Managing Money

5 Steps to Take to Protect Yourself from Identity Theft

Written by Deb Hipp

Take action now to prevent yourself from becoming an identity thief’s next victim.

In 2019, the Federal Trade Commission (FTC) received more than 3.2 million reports of identity theft, according to a report from the Consumer Sentinel Network. Consumers reported credit card identity theft fraud most often. But the FTC also received more than 270,000 reports from people who said their sensitive, personal information was misused, either on an existing account or to fraudulently open a new credit card account.

Identity thieves abound, and your credit card, bank and other financial information isn’t as far out of their reach as you might think.

Below are five steps you can take to protect yourself from identity theft

1. Review credit reports regularly

Monitoring your credit report is essential to protecting yourself from identity theft. That’s because if you spot discrepancies such as unfamiliar credit accounts under your name, you can take steps right away – placing a fraud alert or credit freeze on your credit, for example – to resolve the issue and stop others from opening more fraudulent credit accounts in your name. 

You can order one copy of your credit report a year from Annualcreditreport.com. But there are additional, often free, ways to monitor your credit as well. For example, when you sign up with Credit Karma, you can access your credit score and report(s) anytime.

Find out: 5 Signs You May Be a Victim of Identity Theft

2. Password-protect devices

Is signing in with a password on your smartphone too much trouble, so you just don’t bother with this security measure? If so, you’re leaving yourself open to identity theft if your phone is lost, stolen or even just accessible to a random dishonest person.

“Not having a password on your smartphone or tablet is akin to leaving your home with the door wide open,” according to major credit bureau Experian. “If the device falls into the wrong hands, your email, financial accounts and other private data stored on the phone will be easily accessible.”

Find out: Take These 7 Steps to Recover From Identity Theft

3. Don’t get hooked by phishing

Identity thieves often use “phishing,” a cyberattack that tricks you into divulging sensitive, personal information such as passwords, usernames, account numbers or Social Security numbers. Any information you supply via a phishing email or text can then be used to steal your identity and/or fraudulently take out credit under your name.

Red flags for phishing emails or texts include a generic greeting such as “Dear account holder” instead of your name and urgent requests that require immediate action and/or threats to close or freeze your account unless you click on a link or attachment in the email.

Find out: 5 Identity Theft Risks You Should Never Take on Public Wi-Fi

4. Use a password manager

It’s tempting to use the same password for several, or even all, of your accounts to avoid constantly looking up passwords. However, using the same password for all your bank, credit card and other financial accounts is a risky move that can make you an easy target for identity thieves.

To eliminate this identity theft risk, you can store all your passwords securely by using a password manager such as LastPass or 1Password. A password manager app lets you securely store your passwords so that you don’t have to log in with your login credentials each time you visit a website or account.

Find out: The Top 5 Identity Theft Pitfalls and How to Avoid Them

5. Hang up on scammers

Identity thieves love to pose as government agencies and banks. But no bank is going to call and ask for your checking account or debit card number. And the same goes for anyone claiming to be with the Social Security Administration who threatens to “cancel” your Social Security number if you don’t call back the number on the robocall message to “verify” your Social Security number.

If you receive a message or call from a bank or government agency, always contact the entity directly – using only the contact information on its official website – to make sure a request for sensitive, personal information is legitimate.

About the author

Deb Hipp