Build a Do It Yourself Identity Theft Protection System

Are you concerned about identity theft? If you aren’t, you should be.

The Bureau of Justice reported that 7% of persons age 16 and older were victims of identity theft in 2014. 86% of victims experienced “fraudulent use of existing account information.” 14% of victims had out of pocket losses of at least a dollar, but half of those had losses of less than $100. Fortunately, half of identity theft victims were able to resolve their problems in a day or less.

For $15 a month, you can get identity theft protection from one of the credit bureaus or third party companies. That’s $180 a year!

What if you want identity theft protection but don’t want to (or can’t afford to) spend $180 a year to get it?

Do it yourself. How to build your DIY identity theft protection system for free:

There are two big differences between what I outline below and what the paid services offer – post-identity theft recovery and proactive information scanning. I don’t know how good those services are in cleaning things up after identity theft occurs, but that’s one thing I don’t include.

The next is often called “internet scanning,” where they look online to see if your information is floating around. When people sell identity data, it’s usually in the darker parts of the web where you need special software to access. I doubt how diligent these companies are about getting the software, infiltrating the networks, and then just sitting there waiting.

Table of Contents
  1. Don’t Carry Your Social Security Card
  2. Watch for a “Move Validation Letter”
  3. Sign Up for Free Monitoring
  4. Monitor Your Credit Scores
  5. Set Credit Card Transaction Alerts
  6. Check Your Credit Reports
  7. Stop Junk Mail
  8. “Number Lock” Your Phone Number
  9. Use a PO Box
  10. Set Up Fraud Alerts
  11. Freeze Your Credit Report
  12. Expert Advice on Identity Theft

Don’t Carry Your Social Security Card

Let’s get the easy stuff out of the way first. Don’t carry your social security card!

You don’t need it and if you ever lose your wallet, a thief now has everything they need. Your name and address will be on your driver’s license and the holy grail of identity thieves, your social security number, is right next to it.

Just leave the SS Card at home.

Watch for a “Move Validation Letter”

Especially if you havne’t moved!

A thief may try to change your address… fortunately the USPS will send a Mail Validation Letter to the new and old address. If you get one of these but never requested a change, call the 800 number immediately. This is a sign you’re under attack.

If you are going to be away from your mailbox, request a hold. The hold can be for 3 to 30 days and is free.

Some monitoring companies subscribe to the National Change of Address Linkage (NCOALink) service, which contains all the change of address records. They can offer to monitor any change of addresses because they get access to that database for a fee. It’s not feasible for an individual to do.

Sign Up for Free Monitoring

Did you know that all of the credit bureaus offer free monitoring?

Experian and TransUnion always had programs but the recent Equifax hack pushed Equifax to offer theirs for free too.

  • Experian Creditworks Basic – No credit card required, free, and they will email you if your account gets an inquiry.
  • Transunion TrueIdentity Free – No credit card required, free, and you can lock your credit report for free plus text notifications of suspicious activity.
  • Equifax Trusted ID Premier – Most recent one, as a result of the Equifax hack, and you can lock your Equifax report through this system too.
Click to enlarge
Click to enlarge

Monitor Your Credit Scores

There are several “credit scores” out there, the most “official” one is the FICO credit score. For identity theft monitoring purposes, you don’t need to see your FICO score, you just need any score that is based on a Big Three credit reporting bureau (Equifax, Experian, TransUnion). If something changes on your report, the credit score will be affected.

I like to use Credit Sesame and Credit Karma. Credit Sesame uses TransUnion reports and Credit Karma uses Equifax & TransUnion reports. Both are free and Credit Karma will even email you if they see any changes.

Some credit cards offer a credit score monitor as a credit card perk. CapitalOne calls it CreditWise and uses TransUnion and their VantageScore 3.0 (the same as Credit Sesame).

Set Credit Card Transaction Alerts

I set transaction alerts on all my credit cards for the minimum amount.

Some cards let you set that limit at $0, others say $1 or more, but they all have this as an option. I get email notifications.

The notifications come instantly and have already paid dividends because within a week of doing it (coincidence, I assure you) I was notified of two fraudulent transactions!

Check Your Credit Reports

The Fair Credit Reporting Act gives you the right to see your credit reports once every 12 months. I use the Waterfall Method and stagger my requests so I see a credit report every 4 months.

If you want to do this too, read the strategy here and sign up for email notifications.

Stop Junk Mail is your friend. By registering on the site, you can prevent unsolicited offers of credit or insurance, which is one of the easiest ways for someone to steal your credit. Your mailbox is probably insecure so someone could just reach in, steal an application, and get themselves a credit card in your name pretty easily. This website makes it so that you don’t get firm offers for five years (or permanently if you mail a form you print from the site).

If you have an existing relationship with a company, this will not stop those offers. If you have an American Express card, AMEX can still send offers of credit because there’s a pre-existing relationship. To stop that, you’ll need to call them.

(If you want to stop other junk mail, Catalog Choice is a great resource for that)

“Number Lock” Your Phone Number

If you turn on two-factor authorization, the code is usually sent to your phone number. That makes your phone a very enticing target, so turn on “Number Lock” (that’s what Verizon, my carrier, calls it). This ensures that the phone number cannot be ported or transferred without your authorization.

Here is Verizon’s FAQ answer on how it works:

This is not typically turned on by default.

What is a Number Lock?
If a scammer gets your personal information, they could transfer your mobile number to another carrier. This may be referred to as an unauthorized port out. Then, they could get your calls and texts to take control of other accounts, like banking and social media.

You can set up a Number Lock for free to protect your mobile number from an unauthorized transfer. Once a lock is set up for a number, that number cannot be ported to another line/carrier unless you remove the lock. You can set up a Number Lock with the My Verizon website and app or by calling Customer Service at *611.

Use a PO Box

Your mailbox is probably just a box with a lid. It’s completely insecure. Mail is often delivered during the day and you are probably working during the day. So for many hours, it sits there for the taking.

A thief could open it, steal your mail, and just walk away. No one would ever know!

The defense against this is to use a PO Box for your financial correspondence. This means all financial accounts so if you do get pre-approved offers of credit, they all go to a secure and locked box at the post office.

While you’re at it, do the same thing with your email by using a classified email address.

Set Up Fraud Alerts

Each of the credit bureaus will let you set up 90-day fraud alerts on your account. There are typically two types of fraud alerts, an “initial” alert, and an “extended” alert. The initial alert is for people who are worried they could be a victim of ID theft – that’s you. If you are already a victim, you want an extended fraud alert, which is active for 7 years. The extended request is much more involved and will require you to prove you were a victim of ID theft.

If you set up a fraud alert at one bureau, it will notify the other two, so pick the one you like best:

Freeze Your Credit Report

This is the (near) nuclear option, but you can put a freeze on your credit report. A freeze restricts access to your credit report, which means creditors will not be able to see it and be willing to extend you any credit. This, in turn, makes it harder for thieves to steal.

Before September 21st, 2018, you had to pay to get your credit report frozen. It is now free, Congress amended the Fair Credit Reporting Act to require credit bureaus to offer a credit freeze for free.

Here are the links to how to freeze your report at each of the three major bureaus:

That’s it! Now you have your own identity theft protection system without having to pay $180 a year!

(if you do want a service, you can check our review of Identity Guard)

Expert Advice on Identity Theft

We reached out to Professor Yingying Chen, Professor in the Department of Electrical and Computer Engineering at Rutgers University and Associate Director of WINLAB, for some advice about protecting yourself against identity theft that touches on the cutting edge of identity (such as gait pattern recognition):

Professor Yingying Chen, Rutgers University

Q1. What are some common sense ways consumers can protect themselves from identity theft beyond securing their obviously sensitive information like Social Security Numbers?

A1. The emerging sensing technologies have enabled many new user authentication/identification methods, which use various identity information to recognize users, for example, fingerprints, faces, irises, and gestures. While these new authentication/identification methods are convenient to use, consumers should be aware that such biometric information could be easily stolen if the consumers do not actively protect them in public. Identity theft could stalk consumers and try to obtain their identity information without interacting with consumers. For example, fingerprints could be obtained from any surfaces that have been touched by the consumers, faces, irises, and gestures could be captured by smartphone cameras from remote.

Identity theft could also utilize sensors in smartphones or smartwatches to steal consumers’ behavioral biometric information, which could also be utilized to identify people. For instance, gait patterns, hand movements, driving behaviors, etc. Therefore, consumers of smartphones and smartwatches should also be cautious when installing apps from unknown developers, who could obtain the permission of using the integrated sensors and steal the consumers’ identity information.

Q2. If consumers are going to pay for an identity theft protection service, what are some things they should consider?

A2. Consumers should first consider the user experience of the identity theft protection service. More specifically, an identity theft protection service should be non-invasive, which means no interruption to consumers’ daily activities. Second, the identity theft protection service should have a strong security team to make sure the service will not be exploited by identity theft to attack consumers. Third, the service should be easy to use. It shouldn’t require consumers to take a lot of effort into collecting data.

Q3. Do you have any advice for people who are very worried about becoming victims of identity theft?

I think it is necessary to be worried about becoming victims of identity theft, especially these days with so many high-tech sensor-enabled mobile devices. I would advise the people who are worried about becoming victims of identity theft to not trust anyone that you do not know in person. They should take proactive approaches to prevent using their identity in public.

Other Posts You May Enjoy:

Jim Wang

About Jim Wang

Jim Wang is a thirty-something father of three who is a frequent contributor to Forbes and Vanguard's Blog. He has also been fortunate to have appeared in the New York Times, Baltimore Sun, Entrepreneur, and Marketplace Money.

Jim has a B.S. in Computer Science and Economics from Carnegie Mellon University, an M.S. in Information Technology - Software Engineering from Carnegie Mellon University, as well as a Masters in Business Administration from Johns Hopkins University. His approach to personal finance is that of an engineer, breaking down complex subjects into bite-sized easily understood concepts that you can use in your daily life.

One of his favorite tools (here's my treasure chest of tools,, everything I use) is Personal Capital, which enables him to manage his finances in just 15-minutes each month. They also offer financial planning, such as a Retirement Planning Tool that can tell you if you're on track to retire when you want. It's free.

He is also diversifying his investment portfolio by adding a little bit of real estate. But not rental homes, because he doesn't want a second job, it's diversified small investments in a few commercial properties and a farm in Illinois via AcreTrader.

Reader Interactions

Leave a Comment:


About the comments on this site:

These responses are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by the bank advertiser. It is not the bank advertiser's responsibility to ensure all posts and/or questions are answered.

  1. Financial Slacker says

    Identity theft is scary stuff. I know we have had a few recent fraudulent credit card purchases on different cards over the past few months. I’m wondering if there’s a subscription service that we are signed up for that has a leak.

    Thanks for the list.

As Seen In: