5 top tips for avoiding identity theft

(Image credit: Shutterstock / Zeeker2526)

While all types of fraud pose serious challenges, identity fraud is one of the most potent and one that consumers need to take extra care to detect and avoid. People need to educate themselves on protecting their personal information, but many might feel like they don’t know where to begin. Five main steps can be taken to guard against identity fraud and stop fraudsters and scammers from obtaining personal information or accessing accounts.

Beware of phishing

Phishing emails are a vital tactic for scammers and have developed beyond the clumsy, poorly-written efforts of the past. However, many still contain tell-tale signs of a scam, such as lousy formatting and unofficial email addresses. Phishing emails are designed to convince consumers to click on a malicious link, so consumers should avoid following any links they do not recognize. Pay extra attention to an email that calls for immediate action, such as requiring payment to keep your energy on; scammers know that consumers are more likely to make a mistake if there’s urgency.

The best way to root out the fakes is to independently check the information by logging into personal accounts on the company website—companies will often post a warning on their website if they are aware of the scam email. Smishing, where phishing is conducted via a text message, isn’t a new threat but has evolved during the COVID-19 pandemic and represents another avenue where consumers need to be hyper-vigilant.

Activate two-factor authentication

Many online accounts offer two-factor authentication, which can help to prevent online account takeover. Text messaging is the most popular second factor, but this is also vulnerable to takeover, so individuals should choose an alternative factor if one is available.

Sign up for activity alerts from financial institutions

Signing up for activity alerts with bank or credit card companies can alert consumers to any suspicious activity associated with their accounts. People are notified straight away, and this can prevent any further fraudulent charges or withdrawals. Do not delay reporting suspected fraud to your bank, and ask about the possibility of closing the account in question.

Set up identity and credit monitoring

People can register with an identity and credit monitoring service that will provide a warning if their data is under threat. Personal information is often traded on the dark web, and monitoring services focus on places where data is known to be bought and sold and send alerts if personal data is identified. Credit monitoring services alert individuals if there has been a change to their credit profile, such as new trade lines or hard credit inquiries. If individuals are concerned their information has been used fraudulently, a professional can determine the depth of fraud and assist with identity restoration.

Follow password security best practices

There is a lot of advice available about creating strong, unique passwords for each account. Still, with the average person having 70-80 accounts, it's difficult to remember them all, and many individuals reuse passwords. Installing a password manager can help you generate and store passwords for all your accounts on your devices. While using common passwords like QWERTY or your dog's name won't make it safe, it can suggest a nearly impossible alternative to guess.

The greatest takeaway from this should be that there is no silver bullet to ensure complete protection when it comes to avoiding identity fraud. The best thing consumers can do is stay vigilant and use caution. Adopting the layers of security discussed in the list above will give individuals the most significant level of protection from a threat that is only certain to become more and more destructive in the future.

David White

David White is the EMEA Leader for Identity Theft and Breach Notification practice of Kroll, a division of Duff & Phelps, based in London. David’s team helps clients and their advisors, including boards of directors, legal counsel and insurance providers, resolve the myriad complex issues resulting from a data breach.