7 Ways to Protect Your Identity Online
Identity theft translates to big business for fraudsters. In 2016, identity thieves netted an all time high of $16 billion from falsely impersonating 15.4 million individuals in the U.S.
While the adoption of EMV chips has reduced point of sale and counterfeit card fraud, fraudsters are now turning their efforts to opening fraudulent accounts for credit cards and other financial products using misattributed personal information. This combined with the increasing popularity of online shopping has resulted in a 40% increase in fraudulent card not present transactions in 2016.
While fraudsters may be changing their methods and tactics, fortunately there are steps consumers can take to reduce the risks and damages of identity theft. Here are seven ways you can help protect your identity:
1. Turn on 2-Factor Authentication
Many sites and services now offer 2-Factor Authentication (2FA) for extra security. This authentication makes it so that every time you log in from a new device, change your password, or perform some other activity with your account, you need to enter your password along with a code sent to a physical device, usually your phone, to proceed.
This makes it so that someone trying to access your account must have both your password and your device. The 2FA is not always the default setting, so you may have to opt into it in the account settings manually.
2. Be careful with what you share on social media
Information shared on Facebook, Twitter, Linkedin, and other social media sites can be used by thieves to identify information such as your birthdate, hometown, high school, employer and other sensitive information useful in answering security questions or opening fraudulent accounts in your name.
In fact, a team of researchers at Carnegie Mellon University were able to predict social security numbers given just people’s birthdays and hometowns. Along with not sharing too much, you should also set your privacy settings to the highest level for your social media accounts. We are in the information age, but be careful what information you are sharing!
3. Use strong passwords
Having a secure password is perhaps one of the easiest ways to protect yourself online, yet people still resort to simple and common passwords for their accounts. An analysis of 5 million leaked passwords in 2016 (yes, 5 million) revealed that the top 3 worst passwords were “123456”, “password”, and “12345”.
The full list of terrible passwords can be found at teamsid.com. If you use any of these, change it right now. Someone who can guess the password to your email may gain access to whatever personal information is in your inbox. General tips for creating passwords include the following:
- Make them least 12 characters long
- Mix of upper and lowercase letters, symbols, and numbers
- Avoid using personal information such as names of family members or your address.
- Read the full guide for creating passwords at lifewire.com.
4. Change up your password
It is important to not to use the same password for multiple sites. If a hacker obtains your password for one account, they may be able to access other accounts you use with the same password. If you have trouble remembering all your passwords for different accounts, there are free programs such as DashLane, 1Password, and LastPass that can manage your passwords for you.
5. Check if any sites you use have been hacked
With so many websites and companies being hacked, it is important to know if your personal information was compromised. This is easier than it sounds thanks to haveibeenpwned.com. All you have to do is type in your email address, and the site will automatically tell you if your email was involved in a data breach, along with what other info was leaked, i.e. passwords.
Furthermore, the recent revelation last month of the Cloudflare breach means that if you have accounts with URLs on this list, there is a chance your data was leaked. If you use sites that show up on either haveibeenpwned.com or the list of sites in the Cloudflare breach list, consider changing your passwords and setting up 2FA.
6. Periodically check your credit report
The increase of online identity fraud affects your credit report too. If a hacker gets hold of your personal information, they can try to take out new lines of credit in your name. This is why it is essential to look at your credit report regularly for errors. There is only one place to get your free, federally mandated credit reports, which is through AnnualCreditReport.com.
You can also keep track of changes to your credit score through a free credit monitoring site, like Credit Karma. If you notice an error or fraudulent mark on your credit report, contact the three credit reporting companies. Here is a list of the three companies and their contact info.
7. Set fraud alerts on your credit profile if you suspect you are a victim of identity theft
If you feel as if your personal information has been stolen or compromised, you can set a fraud alert on your credit profile.
Fraud alerts require creditors to verify your identity, usually by calling a phone number of your choice, before pulling your credit report and decisioning the loan application. The following table summarizes the three types of fraud alerts you can set:
Fraud alerts can be set by contacting any one of the three major credit bureaus below and they are required by law to inform the other two of your decision:
In summary:
- Limit what you share on social media
- Set strong passwords. lifewire.com has a guide on setting strong passwords. Change your passwords immediately if they are on this list.
- Don’t use the same passwords for multiple sites and accounts. Use a password manager like DashLane, 1Password, or LastPass.
- Activate 2-Factor Authentication if it is available
- Check if any sites you use have been hacked using https://haveibeenpwned.com/ and this list.
- Check your credit report every few months for unauthorized credit inquiries by using https://www.creditkarma.com/
- Set fraud alerts on your credit profile if you suspect you are a victim of identity theft.
