Protecting your identity is an important part of your personal security, but it can be hard to know the proper way to do it. The days when simply shredding your sensitive mail was enough are long gone. Now, the internet provides new and ever-changing challenges when it comes to safeguarding your personal identity. Hackers, viruses, and data breaches threaten your security.
Use These Simple Steps to Safeguard Your Identity Online
June 21, 2018
To help you navigate this terrain, we’ve put together a primer on how you can keep your identity secure when you’re online and how to find out if your identity has been stolen. We’ve also outlined the steps you can take if your identity is stolen. With the below advice, you can take a proactive approach to securing your identity in the internet age.
Securing your identity
Protecting yourself from identity theft requires a three-pronged approach: First, take steps to prevent identity theft. Second, monitor your identity so you can detect identity theft quickly. Third, know how to respond if your identity is stolen. We’ve broken down each category into manageable steps below.
As you read, remember that protecting your identity and preventing identity theft isn’t just a one-time event—it’s a continual process that requires you to maintain good habits. Installing antivirus software, for example, won’t do you any good if you don’t keep your computer’s software updated and run regular scans of your computer.
Keep this in mind as you use the checklist below. You can check off each step as you implement it, but remember that you’ll need to use the step to create good habits in order to stay protected.
Prevent Identity Theft
While you can mitigate some of the negative effects of identity theft, it’s better to do all you can to prevent it in the first place. To help prevent identity theft, you’ll need to put these simple security measures in place.
Create strong passwords
Your passwords exist to protect your sensitive information. If you’re serious about protecting that information, you need to get serious about creating good passwords. Your passwords should be long—the longer the better—and should include numbers, symbols, and letters. You should avoid using dictionary words or common phrases. Ideally, you should use a different password for each of your accounts.
Of course, it’s not easy to remember that many complicated passwords, so we recommend you start using a password manager. It remembers your passwords for you, so you only have to remember one master password (make it a good one!). Password managers can even generate random passwords for you to further strengthen your security. With strong passwords in place, it will be much harder for anyone to steal your identity by guessing or brute-force attacking.
Enable two-factor authentication
Two-factor or multifactor authentication requires multiple factors to verify your identity to prevent thieves from logging in to your accounts. Generally, these steps include a knowledge factor—your password—plus a possession factor—a unique item in your possession, like your cellphone. For example, you might log in with your password and then be asked to provide a code that was texted to your phone. As long as you have your phone, no one else will have the means to log in as you.
Use multifactor authentication plus a strong password to keep your accounts safe. Many sites have already adopted two-factor authentication, so you can go ahead and enable it on your email, your social networks, your banks, and even many store accounts. If an organization doesn’t offer two-step authentication, consider reaching out to request it. In this day and age, it’s a vital part of internet security.
Install antivirus software
With your accounts protected by passwords and two-step authentication, you’ll want to make sure your computer remains free of any viruses or spyware that could compromise that protection. You don’t want to use a password manager only to find out that someone has compromised your master password with malicious keystroke-logging spyware.
Make sure your computer stays clean by installing antivirus software. Once you’ve installed your service of choice, scan your computer frequently. Remember, security threats change and evolve, so keep your antivirus software up to date at all times if you want to stay protected.
Learn to spot phishing scams
Viruses and hackers are real threats, but you might be surprised that identity theft often occurs after someone voluntarily gives over their personal information. That’s because phishing scams imitate companies or people you know and trust. Phishers might send an email asking you to update or verify your account. You click a link, fill in some information, and give thieves everything they need to steal your identity.
These phishing scams often look legitimate, so you must learn how to spot a fake. Look at the email address: does it include the correct domain for the company? Hover over any links: does the text URL match the destination URL? When in doubt, contact the company via phone or its website—but be sure to get its number or web address from Google, and not the potentially fake email. Don’t ever share information if you’re not sure you can trust the recipient.
Use only secure connections
Even if you’re sure you’re sharing your info with a legitimate service, be careful how you share it. If you’re using public Wi-Fi, everything you send over the connection—like your passwords, credit card number, or Social Security number—could be intercepted and stolen. Avoid using public Wi-Fi, and send sensitive information only when you’re certain you’re using a secure private connection.
Likewise, if you’re submitting personal information online, ensure the URL begins with “https” instead of “http.” The “https” indicates an encrypted connection, which helps keep your information safe from hackers. You should also see a small green lock next to the URL. If you don’t see the “https” or the lock, think twice before submitting sensitive information.
Guard your personal details
Speaking of sensitive information, watch what you post to social media. Update your privacy settings and remove unnecessary contact information from your profile. Even if you let only your friends see your profile, think twice before posting personal details. If identity thieves get access to a friend’s account, they get access to whatever you post as well.
Of course, you know not to post your SSN or credit card number on Facebook, but watch out for seemingly innocent games that get you to reveal other personal details. For example, if you respond to a post urging you to “find your soap opera name” by combining your pet’s name and the street you grew up on, you’ve just told everyone answers to two common security questions. If you don’t want to inadvertently help thieves steal your identity, keep the personal information to a minimum.
Detect identity theft
Despite your best efforts, you could still become a victim of identity theft. The sooner you spot this theft, the better off you’ll be. Keep an eye on your identity with the following steps.
Check your credit report
Get a copy of your credit report from an official credit bureau (TransUnion, Equifax, or Experian) and look for any suspicious activity. For example, are there credit cards you didn’t open? A loan you didn’t take out? Unfamiliar activity will indicate that your identity has been compromised.
By law, each credit agency is required to give you a free copy of your credit report once every 12 months, if you request it. Consider looking at one every four months, alternating bureaus, so you can get a detailed picture of your credit activity on a regular basis. In the meantime, watch your credit score for unexpected changes.
Monitor your bank statements
Much like your credit report, your banking statements can reveal unusual activity from identity theft. Check your debit and credit card bills to ensure you recognize all the charges. If you see transactions you don’t recognize, that could mean your identity has been stolen.
Pay attention to data breaches
As you’ve likely noticed, there have been some bad data breaches lately. From Equifax to Target to Yahoo, hackers have stolen valuable user information collected by companies. Even if you carefully protect your identity, a data breach can compromise your identity.
If you hear about a data breach of a company you use, watch your accounts even more closely than usual. Change your passwords immediately. If you know your data was included in the breach, you might even want to place a preventive freeze on your credit. If you’re proactive, you may be able to prevent thieves from using your stolen identity.
Get identity theft protection
For an extra layer of protection, use a service that monitors your identity for you. Identity theft protection services can monitor everything from your bank account balance to your credit report to your medical records. If there’s suspicious activity, your service will alert you and help you mitigate the damage.
Respond to identity theft
If you determine that you’re a victim of identity theft, respond quickly to prevent further damage. Mostly, this means contacting various organizations. Here are the ones you should get in touch with first.
File a police report
Call your local police to file an identity theft report. Some banks and credit bureaus require a police report to be filed before they’ll help you dispute fraudulent charges, so do this ASAP. Plus, your police department can give you additional advice on how to proceed after identity theft.
Alert the FTC
You can report identity theft to the Federal Trade Commission at identitytheft.gov. You’ll provide the organization with whatever details you have. In return, the FTC will provide you with a personalized plan to address your identity theft. Your plan will tell you which agencies to contact, and it will even provide you with letters you can send. Alerting the FTC will help you ensure you’re doing everything possible to address the theft.
Place a fraud alert
A fraud alert on your credit report signals to creditors that your identity has been compromised so they can take precautions to ensure you are who you say you are. This helps prevent identity thieves from using your credit to do things like take out a loan in your name, file a fraudulent tax return, or even commit a crime using your identity.
To place a fraud alert, contact any of the three credit bureaus. When you place a fraud alert with one bureau, it should automatically alert the other two. Your fraud alert will last for 90 days. For a more permanent solution, consider freezing your credit. This will prevent any new lines of credit in your name. Contact each bureau individually to put a credit freeze in place.
Notify your bank
Contact your bank and any other financial institutions to let them know about your identity theft. Ask to speak with the fraud department—it can help you dispute and remove any fraudulent charges on your account. In most cases, you’ll want to close affected bank accounts and open new ones. When you do so, make sure to update any billing accounts that rely on automatic payments.
Contact the SSA
If your Social Security number has been stolen, call the Social Security Administration. Keep in mind that the SSA doesn’t give out new SSNs easily—you’ll have to provide evidence that someone else is using your number and that their use is damaging. If you have that kind of evidence, then a new SSN can help you recover from identity theft. Otherwise, keep an eye on your credit report and be sure to file your taxes early so no one can use your SSN to claim your tax return.
It’s never too late to start protecting yourself
The sad truth is that identity theft is becoming increasingly common. Millions of Americans have their identity stolen each year, and the effects can be devastating. While you can’t guarantee your identity will never be stolen, the steps in this article will help to lessen your risk of identity theft and will help you recover faster if it does happen to you. Stay safe out there!
What other tips do you have to keep your identity safe?
