In this article:
Identity theft is when someone steals your personal information and uses it without your permission. There are several forms of identity theft, and each one can affect you in a different way.
There's no way to inoculate yourself against identity theft completely. But if you're diligent in learning how your information can be at risk and what fraudsters can do with it, you'll be better equipped to protect your data and act quickly if someone does manage to steal it.
How Identity Theft Happens
Identity theft is a broad term that applies any time someone steals your personal information, such as your Social Security number, and uses it to create a new account, make a purchase or commit other fraud.
Due to the nature of technology and the internet, your personal information is always at risk. If you're not carefully monitoring your credit file, you may not notice you've been victimized until the damage is already done.
Here are 10 of the most common ways identity thieves get hold of your data:
1. Data Breaches
A data breach happens when someone gains access to an organization's data without authorization. The most common types of information stolen in data breaches include full names, Social Security numbers and credit card numbers.
In 2018, there were 1,244 data breaches in the U.S., and more than 446 million records were exposed, according to the Identity Theft Resource Center.
Because people have so many accounts with various businesses and other organizations, it's virtually impossible to keep your information safe from a data breach, but there are steps you can take to minimize your risk.
2. Unsecure Browsing
For the most part, you can browse the internet safely, especially if you stick to well-known websites. But if you share any information on an unsecure website or a website that's been compromised by hackers you could be putting your sensitive information directly in the hands of a thief.
Depending on your browser, you may get an alert if you try to access a risky website.
3. Dark Web Marketplaces
The dark web is often where your personally identifying information ends up after it's been stolen. Hackers may not necessarily be stealing your information to use it for themselves, but will instead choose to sell it to others who have potentially nefarious intentions.
The dark web is a hidden network of websites that aren't accessible by normal browsers. People who visit the dark web use special software to mask their identities and activity, making it a haven for fraudsters. If your information ends up on a dark web marketplace, anybody could buy it, putting your identity in more danger.
4. Malware Activity
Malware is malicious software that's designed to wreak all sorts of havoc. Fraudsters may use malware is to steal your data or spy on your computer activity without you knowing.
5. Credit Card Theft
One of the simplest forms of identity theft is credit card theft. If a thief can gain access to your credit card information, they can use it to make unauthorized purchases.
Common ways credit card theft occurs are through a data breach, physical theft, credit card skimmers and via online retail accounts where card information is stored.
6. Mail Theft
Since long before the internet, identity thieves have been combing through the mail to find documents that held personal information. Bank and credit card statements and any other document you send or receive through the postal system can be intercepted and used to gain access to your data.
The mail you throw away also can leave you vulnerable, so be sure to shred any old mail that may contain personal information.
7. Phishing and Spam Attacks
Some scammers use email and text messages and other forms of electronic communication to steal your sensitive information. The message often looks like it's coming from a reputable source and asks victims to give up one or more types of information.
For example, a bogus email made to look like it's from your bank may include a link that directs you to a spoof website that looks just like the one it's mimicking. Once there, the website may ask you for a username and password, or to input credit card information or your Social Security number. If something seems suspicious, it might be an attempt at identity theft.
8. Wi-Fi Hacking
If you use your computer or phone on a public network—airport, department store or coffee shop Wi-Fi—hackers may be able to "eavesdrop" on your connection.
This means that if you type in a password, bank account or credit card number, Social Security number or anything else, an eavesdropper can easily intercept it and use it for their own purposes.
9. Mobile Phone Theft
Smartphones are a treasure trove of information for identity thieves, especially if your apps allow you to log in automatically without a password or fingerprint. If someone manages to steal and unlock your phone, it could allow them to view the information found in your apps, as well as in your emails, text messages, notes and more.
Make sure your phone locks with a secure passcode, biometric screening is set up properly and your passwords aren't stored in plain text anywhere on your phone.
10. Card Skimming
Some thieves use a skimming device that easily can be placed over a card reader on an ATM or a fuel pump without looking out of the ordinary. When somebody swipes a debit or credit card at a compromised machine, the skimmer reads the information from the card's magnetic stripe and either stores it or transmits it. A criminal can then use this information to make purchases.
How Identity Theft Can Affect You
Once a thief has your information, they can do several things with it, including:
- Open fraudulent credit cards.
- File phony health insurance claims.
- Use your existing bank or credit card accounts to make unauthorized purchases.
- Sell it to other thieves.
- File a fraudulent tax return or steal your tax refund.
- Access your financial accounts and steal your money.
- Commit child identity theft using your child's information.
Depending on the type of theft that occurs, and how the criminal uses your information, identity theft can result in immediate financial loss, damage to your credit and emotional distress. It can also take anywhere from less than a day to several months or even years to resolve the issue.
As you work on recovering from identity theft, you may end up dealing with late payments, medical bills, and even IRS penalties requiring investigations and long-term assistance if you are a tax identity theft victim. It can also result in losing account access, having your personal accounts taken over by thieves and general loss of data privacy.
How to Check for Identity Theft
You can't completely avoid the possibility that your identity may be stolen, but you can take action to spot potential fraud before it becomes a major problem.
To check for identity theft, keep an eye on your credit reports. While you can view each one for free every 12 months through AnnualCreditReport.com, you can view a summary of your reports more regularly through various free and paid credit monitoring services.
As you check your report, watch for tradelines that you don't recognize or remember opening. Also, keep an eye on your credit score—a sudden inexplicable drop can be a dead giveaway that something is wrong.
Here are some other telltale signs that someone may have stolen your identity:
- You aren't receiving important mail such as bills or checks.
- You get bills for items you didn't order or statements for credit cards you didn't sign up for.
- You're denied credit, despite having an excellent credit rating.
- You have unauthorized bank transactions or withdrawals.
- You've received notice that your personal information may have been compromised in a data breach.
- Your electronic tax filing is denied.
- You receive unauthorized authentication messages by text or email for unknown accounts.
- You get an email from an organization that says your account has been recently accessed and it wasn't you.
- You receive a bill or an explanation of benefits for health care that you didn't seek.
What to Do if You Think You're a Victim
If you have even an inkling that you've fallen victim to identity theft, the most important thing to do is to limit the potential damage. If a credit card or debit card was stolen, contact the card issuer and your bank immediately—some banks may even allow you to lock your account through your mobile app until you can report the fraud.
Next, double-check your credit reports with the three credit bureaus (Experian, TransUnion and Equifax) to confirm any type of unusual activity and get help dealing with the theft. If you find something is amiss, consider locking or freezing your credit.
Alternatively, you can set up a fraud alert, which notifies lenders that you've been a victim of identity theft so they can take extra measures to verify your identity.
Remember, identity theft is a crime, so it's also a good idea to contact your local law enforcement agency. While authorities may not be able to do much, they can take reports and be on the alert for suspicious behavior that could involve your name or address.
Before you do report the crime, reach out to the Federal Trade Commission to file a report. The agency will provide steps you need to take and paperwork to file reports—including how to deal with police reports—and help you dispute fraudulent charges.
Being a victim of identity theft is a harrowing experience. It can take months and many hours of filling out forms and working with agencies and businesses to recover your identity once it is stolen.
Diligence Pays Off
Recognizing the signs of identity theft and taking steps to prevent it can save you heartache, stress and loss.
As you check your credit report and score regularly, watch out for suspicious transactions, accounts and notifications, and act fast when something is off. If you're diligent, you'll be in a better position to catch identity theft early before it ruins more than just your day.