As part of the under-30 crowd, readers here have more social media savvy than any generation in history. That’s the good news … now the bad: Social media and mobile platforms represent the new frontiers for identity fraud, according to a 2012 report by Javelin Strategy.
The statistics tell a grim story: In 2011, identity fraud increased by 13 percent, with more than 11.6 million adults becoming victims, Javelin reports. The sobering story behind those stats is that certain social and mobile behaviors promote higher rates of fraud. So if you have a public profile on a social media site, you’re more likely to become the target of fraudsters than if you go private.
If ever-climbing identity theft rates have you worried, I’d suggest turning that angst into some smart self-defense. In this column, we’ll examine eight tips for making sure your identity — and all your crucial financial information — stays secure.
1. Monitor your credit.
What if someone is stealing from you, or ruining your credit rating, and you don’t even know it? It’s a must for everyone these days to monitor your credit regularly. At the very least, check your credit score and, once a year, order your credit reports from all three sources through the free annualcreditreport.com. Looking over your credit report to make sure everything lines up is the only way to spot mistakes or signs of identity theft, often in the form of activity from credit cards you never ordered or used.
For most of us, these steps will be sufficient, but if you’ve been a victim of identity theft or suspect your personal information is compromised, subscribing to credit monitoring or an identify theft protection service may be good insurance.
2. Protect your Social Security Number like gold.
We like to think we live in a trustworthy world, but I always tell those new to running their financial affairs that “email lives forever.” You must never, under any circumstances, send your Social Security number via an email message to anyone! Even if the person on the other end is honest, that email message could be accidentally forwarded, intercepted, or swiped from a person’s account by an unscrupulous co-worker. Email attachments such as W-9 paperwork may require you to give the number, but write it down in the attachment only — not in the body of the email.
If you’re an independent contractor and need to invoice for pay, always mark your vouchers as “Social Security number on file” rather than revealing the nine digits every time. Keep your Social Security card under lock and key, never in your wallet. And if you’re not emailing that number, don’t text it, either!
3. Change passwords frequently.
In the old days of the Internet, I loved it when you could get by with one password for everything, and not worry much about changing it. Today, I change passwords every few months, and use different passwords and user names between my accounts with PayPal, my bank and my credit cards. If you’re not changing passwords frequently, you will get hacked. This summer, I was one of the LinkedIn members whose user names and passwords were apparently stolen by Russian hackers. Less than a week later someone in Japan cracked my Facebook account, which had the same password. I’ve been scrambling things up ever since. And even that may not be enough: an article in this month’s Wired Magazine makes a case for why the password just isn’t enough anymore.
4. Beware of phishing emails.
A few years ago, most fake emails that pretended to originate from your bank looked like a joke, with bad graphics and terrible spelling. But the hackers are getting better at making their phishing expeditions look like the real thing. Obviously, bad spelling and grammar are giveaways for many overseas scammers. But if a perfectly legitimate email comes in asking you to enter your password or log into your account through a link, don’t do it. If there’s really an urgent message from your bank, you can find out by calling a customer service number or checking your online banking mailbox. It’s also a great idea to get your mailbox connected to a service that screens out spam, such as SpamStopsHere.
5. It’s who you know (potentially).
By some estimates, as many as half of identity fraud victims know the perpetrator. That’s astonishing, considering that most of us (myself included) might think that fraud always involves anonymous bad guys living several continents away. My brother’s checking account was once drained by a co-worker who stole a check from his checkbook, which he left on his office desk one night. And sadly, it’s not always possible to tell when a trusted friend or a colleague is hiding an addiction issue that’s making them desperate for cash. As with your Social Security card, keep your checkbooks hidden. Keep your credit cards stowed safely away from where prying eyes can see them. It’s as simple as keeping your financial valuables under lock and key, or password protected, thus taking some of the temptation factor out of the equation.
6. Your driver’s license could be someone’s license to steal.
Quite a few documents, such as checks to motor vehicle agencies or insurance companies, might require a driver’s license number. That can’t be avoided. But in these days of smartphone cameras, it only takes one silent snap for someone to capture an image of your license on the table at Starbucks. Your license never left your person — and yet it was stolen, because you left it out for someone to electronically copy the number. I never show my license in public unless requested for a legitimate reason, and it goes back to my wallet once proof of ID is accepted. Note that this kind of fraud will only get more extensive as glasses embedded with video cameras become more popular.
7. If you don’t shred, you’re dead.
My neighborhood in Chicago is popular for “Dumpster diving,” where people search for all sorts of treasures in trash. Usually, that’s limited to discarded furniture or clean clothes, but sometimes, it’s a search for paper. Many cities and towns recycle paper trash now, and if you sort well, you’d better shred well first. Your recycling bin might otherwise contain free credit card offers, canceled checks, bank statements or other sensitive info that definitely represents booty to the pirate who plunders it.
8. Password protect your computers and mobile devices.
When you start up your computer, or let it sleep for prolonged periods, you should set it up so that a password is required to log in. Likewise for smartphones, use a passcode that makes it much tougher for someone to rife through your files while you’re distracted or caught off guard. Add a double layer of protection by changing those passwords and codes at least a few times a year. Remember, if you’re in a coffee shop, someone looking over your shoulder can steal a password faster than you can say “cappuccino.” (There’s a slang for this kind of theft technique, by the way: “shoulder surfing.”)
Discretion is the bottom line connecting many of these tips. Just as you would never walk down a dark, foreboding city street alone at night, you should not expose your most valuable assets and information to people lurking in the shadows of cyberspace. With just a bit of consciousness and a mindset towards staying on guard, you’ll find the chances of becoming a victim significantly decreased.
Need I stress that those are the kind of low returns we like?