Count yourself lucky if no one has tried to steal your good name. Cyber crooks are becoming ever more organized and sophisticated.
To stay safe, it's not enough these days to ignore e-mails from widows of African dictators and those alerts that your eBay account (or your bank account) has been frozen. It's time to get serious about safeguarding your personal information.
| Row 0 - Cell 0 | VIDEO: Protect Your Debit Card |
| Row 1 - Cell 0 | VIDEO: How ID Thieves Target the Deceased |
| Row 2 - Cell 0 | Fraud Alert vs. Credit Freeze |
| Row 3 - Cell 0 | Protection You Don't Need |
Instead of just phishing, thieves are "spear phishing," gathering details to add credibility when they send you a bogus pitch. MySpace and Facebook are fertile fields. "Through social networking, criminals are getting very smart in doing research on individuals," says Ron Teixeira, of the National Cyber Security Alliance, which includes the Department of Homeland Security, the Federal Trade Commission and major Internet companies. The thieves' goal is to use one of your interests to lower your defenses.
From just $107.88 $24.99 for Kiplinger Personal Finance
Become a smarter, better informed investor. Subscribe from just $107.88 $24.99, plus get up to 4 Special Issues
Sign up for Kiplinger’s Free Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
Say you're job-hunting. Crooks posing as recruiters find your resume and send an e-mail asking for your Social Security number and other information, ostensibly for a background check. Then they open a credit-card account in your name and spend to the limit.
Or you're on the road and eager to pay some bills from your bank account so you don't miss a deadline. There's a free Internet hookup in your hotel, right beside the coffee and croissants. Don't use it. Thieves are known to load keystroke loggers on hotel computers so they can gather your access codes.
There's more. Fake IRS e-mails about tax refunds go out by the millions in an effort to grab your Social Security number. So do requests for donations from charities that look legitimate but just want to get your credit-card number. And now crooks are making the most of the electionsQsending e-mails requesting campaign donations, or setting up look-alike Web sites to collect credit-card numbers and other personal information. Thieves even steal health-insurance codes to get treatment at your expense.
And what about those e-mails and phone calls claiming to be from your bank, warning that your account has been compromised? That's a ploy to get you to call a number that turns out to be the crooks' phone bank.
Computers, credit reports, bank accounts, your wallet and your home are all potential security leaks. We'll tell you how to plug each of them.
Your Computer
This is one of the easiest targets to secure. Three types of programs make a big difference, and you may already have some or all of them. The first is antivirus software. Next is a firewall to guard the stream of information that flows through your Internet connection. Then there's anti-spyware software, which scans for surveillance programs that monitor your keystrokes.
Make sure you keep the software current. Many security programs now update automatically, but check about once a week, especially if you aren't online very often. (For more information on defensive software, go to www.staysafeonline.org, or read "Protect Your PC," July 2007.)
When you're replying or posting to a site, don't use a link that's included in an e-mail, which can easily be faked. Instead, type the correct address yourself. Make sure that "https://" appears in the URL before you send credit-card numbers. "It isn't foolproof, but the bad guys generally don't go through the pain and suffering of getting a security certificate," says Bill Rosenkrantz, of Symantec, which makes Norton security software.
If you're suspicious of an e-mail or phone call from your bank or credit-card company, call the customer-service number on the back of your card or bill. That's safer than clicking on a link or calling a number that you've been given.
And be careful about providing details about yourself on a social-networking site. "Don't disclose your date of birth or other information that could lead someone to piece together enough information to impersonate you," says Susan Grant, of the Consumer Federation of America.
Avoid accessing bank or investment accounts in public. "You shouldn't be logging in to sensitive stuff at a public Wi-Fi hot spot," says Rosenkrantz. "Crooks can hijack that network and replace some of the entries," he says, sending your information to criminals.
[page break]
Your Credit Report
Monitoring your credit report will tip you off that someone is impersonating you when you least expect it. "You could have your wallet stolen today, and it may be two years before your information percolates through the bad guys' hands to the person who eventually tries to use it," says Sally Hurme, of AARP Financial Security.
You can get one free credit report a year from each of the three credit bureaus by going to www.annualcreditreport.com. Stagger your requests so you can get a report from one of the bureaus every four months.
Ask lenders about any strange activity, and look carefully at cards you haven't used for a while. Be suspicious of mistakes that appear minor. "When my clients tell me something odd is going on, one of the first things I look at is the address on their credit report," says Mark Fullbright, a fraud specialist with Identity Theft 911, an ID-theft-resolution service. Thieves often change the billing address so you won't know if your bank sends out a letter alerting you to a problem.
You can place an initial fraud alert on your credit report if you're worried that you have beenQor could beQthe victim of identity theft. That's a good idea if you see any suspicious activity on your report or bills, if your wallet or other information has been stolen, if you've been the victim of a security breach, or even if you're concerned that you've revealed too much personal information.
A fraud alert requires lenders to take extra steps, such as calling you at a phone number you provide, to verify your identity before granting credit in your name. To place a 90-day alert, which you can renew indefinitely, contact one of the three credit bureaus (Equifax.com, Experian.com or Trans-Union.com). Any one of them will notify the others.
Fraud alerts, however, aren't foolproof. For extra protection, you can request a credit freeze, which blocks potential lenders from getting access to your credit report without your authorization. The ability to request a credit freeze may be new to you because this tool became available in all states only last November. Your current creditors are exempt from the freeze, and you can use a PIN or password to open your file for certain lenders or for a certain time period if you apply for credit.
To be secure, you need to freeze your record at all three bureaus. Costs vary by state, but expect to pay $10 to freeze your account at each bureau and another $10 to lift the freeze, even temporarily. The charge is usually waived for victims of identity theft, and some states offer freezes at no charge to residents older than 65.
It can take as little as 15 minutes or as long as three days to lift a freeze, depending on the state. That makes the procedure inconvenient if you need to make a purchase with no advance planning.
Because of the time and money involved, a freeze may not be worth it if you're about to apply for new credit. But it can offer effective protection for someone who is particularly worried about ID theftQespecially seniors who can't check their records regularly and people whose information has been stolen in a security breach. "We think it is a good, proactive step to take," says Christine Nielsen, assistant attorney general in the Illinois consumer-fraud bureau.
Your Home and Wallet
Plenty of personal information is still stolen by digging through Dumpsters, raiding mailboxes and copying credit-card numbers in a restaurant. Your wallet or purse can be a thief's ultimate prize. "The old scams are still out there, and they work," says Fullbright.
Know when your bills and statements usually arrive, and call the creditor if one is more than a week late. A thief could have changed your address.
Check your credit-card and bank records online to spot any suspicious activity long before your monthly statement arrives. Some clues are very subtle. "Thieves sometimes skim your credit cards and test them by making a $1 contribution to a charity," says Adam Levin, chairman of Identity Theft 911. "That's how they put a toe in the water."
Shred personal information that includes your credit-card number, bank account or Social Security number. Lock your mailbox and don't leave outgoing mail in the box. And teach your kids at college to take the same precautions online and around campus. "We see a tremendous number of security breaches in educational institutions," says Paul Stephens, of the Privacy Rights Clearinghouse.
Slim down your wallet to just one or two credit cards and essential IDs. There's no need to carry your Social Security card unless you expect that you'll have to show it.
Some security experts recommend that you ask your bank for an ATM card that does not double as a Visa or MasterCard. In one scam, crooks install a scanning device in a supermarket, gas station or restaurant checkout that transmits the information from the magnetic strip on your card and can be used to copy the card. "You have individuals who have not lost their card and think everything is fine, then all of a sudden they see suspicious charges on their bills," says Stephens.
When your credit-card number is used without your permission, you have 60 days to report the incident after you receive the bill with the hot charges. You're liable for only $50 of unauthorized charges, and most banks waive even that.
With a debit card, a crook can clean out your checking account. Banks generally have ten business days to investigate and replenish your account if they find there has been fraud. Your liability is generally limited to $50 if you report the problem within two days and $500 if you notify the bank within 60 days. The bigger annoyance is the lack of access to your account while the bank investigates.
ID theft is no longer a novelty, but the combination of emboldened criminals and supposedly private information bouncing around the Internet gives swindlers more opportunities. The more seriously you take the threat, the less likely you'll wind up someone's victim.
-
Stocks Keep Climbing as Fed Meeting Nears: Stock Market TodayA stale inflation report and improving consumer sentiment did little to shift expectations for a rate cut next week.
-
Your End of Year Insurance Coverage Review ChecklistStop paying for insurance you don't need and close coverage gaps you didn't know about with this year-end insurance review.
-
Crypto Trends to Watch in 2026Cryptocurrency is still less than 20 years old, but it remains a fast-moving (and also maturing) market. Here are the crypto trends to watch for in 2026.
-
Seven Things You Should Do Now if You Think Your Identity Was StolenIf you suspect your identity was stolen, there are several steps you can take to protect yourself, but make sure you take action fast.
-
The 8 Financial Documents You Should Always ShredIdentity Theft The financial documents piling up at home put you at risk of fraud. Learn the eight types of financial documents you should always shred to protect yourself.
-
How to Guard Against the New Generation of Fraud and Identity TheftIdentity Theft Fraud and identity theft are getting more sophisticated and harder to spot. Stay ahead of the scammers with our advice.
-
12 Ways to Protect Yourself From Fraud and ScamsIdentity Theft Think you can spot the telltale signs of frauds and scams? Follow these 12 tips to stay safe from evolving threats and prevent others from falling victim.
-
Watch Out for These Travel Scams This SummerIdentity Theft These travel scams are easy to fall for and could wreck your summer. Take a moment to read up on the warning signs and simple ways to protect yourself.
-
Amazon Resale: Where Amazon Prime Returns Become Your Online BargainsFeature Amazon Resale products may have some imperfections, but that often leads to wildly discounted prices.
-
How to Guard Against Identity Theft in 2025Scammers are getting better at impersonating legitimate businesses.
-
Roth IRA Contribution Limits for 2026Roth IRAs Roth IRAs allow you to save for retirement with after-tax dollars while you're working, and then withdraw those contributions and earnings tax-free when you retire. Here's a look at 2026 limits and income-based phaseouts.
