraged to contact you and verify your information (and that you applied for the loan or credit card in question) before approving the application.
2. Keep Your Personal Documents Safe
Online identity theft is more common than it used to be, but it's still possible for criminals to gain access to your credit card numbers, bank account information and other sensitive information on paper. Here are ways to safeguard your documents:
- Request electronic statements: Doing this eliminates the paper trail financial account statements create. Mail fraud is considered old school, but it's still alive and well. It's best to have financial statements delivered to your secure email inbox rather than your mailbox.
- Keep your mail safe: If you do receive paper documents with personal information, see if you can add a lock to your mailbox or use a P.O. box as your mailing address. You may also want to consider having smaller packages delivered to your work address so you receive them during the day versus having them left unattended on your porch. If you are going to be gone for a while, ask someone to pick up and hold your mail for you, or request a hold with the U.S. Postal Service until you return.
- Buy a shredder: If you plan to throw out financial and other sensitive documents, shred them first. This can take a little extra time but adds a layer of protection against dumpster-divers.
- Lock it up: There are some documents—your Social Security number, recent tax returns, birth certificate and more—you can't get rid of. Consider getting a safe deposit box at a local bank branch or purchasing a lockbox you can store them in at your house.
3. Secure Your Online Data
Stopping mail fraud is pretty straightforward, but protecting yourself online can be a lot trickier because criminals employ many tactics to steal your identity. Here's what you need to do:
- Be cautious with links: Phishing scams involve a thief using email to trick you into giving them personal information. These messages often look like they're coming from a reputable business and can take an eagle eye to spot. If something seems off about an email that's asking you to click a link to an offer or action, don't click. Instead, hover your cursor over the link and check the destination URL. If the link would take you to a different website than you were expecting, or seems otherwise illegitimate, ignore it. Additionally, these emails can include attachments that, if opened, install information-gathering malware.
- Monitor your online accounts: Staying up to date on changes to your financial accounts can be helpful in catching fraud as soon as it happens. Set up push notifications on your smartphone or other mobile devices, and pay attention to any alert emails you may get from financial institutions.
- Be careful with public Wi-Fi: Public Wi-Fi can be a convenient way to get access to the internet. But whether you're at a coffee shop or the airport, be careful about what you do while you're online. Hackers and others can set up their own free Wi-Fi networks and use them to scrape your data. Even legitimate Wi-Fi networks can be hacked, allowing the thief to "eavesdrop" on your connection and steal data. Make sure the network you are connected to is legitimate and can be trusted, and also use a virtual private network, or VPN, to add an extra layer of security and prevent eavesdropping.
- Watch out for unsecure websites: Before you enter payment or other personal information into a website, check to make sure it's secure and trustworthy. If the URL starts with "HTTP" instead of "HTTPS," it's not secure and hackers can eavesdrop and steal information you share. Even if the site does have a secure connection, it can still be a front for a scam. If you don't recognize the name of the company, be diligent to make sure it's legitimate and trustworthy.
4. Create Strong Passwords
Society is so integrated with technology that it's easy to have scores of online accounts. As a result, it can be tempting to create one easy-to-remember password and use it everywhere.
Unfortunately, scammers have gotten good at guessing passwords using publicly available information and social engineering—for example, asking you about your pets, children, other family members and more. And once they have your password for one website, they'll have it for all the other sites you use it on.
To help minimize the damage, create a unique, strong password for every online account. The strongest passwords are long, random strings of letters, numbers and symbols, and it would be impossible to memorize each one. For that reason, you could use a password manager such as LastPass or 1Password to securely store all of them in a place that's easily accessible when you need them.
If a website or app offers it, set up two-factor authentication. This will require you to provide a second piece of information to verify your identity. It may require you to use an authenticator app with a unique number that changes every 30 seconds or have a code sent to your email or phone.
Using this process takes a little more time every time you log in or change account details, but it provides valuable protection against people who want to do you harm.
Enlist Help to Protect Your Information
With these tips, you can limit your exposure to identity theft significantly. But monitoring your information can be time-consuming, especially if you have a lot of other things to worry about. To stay up to date on how your credit and other information is being used, consider signing up for an identity theft monitoring service like Experian IdentityWorksSM Plus or Experian IdentityWorksSM Premium.
These services provide identity theft and credit monitoring, alerts, dark web surveillance and more to help you stay aware. They also connect you with fraud resolution services and identity theft insurance, which can come in handy if you do become a victim.
Between your efforts and a good identity theft monitoring service, you can not only reduce the risk of identity theft but also get back on your feet quickly if someone does manage to steal your information.