What identity theft is and best ways to protect yourself

Identity theft is when someone steals your personal information – like your name, Social Security number (SSN), identification number (ID), or financial details – and uses this information to commit fraud.

Examples of identity theft include using your credit card to buy items, faking a mortgage application, taking out a lease, or applying for a passport in your name. These fraudulent activities can damage your credit status, and restoring your reputation can take a while.

The most effective way to protect yourself from identity theft is to exercise caution in your everyday activities and use a combination of cybersecurity tools. While you will find many specialized identity theft protection solutions online, they are typically reactive rather than preventative.

These may mean securing your internet connection with a trusted VPN, using an antivirus on your devices, choosing strong passwords, and maybe opting for identity theft insurance that’ll help you in the worst-case scenario.

Identity theft protection is an umbrella term for any service that helps protect people from identity theft.

Identity theft solutions vary in scope. Some companies will monitor your credit card report and send you activity notifications. Others offer more comprehensive coverage, including detailed reports and helping you recover your stolen identity. For example, the company may take care of replacing your credit or debit card and credentials that someone has stolen.

However, identity theft protection solutions don’t prevent your personal data from being stolen. They will notify you once it has already happened, helping you detect fraud quickly. That said, identity theft prevention is vital – and it lies with you.

According to a study by NordVPN, hackers can earn as much as $17.3 million from stolen personal data by selling it on the dark web. Thieves can steal your identity from any place that contains your personal information, like unsecured websites, corporate and government databases, pieces of mail, social media, and cyberattacks. This information may include your birthdate, fingerprints and DNA profile, driver’s license number, SSN, and bank details.

Unfortunately, the chances of becoming a victim of identity fraud are high – especially if you live in the US. If we combine statistics from a 2019 Javelin Strategy & Research report with identity fraud complaints collected by the FTC, we can see how prevalent this crime has become.

In 2020 alone, identity fraud resulted in losses of more than $56 billion. The amount of cash stolen seems to be directly linked to and driven by the COVID-19 pandemic. Of the $400 million lost in COVID scams, 70% has been attributed to identity theft.

Analyzing the statistics, we can see that a lot of identity fraud requires socially engineered campaigns to exploit the vulnerable and unfortunate. The techniques hackers use to steal your private information are specifically made to play into a victim’s fears.

One of the main examples of socially engineered campaigns is clear in America — phony government benefits. Stimulus checks have become a feature of life in the US during the pandemic. And it’s easy to see why so many fall victim to stimulus scams; when an email comes through offering a life-saving cash injection and all you have to do is enter your name, address, and bank details, you might not think twice.

Several types of identity theft exist. Let’s look at some of the most common ones:

• Financial identity theft. Fraudsters may use your financial information to make purchases or steal funds from your account. Financial identity theft may also include criminals opening new accounts using a stolen SSN or other personal data.
• Criminal identity theft. An example of this is when an individual arrested by law enforcement uses someone else’s name instead of their own. They can do that with a fake or stolen ID. Criminal identity theft could result in you receiving court summons or having background checks issued based on a false criminal record.
• Medical identity theft. When a criminal poses as someone else to obtain health care services, they’re committing medical identity theft. They may use your financial information to get prescription drugs, access medical care and services, or obtain medical supplies.
• Synthetic identity theft. Sometimes criminals create fake identities using real people’s information, such as their birthdates, addresses, and SSNs. They may use this persona to apply for credit cards and loans or commit other financial fraud.
• Child identity theft. Thieves may use a minor’s information to commit fraud, like applying for a line of credit or opening a new account. Unfortunately, this type of identity theft is most commonly committed by a relative with access to the child’s personal information.

Data breaches

A data breach occurs when someone gains unauthorized access to a company’s data. The hottest commodities for hackers are full names, credit card numbers, and Social Security numbers. There were 540 data breaches in 2020 involving businesses, hospitals, government services, and millions of citizens’ private information, most of which is sold on the dark web for a few dollars.

Unsecured browsing

Avoid websites without the S in “https” in their URL. “S” stands for secure, which means that the site encrypts visitors’ information. Unsecured sites will leak your information to hackers lurking in the network, or sometimes to the shady owner of the website itself. Also, avoid public Wi-Fi, as it’s rarely secured. You can also increase your level of anonymity by choosing a more anonymous browsing option. If you want to secure your connection, use a VPN (short for Virtual Private Network).

Caller ID spoofing

This is when a scammer changes their caller ID to make you think it’s your bank, for example. After making up a bogus scenario, they’ll demand your banking details, personal information, and anything else they desire. To soothe any concerns, hang up and call your bank directly.

Mail theft

Long before most things went digital, identity thieves intercepted the postal system, hoping to find credit cards, bank statements, and other personal documents. Avoid sending personal information in the mail and always shred important documents — dumpster diving attacks are not beneath an identity thief.

Card skimming

Did you know that your card could get cloned at an ATM (automated teller machine)? Identity thieves place a skimming device over the card slot that reads the information from the card’s magnetic strip and transmits it back to the scammer. Your details can then be used to make purchases. It’s worth educating your children about card skimming and identity theft.

By now, you can probably see how easy it is to get your identity stolen. But how do you know if it actually happened? Here’s what to look out for:

• You’re denied credit despite having an excellent credit rating. Your credit score will have suffered if scammers took out loans in your name. Use a credit monitoring service and keep an eye on any sudden drops in your credit score.
• You stop getting your bills by mail. This could be a sign that your sensitive mail is being stolen through the postal service, which can lead to identity theft.
• You’ve been informed that you’ve been part of a data breach. Your logins or other personal information could have been stolen from a company’s database and used to commit fraud. You can see if you’ve been part of any online data breaches by typing in your email address here.
• You get an email from an organization that says your account has been recently accessed – but it wasn’t you.You should never ignore suspicious activity. Go to your account and change your login credentials as soon as you can. You may also want to enable MFA, if available.
• Your telephone calling card runs out of money more quickly than usual. Fraudsters may also target international calling cards or online accounts. When it comes to calling cards, they don’t need to get hold of the actual card – just memorizing the authorization code is enough.
• You notice unusual activity on your online accounts. Don’t ignore any suspicious transactions on all your online accounts (e.g., accounts you use to make purchases online). The quicker you act, the less damage the thieves will be able to inflict.
• You notice unusual bank transactions on your statement. Even small, unusual transactions should be taken seriously, especially since scammers will avoid taking large amounts to remain covert.

By the time an identity theft protection app has notified you of suspicious activity, it could be too late. If you want to know how to prevent identity theft, here are 6 quick tips to protect your identity:

1. Use impenetrable passwords: Use different passwords for each account and store your passwords in an encrypted password manager (never in your browser). Simple tip: a 10-character password can be cracked in a few months in a brute force attack, and a 12-mixed-character password takes about 200 years – not bad for two extra letters.
2. Download your bank’s app: Use it to track your money, paying particular attention to any unusual deductions. Your app will notify you of every transaction in real time anyway – just make sure to look.
3. Respond to data breaches: Change your username and password immediately if a company informs you that your details were involved in a data breach. If you’ve used the same one elsewhere, change it there too.
4. Keep an eye on your credit score If you’re already keeping on top of your finances, checking your score won’t hurt you. You can check your credit score online for free. Any sudden drops in your score could indicate your identity was used for fraudulent loans.
5. Use a VPN: Wherever you go online, your information is at risk. The NordVPN app, for example, instantly encrypts your traffic so it can’t be intercepted and hides your IP address for online privacy. It also makes public Wi-Fi secure when you’re out and about (which is why you need a VPN on your phone) and can help reduce spam ads, which are often loaded with malware.
6. Use Threat Protection. If a hacker wants to steal your identity, they can start by infecting your device with crimeware, and then use the it to spy on you and your personal data. To protect yourself from these threats, use Threat Protection, NordVPN’s advanced cybersecurity system. Along with the anti-phishing solutions, it will help you avoid websites that are known to cause crimeware or other malware infections, as well as increasing your overall privacy and security levels.

The best identity protection is vigilance, which is essentially what identity theft protection apps offer. If you secure your personal information online with a VPN, use super-strong passwords and pay attention to your finances — you’ll have much less to worry about.

The most important thing to do is to act quickly. There are a few things you can do in response to your identity theft:

1. Report identity theft. The first thing to do is report that you’ve become a victim of identity theft to the authorities. If you live in the U.S., you can report ID theft to the Federal Trade Commission (FTC) by going to IdentityTheft.gov or calling 1-877-438-4338. The FTC will collect all the necessary details and advise you on what to do next.
2. Notify the affected companies and banks. Most companies now have fraud departments. Contact the companies where you know the fraud occurred and let them know. In such cases, they may close or freeze your accounts until further notice. Beware that there is a small window for you to report fraud to your bank, especially if you’re hoping to get your money reimbursed.
3. Change your logins, passwords, and PINs. It’s important to stop the fraudsters from accessing your accounts. Make sure you reset important passwords quickly and securely.
4. Contact your local police department. While this step isn’t always required, you may choose to report identity theft to the police. Doing so is particularly important if you know who committed the theft or if your identity was fraudulently used in an encounter with the police (i.e., it was a criminal identity theft).

FAQ

Is it worth getting identity theft protection?

Yes, it is worth getting identity theft protection if you need help with early fraud detection. However, identity theft protection services are typically reactive rather than preventative. It’s best to take the situation into your own hands and do everything you can to prevent identity theft from happening in the first place.

How much does identity theft protection software cost?

The price of identity theft protection software varies and can cost anywhere between $10 and $40 per month. Some advanced identity theft protection services may cost even more.

Are identity theft protection services safe?

Yes, if you choose a reliable provider that takes user safety and security very seriously.