tips on avoiding identity theft


Clients often ask how to protect themselves against identity theft. Here are a number of steps you can take:


It’s obvious, but use strong passwords

Living in a digital world, remembering and managing passwords is tedious work. There are a number of approaches you can take to manage your passwords: keep them in a secure digital file or use a password manager program such as 1Password, LastPass and Dashlane. These programs encrypt all of your various login information into a secure digital vault and lock it with a single master password. These programs have a number of beneficial features, such as password generation (random and long string of characters), auto-fill security information into websites, two-factor authorization and work across multiple devices.


Avoid using a debit card, especially online

I never use my debit card except for getting cash from the ATM. Using a credit card for your everyday purchases instead provides significantly more protection. When your debit card information is stolen or a fraudulent charge is made, the money is instantly removed from your account. It is a complete hassle to have the funds added back to your account, which may include a police report being filed and almost certainly will involve a great deal of effort on your behalf.


Conversely, credit card companies are commendable at taking care of fraudulent charges. You simply contact them and the charge is removed instantly. It’s a matter of taking 5-10 minutes with a credit card company compared to hours dealing with your bank.


Additionally, many credit card companies offer incentives and other perks for using them, such as cash back or airline miles. But be careful though, many of these perks come with high APRs.


Be careful on social media

People often share too much personal information accidentally on sites, such as Facebook and LinkedIn. Be certain not to share information that could be used in answering your security questions, such as your mother’s maiden name, date of birth or your favorite color. Also, check your security settings on social sites; you may be surprised at how much information is shown on your public profile.


You must be extremely diligent in responding to email requests from social media sites. For example, I once received an email message from a well-respected industry professional requesting I log in to my LinkedIn account to retrieve their message. The body of the email allowed me to log in to my account. Fortunately though, I stopped before submitting my credentials. The email was extremely convincing, but sure enough, it was a phishing scam.


For more information on email scams, check out our article on modernized scams from the IRS.


Keep your anti-virus/anti-malware software up-to-date

Malware programs are common for stealing personal information. Malware is an abbreviation for malicious software, which is designed to gain access to your computer without you knowing. Typically, people introduce malware or a virus to their computer via email attachments or visiting certain websites. As a general rule-of-thumb, do not click on links in emails unless you are certain you know the email sender.


Set your internet browser security settings to high, and turn on the pop-up blocker, so it can protect your computer when on malicious websites. It is amazing how easily you can be redirected to a bad site when doing an internet search.


Another common technique used by identity thieves is designing websites that appear legitimate. This is especially important when shopping online. It is becoming more difficult to distinguish sites, so make sure the checkout process provides full encryption, use websites that start with “HTTPS” instead of “HTTP,” and don’t purchase something if the price is just too good to be true. The ‘s’ in “HTTPS” stands for “secure.” HTTPS sites use code to scramble data, so no one else can read the information. You can verify if a site provides full encryption by looking for the padlock symbol at the bottom of your browser.


Pay attention to your credit report

It is very important you know what credit card accounts are open in your name. A credit report will tell you every account that is open under your name. I recommend using and Both sites are secure and consumer-oriented. I recommend using credit-monitoring services, such as LifeLock. No company can 100% guarantee preventing identity theft, but credit-monitoring services offer assistance in fixing an identity breach. You should also review your homeowners’ policy, as they often include identity-theft resolution.


If you do not need to establish any new credit accounts anytime in the near future, consider placing a credit freeze on file with the three major credit bureaus – Experian, TransUnion and Equifax. A credit freeze will block anyone from accessing your credit report. If a creditor cannot examine your credit files, they are extremely unlikely to establish a new account in your name. Thus, it’s fairly successful in stopping fraudulent accounts from being established. Having a credit freeze in place can be tedious, as you need to contact each credit agency to turn it on and off, and they may charge you for this service.


When using a Wi-Fi connection, make sure it is secure and non-public

Non-secure, public Wi-Fi is an easy way for hackers to access your information. If you are using a non-secure Wi-Fi, do not execute any financial transactions or log in to any account where you have stored financial data. Also, make certain your home Wi-Fi password is protected. If you do not have an established password, anyone within several yards of your house, including your neighbors, can use your Wi-Fi.


Buy a cross-cut shredder

Do not throw away or recycle anything with personally identifiable information on it. I also encourage people to even shred credit card solicitations, as well. When in doubt – shred it.


There is no silver bullet to ensure your identity is not stolen, but these are some steps that can help. The best approach is to protect and monitor all of your accounts. Protect by using strong passwords, avoiding phishing solicitations, and keep your malware software up-to-date. Monitor by reviewing your credit report or subscribing to a service. In the unfortunate situation where your identity is stolen, you must act swiftly.