Get serious to protect against identity theft

By Anya Kamenetz
Posted on February 07, 2017

Having someone else pretend to be you is now something that has probably happened to you or to someone you know. And it’s not as fun as it sounds.

According to Bankrate, a financial website, 41 million U.S. adults have now had their identities stolen, and another 49 million know someone who has.

Having your credit card used without your permission is the commonest, and in some ways the mildest, form of ID theft. That’s because your bank’s fraud alert system will likely notify you, cancel the charges, and get you a new card before you lose any money.

Letting someone get a hold of your Social Security number, date of birth and other biographical information is much worse. You can be liable for thousands of dollars in charges, it can ruin your credit, and once the information is out there changing hands, these violations can be repeated again and again.

I called up one of Bankrate’s analysts, Mike Cetera, for information on how to avoid this fate.

Q: What’s the biggest mistake people make that exposes them to identity theft?

A: The key one here is using the same or similar passwords [across websites]. And I think this is a big deal right now because of the Yahoo breach. [Last fall, the Internet company Yahoo! confirmed that information on 500 million customer accounts had been stolen.]

Our survey found that a little bit more than a quarter of people use exactly or mostly the same password across accounts. This is a bad idea.

Q: So what should people do to keep passwords secure?

A: It’s a good idea to create strong and unique passwords.

Q: Is it safest to keep them written down on paper in my house?

A: Yes, it’s more secure than [keeping them] anywhere electronic. But a lot of people have way more accounts than they realize.

Q: So what’s an alternative? You tried a free online password manager, right?

A: After we ran the survey, I decided to download a password manager myself. I went through the process of having it look through all my online accounts — I had 109 of them! — and translate them to unique and difficult passwords to break. I’m going to be honest, it took me three hours to get it all done, but it’s done now. And I only have to remember one password.

Q: You found that 36 percent of survey respondents are using unsecured wi-fi networks for personal business, like banking. Tell me what that looks like and why that’s a problem.

A: So when you go to your local coffee shop and they have free wi-fi, if you must use that network, don’t do anything sensitive. Don’t log onto your bank account. Don’t look at your credit card statements. The bad guys have the means to break into these free networks and watch what you’re doing.

Q: And you also found that 42 percent of adults aren’t checking their credit reports regularly for unauthorized accounts.

A: Yes, and a lot more privacy experts I speak with are saying that you should put a freeze on your credit. That means no new lenders have access to your credit report, so no one can take out a loan or open an account without contacting you for permission first.

Q: Really? I thought credit freezes were for people who had already been victims of identity theft.

A: I feel like there’s a switch in philosophies here. Experts are saying, I know this is kind of a hassle, but it’s really not a bad idea to have it all the time, even if you don’t suspect you’ve been a victim.

Q: OK, I’ll have to consider it. Any good news in the survey?

A: I think one of the things most Americans do tend to get right is, when you get important information in the mail, say from the Social Security Administration or a credit card application, shred it. About 71 percent of U.S. adults are doing that.

Anya Kamenetz welcomes your questions at diyubook@gmail.com.