How does it work?
Identity theft is closely linked to phishing and other social engineering techniques that are often used to pry sensitive information from the victim. Public profiles on social networks or other popular online services can also be used as the source of data, helping criminals to impersonate their targets.
When identity thieves have collected such information, they can use it to order goods, take over the victims’ online accounts or take legal action in their name. In the short term, affected individuals can suffer financial loss due to unauthorized withdrawals and purchases made in their names.
How to protect yourself from identity theft
- Secure your connection: If you are going to use your personal information online, make sure you do so only when your connection is secure – preferably via home or corporate network or cellular data. If possible, avoid public Wi-Fi with no password protection. Should you have no other choice, use a virtual private network (VPN) that will encrypt all your communication and thus protect you from eavesdropping criminals.
- Keep your devices secure: Protect your laptop, smartphone and tablet from malicious software and attackers by using a reliable, multi-layered, up-to-date security solution.
- Stay away from suspicious messages and sites: Visit our pages about spam and phishing to learn how to spot social engineering attacks that are after your sensitive data.
- Maintain good password hygiene: Create strong passwords that are long, hard to guess, and unique. You can also use passphrases as they are easier to remember, or keep all your passwords in a password manager, to store them more securely. To add another layer of protection to your passwords, use two-factor authentication wherever and whenever possible. One important note: Never reuse any password for multiple accounts or services. This way, even if attackers are able to obtain this password, the damage they can cause is limited only to the compromised account (or service).
- Monitor your bank and credit accounts: Check your online banking account and credit scores regularly for suspicious activity. This might help you uncover an attack before it causes extensive damage to your finances or reputation. Also, set limits for your transactions to prevent any misuse of your money.
- Be careful with sensitive data: If you want to throw away any physical documents that contain personal information, make sure you discard them in a safe manner – by making them unrecoverable or by shredding them. A similar logic applies to your electronic devices: When selling or disposing of old smartphones, tablets or laptops, make sure you have wiped all the sensitive data they stored.
- Don’t overshare: In an era where most users have multiple social media accounts, oversharing can be a serious problem. Even more so when the posts, photos or videos contain sensitive information that might be misused to impersonate you – such as your ID, purchase orders, flight tickets or any similar documents. Avoid posting any of these, as well as too many details about your personal life and history, which could be misused by the crooks to act in your name.
- Credit monitoring and freezes: US users can ask for a credit freeze that will restrict access to their credit reports, making it more difficult for the identity thieves to misuse the stolen information. Another way to go is to select one of the credit monitoring services that watch for signs that someone is misusing your personal data. Users outside the US can check online whether there are similar services available in their region (UK users can read more here).