In the early 2000s I dropped my phone in the grocery store.
I got home, spent an hour or so trying to find it, called the store to see if anyone had turned it in (nope) and then used my land line (wow, it really was long ago!) to call the cell phone. A strange voice answered it and a man told me he’d found the phone. He agreed to meet me in the store parking lot in 20 minutes, and with a little trepidation I went out to meet him. I gave him a $20 as a reward for returning my phone and got my phone back.
I was a little nervous. Who knew what phone calls the guy had made? When I got my bill later, there were 2 strange calls to Charlotte, but otherwise everything was in order.
That was the early 2000s, when a phone was just a phone. The most the guy could have gotten from my phone (other than a couple of free calls) was the list of people I called on a regular basis. There wasn’t a whole lot of risk for identity theft.
Now, though, my phone has pictures of my house and my family. It holds all of my email accounts. It has Facebook and Twitter and Linked In. It has access to my Amazon and Google Play accounts.
What’s on yours? Bank accounts? Credit cards? Your entire life?
In the wrong hands someone can get a heck of a lot of information off of a smartphone, so I lock mine with a simple numeric PIN. I imagine my family could probably figure out my number in the 10 guesses you get before the phone is wiped, but it would be a reach for someone to guess the right combination of numbers without knowing that it was my phone and knowing a few details about me.
I know there are ways for phones to get hacked, especially if you hook up to random WiFi when you are out and about. Locking your phone doesn’t provide perfect protection, but at least if I drop my phone in the grocery store again someone is unlikely to have all of my personal information easily accessible.
Locking devices up (I set up PINs on my Kindle and Little Bit’s Kindle as well) is just one way to protect my identity. There’s a host of simple things I do to keep my identity as secure as possible, because identity theft is scary.
Vampires, Flash Floods and Identity Theft
Early in the school year, my child’s kindergarten teacher posted on Facebook “One of my students just told me her top three fears were vampires, flash floods and identity theft.”
I knew immediately which student it was. Little Bit has been talking about her fear of identity theft for a long time, thanks to having seen way too many LifeLock commercials. She’s not wrong when she told her teacher “Mrs H, that’s a real thing! Identity Theft is scary!”
Jon assumes at least to some degree that Little Bit is afraid of an Invasion of the Body Snatchers scenario where all of a sudden someone is walking around in her body pretending to be her. It doesn’t take doppelgangers and physical impostors to be frightening, though.
According to the Bureau of Justice Statistics, 17.6 million Americans fell victim to identity theft in 2014. Most of them didn’t even realize it until they were contacted by a financial institution, and 2/3 of victims suffered a direct financial loss from the identity breach. Many victims have no idea how their identity was compromised. Scary stuff indeed.
I have worked very hard to build good credit, but one person with the wrong information can wipe out my credit in a day and saddle me with a bunch of debt. It’s bad enough for an existing account to be breached, and even worse when new ones are opened that the victim knows nothing about. Even if I catch identity theft, it could take hours of uncomfortable phone calls, letters, and verification to clear my name and my credit reports.
What if thieves get hold of my bank account, or my investment accounts? Bye, bye net worth.
What if someone starts posting malicious or untrue things on my social media pages?
It doesn’t take much to imagine how scary being an identity theft victim would be. Vampires got nothing on identity thieves. In our information economy,
It’s difficult to be completely immune from the risk of identity theft. You can’t do much against a massive institutional data breach, like the one that was announced from the Office of Personnel Management last year. That doesn’t mean that you can’t take actions to limit your risk by protecting your personal information and making sure that you keep good records of your information in case you are ever called upon to prove you are really you.
Here are just a few ways I make my identity more secure.
Keep an Eye on Your Numbers
The first line of defense for your identity is to keep your money locked tight, which means keeping a close eye on all of your accounts.
I check my credit score and report regularly, so that I know if anyone has opened new accounts in my name.
I log all of our purchases on a spreadsheet as we make them (within a day or two). It helps our budget because we’re less likely to lose track of our spending, but it also makes it easier to recognize unauthorized spending.
I check my bank account and credit card statements. Not only does this make sure I’ve accounted for all of our purchases on my budgeting spreadsheet, but it also makes sure that the charges are accurate. I put all charges on one credit card or on our debit card, which makes purchases easier to track. We are far more likely to use the credit card, because of the lower fraud liability for unauthorized transactions (which gets paid off each month.)
While it takes more time to transfer funds between accounts, none of our bank or investment accounts are linked. A breach of one will not mean a breach of all.
Protect Your Online Identity and Your Computer
We’ve all seen movies where hackers do amazing things to get hold of your computer.
I use password software (LastPass) to manage my logins. Considering I’m a little paranoid about people hacking various online venues, having a web-based program manage all of my passwords may seem counter-intuitive, but I found that I just couldn’t manage multiple strong passwords for long without repeatedly using the same ones or constantly needing to reset them. Now I just have to remember one very strong password for the password manager, and then I can autogenerate strong unique passwords for all of my other accounts.
I keep a firewall and antivirus program on my computer, and make sure that my programs get updated regularly.
I watch my check ins and posts on Facebook. We try not to let too many people know when we’re out of town or even out of the house for long. It’s one thing if you know you’ll be home in an hour, but when you’re gone for the week? I may email pictures to family but I try to hold the posts until after we get home. I also try not to overshare other information.
Jon doesn’t do social media at all. While I enjoy social media and think with a little care that using it is a manageable risk, I respect his stance that not being on social media reduces the amount of personal information Jon releases to the world and thus keeps his identity safer.
I don’t open suspicious emails, and I don’t download attachments from people I don’t know or sites I don’t verify.
I use Snopes and Google to verify information that may be fishy (or phishy). I was silly enough in the 90s to fall for an internet “warning” sent to me by my unsuspecting brother. Acting on it didn’t compromise my identity, but it did kill my operating system. Now I make sure that any such warnings get verified before I act on them. I don’t want to get phished, and I don’t want to fall for other scams either.
Watch the Paper Trail
We shred almost all of our mail and receipts. While we don’t shred magazines and ads, if it has our name and anything remotely personal on it, we shred it. Old bills? Shred.Solicitations for charitable donations? Shred. Gas station receipt? Shred. And all that shredded stuff? If it doesn’t get burned or composted, it gets put into multiple bags.
While I may access my accounts online, I keep paper backups of all bank, credit card and investment statements. It not only makes entering any data onto our spreadsheets easier, but also helps establish a record if needed.
I keep a list of all credit cards and their related customer service phone numbers. This helps with both theft recovery and leaves a list in case anything happens to me and Jon or someone else needs to make sure the accounts are closed.
I try to clean out my purse and wallet regularly, which makes it much easier to keep track of any important papers or receipts. I’ve noticed that the more that’s in my purse or wallet, the more likely something is to a) get lost b) drop out c) make it hard to find actual money. Cleaning the purse out makes it easier to get those receipts into the budget spread sheet too.
A Couple of Things I Don’t Do
While I think that I am careful, there is one step of identity theft prevention that I haven’t done that I am strongly considering: freezing my credit report.
Freezing your credit report means no one can check your credit without a PIN issued to you by the credit agency. If you freeze your credit report with all 3 bureaus, chances are no one is going to be able to use your information to open a credit card or other loan in your name without your knowledge.
It’s a very effective tool to keep unauthorized people from accessing credit reports, but it also adds inconvenience for anyone legitimately trying to access your report. To allow a credit report to be run, you have to remove the freeze. If you know the bureau that the authorized user will use, you can only lift the freeze for one company and lift it for a short window of time. It still may take a few days to do so.
There are also fees for setting the freeze, unless you can prove you were a victim of identity theft. There are additional fees anytime you want to remove the freeze. It also won’t stop thieves from using any lines of credit you currently have open. like credit cards.
If you know your identity has been compromised or is at high risk, the added cost and inconvenience will probably be worth it.
You can also opt out of all prescreened offers of credit by calling 888-5OPTOUT (888-567-8688) or going to OptOutPrescreen.com. This limits the amount of offers you get and is good for up to 5 years. If you know you aren’t in the market for additional credit cards it’s a good way to reduce the amount of possibly compromising paperwork you have to shred. Of course, you also lose out on good offers that may not be available otherwise, which is one of the reasons we’ve opted not to do this.
Keeping Identity Theft at Bay
Keeping your identity safe requires constant vigilance. After the OPM breach, I don’t even know if it’s possible to keep all of your personal information secure, but there’s no need to risk your identity more than is necessary.
There is a tradeoff between security and convenience, and most of us fall somewhere on the continuum, not on the ends. I hope I’m a little closer to the security end than the convenience end, but sometimes I wonder.
For all of my caution about identity theft, I still use my desktop to access accounts online and I make online purchases. I use social media, even if I try to be a little guarded in my sharing. I write personal things on this blog. I use loyalty cards at the stores we shop, and do probably dozens of other things that might give someone more information about me than I really want to reveal.
So far so good.
In the meantime, I’ll keep watching my accounts and keep trying to stay safe.
What are some other ways you protect your identity?
Top Image courtesy of hywards at FreeDigitalPhotos.net with changes