Lots of us have seen and reported fraudulent charges on credit cards. In those cases, cancelling and replacing the credit cards usually solves the problem.
Identity theft is a different and more severe type of fraud because what has been stolen — your social security number, for example — can’t be changed or replaced.
Identity theft is when someone steals your personal information, from your social security number to your date of birth, and uses it themselves. Often, thieves use this information to apply for credit cards, steal your tax refund, or buy things in your name.
In the digital age, completely protecting your data is difficult if not impossible. But there are steps you can take to make it harder for someone to steal this information and to respond quickly if they do.
Create Super-Secure Passwords
Most of us have dozens or even hundreds of online accounts. And over the years, lots of those accounts have been compromised in data breaches. In some cases, companies notify customers right away; in other cases, you may not know that your information has been stolen. To find out more about whether your email addresses, usernames or passwords have been compromised, visit Have I Been Pwned.
If you use the same username and password for everything, then once that password has been compromised, hackers can use it to gain access to all kinds of information.
The best way to thwart hackers is to use a different, complex password for every account.
Most browsers will automatically generate long combinations of numbers, letters and characters that you can use as passwords when you create new accounts. Accept these suggestions rather than defaulting to the old password you’ve used for years.
Then, store those passwords using an encrypted password manager like LastPass. Most password managers are available across devices, so if you create a password on your phone, you can access it later from your laptop or vice versa. This way, you don’t need to memorize your new passwords or even write them down — they’ll be securely stored in the password manager.
Setting up a password manager can be a little bit of a hassle on the front end, but once it’s done and the habit is established, it brings a lot of peace of mind. You can store secure passwords easily and never worry about forgetting them.
Set Up Two-Factor Authentication
Once you have secure passwords stored safely in a password manager, set up two-factor authentication for all of your financial accounts.
With two-factor authentication, you log in using your username and password. Then the website or app asks you to confirm that it’s really you, either by sending you a code via text message or asking you to use biometrics (your fingerprint or Face ID) on your phone.
Two-factor authentication is important because, if your password is stolen, this second step will prevent the thief from accessing your account. Also, if you get an authentication code you didn’t ask for, it can be an early clue that someone is trying to get into your account.
Always Freeze Your Credit
Everyone in the U.S. is entitled to one free credit report annually from each of the three credit bureaus: Equifax, Experian, and TransUnion. (You can get yours by visiting annualcreditreport.com.) If you don’t already make a habit of checking your credit reports regularly, add a calendar reminder so you’ll remember to do so three times a year.
Freezing your credit restricts access to these credit reports. When your credit is frozen, potential creditors can’t see your credit history, and no one can open a new line of credit in your name.
Always keep your credit, and that of your spouse or partner and kids, frozen. You can temporarily lift the freeze when you’re applying for a loan or credit card. But by keeping it in place all the time, you’ll prevent thieves from opening new lines of credit. And if your credit is frozen when they try to access it, you could be less of a target for future attacks.
Set Up Text Alerts For Your Credit Cards
Credit card theft is extremely common. While it’s not the same thing as identity theft, it can be annoying — so while you’re tightening security on your other accounts, do so on your credit cards too.
Almost all credit cards offer some kind of fraud alert via text or email. When they suspect fraud or notice big purchases, the company will send you an alert and ask you to confirm that the purchase was yours. If you see any spending you don’t recognize, you can dispute the charge and cancel the card if it’s been compromised.
This is a big perk of using a credit card over a debit card. With debit cards, you have a particular window — usually around 30 days — to report fraud and then you’re out of luck. With credit cards, you have a much bigger window of time to report a fraudulent transaction and get it fully refunded.
Shred Your Personal Documents
Believe it or not, people can still go through your trash and steal personal information the old-fashioned way. Shred all the personal documents you throw away, including credit card statements, utility bills, mortgage statements, and invitations to apply for credit cards.
To be extra secure, use a cross-cut shredder (also known as a confetti-cut, diamond-cut, or criss-cross-cut shredder). Documents shredded into strips can still be reassembled. Cross-cut shredders, on the other hand, make that almost impossible.
Take Your Security Seriously, All The Time
On top of all this, don’t forget about basic cybersecurity measures. Don’t check your financial accounts while on public WiFi networks unless you’re using a VPN (I like Encrypt.me). Beware of phishing emails.
All these measures — secure passwords, two-factor authentication, freezing your credit, shredding your documents — will create little inconveniences along the way. It might be kind of annoying when you have to make a phone call before you apply for a new credit card, for instance. But if it helps prevent identity theft, it’s worth it.