Americans are spending more time online and, unfortunately, so are criminals.
While the FBI reports many crimes (property crimes, burglary, and larceny-theft) have decreased over the last several years, rates of identity theft are increasing, up 16% in 2016 over the previous year, according to Javelin Strategy and Research.
While identity theft is not as scary as violent crimes in the physical world, it's still a very serious, invasive and highly disturbing kind of crime—in part because identity theft is a crime that almost always goes undetected until well after the fact.
Consider this scenario, familiar to many Americans: you're at work and expecting a call from a handyman about the appointment the next day. You don't recognize the number when your phone rings, but you answer, thinking it must be the handyman. Instead, it's a bill collector asking you to make a payment on a loan. The bill collector has your name, phone number, address and even knows your social security number.
The problem is that you didn't take out the loan. This likely means that someone else applied for and secured the loan using your PII, such as your name, address and social security number. This is called new account fraud, and the Javelin report referenced above found that new account fraud more than doubled (up 113%) from 2014 to 2015. They called it "the most expensive and highest-impact" fraud for consumers.
Who's down with PII?
Identity theft would not be possible if criminals weren't able to get their hands on someone's PII—personally identifiable information. PII is all the data, both privately held and in the public domain, that describes and identifies who you are. It is information that pertains specifically to you. The graphic below lists the most common forms of PII, but there are more.
What is PII?
Personally Identifiable Information is information unique to you that describes and identifies who you are. It's all the information you need to protect, and monitor in case it is accessed without your permission or knowledge.
| Full name | Home address |
| Birth date | Email address(es) |
| Social Security number | Passport number |
| Driver's license number | Credit card numbers |
| Login credentials such as screen names and passwords | |
| Birthplace | Medical records |
| Military credentials | Insurance information |
How identity thieves use PII
Using PII, identity thieves can pretend to be someone else for the purpose of committing fraud in that person's name. They can use PII in a variety of ways, some which may surprise you.
Bob Sullivan, personal finance journalist and author, recently wrote about an interesting example of a former NFL player who lost his job due to identity theft.
How Can Identity Thieves Use Your PII?
- Open a new credit card or loan.
- Change a billing address so you will no longer receive the bills.
- Open new utilities accounts in your name.
- Obtain a mobile phone.
- Open a bank account and writing bad checks.
- Use your debit card number to withdraw funds.
- Obtain a new driver's license or ID.
- Use your information in the event of an arrest or court action.
Protecting your PII
Fortunately, there are some steps you can take to protect your personally identifiable information from exposure and reduce your risks of falling prey to identity thieves.
Protecting your PII Online
- Use strong, up-to-date security software and passwords on all your devices.
- Be alert to phishing scams of all kinds that could download malware onto your device.
- File your tax return early so an identity thief can't beat you to you refund.
- Avoid providing any PII to websites that don't begin with https.
- Don't overshare on social media, and never accept an invitation from a stranger.
- Monitor your financial accounts, and watch for transactions you don't recognize.
- Check your credit reports online regularly. This is one of the first places signs of identity theft will appear.
You can also protect yourself offline
Identity theft is not limited to online activities. Low-tech activities can expose your PII as well.
Protecting your PII Offline
- Never carry your Social Security card in your wallet, and only provide it when necessary.
- Be wary of "shoulder surfers" when typing your PIN into an ATM.
- Never provide financial account numbers or other information while on the phone public.
- Review your statements and watch for any transactions you don't recognize.
- Remove mail from your mailbox right away. If you'll be away from home, request a mail hold.
- Shred anything that has PII, including credit card and bank statements, receipts, medical records.
How fast can identity thieves use stolen data?
An experiment in 2017 by the FTC showed that enterprising criminals can use this information within minutes: the FTC developed fake PII and posted the data on a website that hackers and others use to make stolen credentials public. It took only nine minutes for the fraudsters to try to access the information, and more than 1,200 attempts were made to access the email, payment and credit card accounts. The research shows that personal information is valuable to identity thieves, and if they can get access to it, they will use it.
If your PII is compromised
If you detect signs that your PII has been compromised and/or identity theft has occurred, you can take action to remedy the situation. Follow the checklist below to help you stay organized; this may help alleviate the feeling of uncertainty.
- Immediately alert, the holder of the fraudulent debt or the company involved in the identity theft.
- Alert your bank.
- Report it to the credit bureaus and ask them to place a fraud alert on your credit file. If you contact Experian, they will share the alert with the other bureaus.
- If you know your PII has been compromised, you may want to consider locking or freezing your credit report.
- Check your bank and credit card statements for charges you don't recognize.
- Contact law enforcement and ask about filing a police report.
- Sign up for your bank's free online alerts to help detect any fraudulent activity.
Your personally identifiable information is valuable to you, but it doesn't have to benefit identity thieves. Take steps to protect your PII, detect fraud quickly and remedy the situation if identity theft happens to you.