Are you concerned about identity theft? If you aren't, you should be.
The Bureau of Justice reported that 7% of persons age 16 and older were victims of identity theft in 2014. 86% of victims experienced “fraudulent use of existing account information.” 14% of victims had out of pocket losses of at least a dollar, but half of those had losses of less than $100. Fortunately, half of identity theft victims were able to resolve their problems in a day or less.
For $15 a month, you can get identity theft protection from one of the credit bureaus or third party companies. That's $180 a year!
What if you want identity theft protection but don't want to (or can't afford to) spend $180 a year to get it?
Do it yourself. Wallet Hacker style.
The next is often called “internet scanning,” where they look online to see if your information is floating around. When people sell identity data, it's usually in the darker parts of the web where you need special software to access. I doubt how diligent these companies are about getting the software, infiltrating the networks, and then just sitting there waiting.
How to build your DIY identity theft protection system for free.
Don't Carry Your Social Security Card
Let's get the easy stuff out of the way first. Don't carry your social security card!
You don't need it and if you ever lose your wallet, a thief now has everything they need. Your name and address will be on your driver's license and the holy grail of identity thieves, your social security number, is right next to it.
Just leave the SS Card at home.
Watch for a Move Validation Letter
A thief may try to change your address… fortunately the USPS will send a Mail Validation Letter to the new and old address. If you get one of these but never requested a change, call the 800 number immediately. This is a sign you're under attack.
If you are going to be away from your mail box, request a hold. The hold can be for 3 to 30 days and is free.
Sign Up for Free Monitoring
Did you know that all of the credit bureaus offer free monitoring?
Experian and TransUnion always had programs but the recent Equifax hack pushed Equifax to offer theirs for free too.
- Experian Creditworks Basic – No credit card required, free, and they will email you if your account gets an inquiry.
- Transunion TrueIdentity Free – No credit card required, free, and you can lock your credit report for free plus text notifications of suspicious activity.
- Equifax Trusted ID Premier – Most recent one, as a result of the Equifax hack, and you can lock your Equifax report through this system too.
Monitor Your Credit Scores
There are several “credit scores” out there, the most “official” one is the FICO credit score. For identity theft monitoring purposes, you don't need to see your FICO score, you just need any score that is based on a Big Three credit reporting bureau (Equifax, Experian, TransUnion). If something changes on your report, the credit score will be affected.
I like to use Credit Sesame and Credit Karma. Credit Sesame uses TransUnion reports and Credit Karma uses Equifax & TransUnion reports. Both are free and Credit Karma will even email you if they see any changes.Some credit cards offer a credit score monitor as a credit card perk. CapitalOne calls it CreditWise and uses TransUnion and their VantageScore 3.0 (the same as Credit Sesame).
Set Credit Card Transaction Alerts
Some cards let you set that limit at $0, others say $1 or more, but they all have this as an option. I get email notifications.
The notifications come instantly and have already paid dividends because within a week of doing it (coincidence, I assure you) I was notified of two fraudulent transactions!
Check Your Credit Reports
The Fair Credit Reporting Act gives you the right to see your credit reports once every 12 months. I use the Waterfall Method and stagger my requests so I see a credit report every 4 months.
If you want to do this too, read the strategy here and sign up for email notifications.
Stop Junk Mail
OptOutPrescreen.com is your friend. By registering on the site, you can prevent unsolicited offers of credit or insurance, which is one of the easiest ways for someone to steal your credit. Your mailbox is probably insecure so someone could just reach in, steal an application, and get themselves a credit card in your name pretty easily. This website makes it so that you don't get firm offers for five years (or permanently if you mail a form you print from the site).
If you have an existing relationship with a company, this will not stop those offers. If you have an American Express card, AMEX can still send offers of credit because there's a pre-existing relationship. To stop that, you'll need to call them.
(If you want to stop other junk mail, Catalog Choice is a great resource for that)
Use a PO Box
Your mailbox is probably just a box with a lid. It's completely insecure. Mail is often delivered during the day and you are probably working during the day. So for many hours, it sits there for the taking.
A thief could open it, steal your mail, and just walk away. No one would ever know!
The defense against this is to use a PO Box for your financial correspondence. This means all financial accounts so if you do get pre-approved offers of credit, they all go to a secure and locked box at the post office.
While you're at it, do the same thing with your email by using a classified email address.
Set Up Fraud Alerts
Each of the credit bureaus will let you set up 90-day fraud alerts on your account. There are typically two types of fraud alerts, an “initial” alert and an “extended” alert. The initial alert is for people who are worried they could be a victim of ID theft – that's you. If you are already a victim, you want an extended fraud alert, which is active for 7 years. The extended request is much more involved and will require you to prove you were a victim of ID theft.
If you set up a fraud alert at one bureau, it will notify the other two, so pick the one you like best:
Freeze Your Credit Report
This is the (near) nuclear option, but you can put a freeze on your credit report. A freeze restricts access to your credit report, which means creditors will not be able to see it and be willing to extend you any credit. This, in turn, makes it harder for thieves to steal.
Before September 21st, 2018, you had to pay to get your credit report frozen. It is now free, Congress amended the Fair Credit Reporting Act to require credit bureaus to offer a credit freeze for free.
Here are the links to how to freeze your report at each of the three major bureaus:
That's it! Now you have your own identity theft protection system without having to pay $180 a year!
(if you do want a service, you can check our review of Identity Guard)
We reached out to Professor Yingying Chen, Professor in the Department of Electrical and Computer Engineering at Rutgers University and Associate Director of WINLAB, for some advice about protecting yourself against identity theft that touches on the cutting edge of identity (such as gait pattern recognition):
A1. The emerging sensing technologies have enabled many new user authentication/identification methods, which use various identity information to recognize users, for example, fingerprints, faces, irises, and gestures. While these new authentication/identification methods are convenient to use, consumers should be aware that such biometric information could be easily stolen if the consumers do not actively protect them in public. Identity theft could stalk consumers and try to obtain their identity information without interacting the consumers. For example, fingerprints could be obtained from any surfaces that have been touched by the consumers, faces, irises, and gestures could be captured by smartphone cameras from remote.
In addition, identity theft could also utilize sensors in smartphones or smartwatches to steal consumers' behavioral biometric information, which could also be utilized to identify people. For instance, gait patterns, hand movements, driving behaviors, etc. Therefore, consumers of smartphone and smartwatches should also be cautious when installing apps from unknown developers, who could obtain the permission of using the integrated sensors and steal the consumers' identity information.
Q2. If consumers are going to pay for an identity theft protection service, what are some things they should consider?
A2. Consumers should first consider the user experience of the identity theft protection service. More specifically, an identity theft protection service should be non-invasive, which means no interruption to consumers' daily activities. Second, the identity theft protection service should have a strong security team to make sure the service will not be exploited by identity theft to attack consumers. Third, the service should be easy to use. It shouldn't require consumers to take a lot of effort into collecting data.
Q3. Do you have any advice for people who are very worried about becoming victims of identity theft?
I think it is necessary to be worried about becoming victims of identity theft, especially these days with so many high-tech sensor-enabled mobile devices. I would advise the people who are worried about becoming victims of identity theft to not trust anyone that you do not know in person. They should take proactive approaches to prevent using their identity in public.