This is a guest post by Rei Onishi.
One day you open up your credit card statement and notice you’ve been charged $5,500 for a new computer system and stereo you never bought three weeks ago and $400 worth of international phone calls you never made. You soon learn that someone armed with nothing more than your name and a set of unique identifier numbers was able to rip off your identity and successfully convince people that they were you.
(This absurd picture taken from http://www.law.state.ky.us/news/idtheftphotos.htm.)
If you’ve been following the news in the last few months, nightmarish stories like this have become increasingly common. Identity theft—essentially, when a thief gathers enough information to pretend to be you—is the hottest new crime. It’s smart, difficult for police to catch, bloodless, and potentially a gold mine in terms of the payoff to the perpetrator. Last year, it’s estimated that between 7 and 10 million Americans were victims of identity theft.
The dramatically increased ability over the last couple years to do practically any kind of business transaction instantaneously over the Internet or phone has opened up countless new opportunities for others to be you. Out are the fancy mustache, dyed hair, voice adjustments, and artfully counterfeited ID of a Hitchcock film. In are database breaches, dumpster diving, profiling, and good old-fashioned mailbox break-ins.
With access to just a few pieces of personal information, such as your name, birth date, and Social Security number, a thief can open bank accounts, take out loans, cash in on government benefits, even commit fraud—all in your name.
The damage, when it’s discovered, can destroy your credit, ruin your financial security, or even land you in court for crimes you didn’t commit.
Luckily, unlike a lot of other crimes, a little bit of knowledge of how the bad guys work, regular vigilance, and of course a good dose of common sense can significantly reduce your risk of falling prey to even the most sophisticated identity thieves.
The 5 Things You Didn’t Know About Identity Theft
1. Unless you’re starting a new job or dealing with a financial institution like a bank, it’s unlikely anyone needs your Social Security number. This is the number many places use to verify that you’re really you. Lose it, and you’ve lost one of the best ways you have protect your identity. Never give it out unless you need to. And as a general rule, never give it out over the phone during a call you did not initiate.
2. Just because your personal information is in a “secured database” doesn’t mean it’s safe. Based on the most recent statistics, breaching, or gaining unauthorized access to, a “secured database” appears to be remarkably easy. In just the last five months, over 50 million Americans, or about 1 in 6 Americans, have had their personal information—things like Social Security numbers, credit cards numbers, birth dates—breached from a database. Businesses have been known to sell your information to identity thieves posing as businessmen; universities have been known to leave laptops loaded with their students’ unencrypted data lying around in places where they get stolen; and government databases have been hacked into on a regular basis. Even if you are really careful with your information, there are probably plenty of other people who are not.
3. Your trash is a gold mine. It’s probably all there, if anyone wants to rummage through your discarded credit cards, bank statements, and bills. Think about it: would it be that hard for a determined “dumpster diver” to find your name, address, birth date, phone number, credit card number, bank account number, or maybe even your Social Security number somewhere in all those candy wrappers and banana peels? Get a cross-cut shredder for those papers you don’t need and shred, shred, and shred some more.
4. “Phishing” provides identity thieves with one of the easiest ways to “catch” your personal information. Have you ever received an email warning you that if you did not immediately click the link given and update your personal account information, you would lose a service? Then you’ve probably been invited on a “phishing” expedition. Phishing is when identity thieves lure unsuspecting people (usually with email messages) to fraudulent websites disguised as those of trusted companies to access their personal information. They can be deviously clever but are in practice fairly easy to spot if you know the right signs. Do they threaten you? Do they ask you to click on a link and enter your personal information? Do they have a lot of spelling mistakes, awkward grammar, or irregular capitalization? Then don’t go phishing!
5. The government can help. Yes, that’s right, the government can actually be the solution, not the problem. And not just the police. Your elected representatives, both at the state and federal levels, can work wonders by passing stronger legislation to punish bad behavior and make sure businesses do more to protect your personal information. But only if there’s strong support for such actions, which many businesses oppose. So call and/or write your legislator and make your voice heard. Support those lawmakers looking to address the problem and get the word out to other people about which lawmakers are helping the cause and which are not.
Coming up tomorrow:
- How to protect yourself
- What to do when you’ve been victimized
(If you have questions, email me or add a comment here and I’ll see that Rei gets it. -Ramit)