Just as there are people working to try and steal your identity for nefarious purposes, so too are there people working hard to prevent that theft.
John Smith* didn’t know he had a problem until he went to apply for a credit card. A new immigrant to the US from the UK, he wanted to start building his American credit as soon as possible. But when the credit card company ran his credit report, they came back with a bunch of charges to stores in Florida.
Now, John lived in California and had never even been to Florida, much less spent $500 at a Best Buy there. But until he cleared up that this other John Smith wasn’t him, he wasn’t going to be able to move forward with his financial goals — like buying a house and starting a business — in his new country.
John started going back and forth with the credit bureaus, trying to figure out how to solve this complicated problem. It soon became clear that his name was probably the original source of the issue. Because “John Smith” is so common, it’s easy enough for a cybercriminal (or even just an unscrupulous person named John Smith) to track down enough information online to take out a credit card using his identity.
And because our John Smith had no American credit history of his own up until this point, he was especially at risk of being targeted by thieves.
Luckily, John was able to convince the credit bureau that the John Smith in Florida was not him and, after about a year, he stopped getting pings on his credit reports for the other John Smith. But he had to spend countless hours of his life on hold, talking to customer service reps, monitoring his credit reports, and stressing out about this identity theft in order to get to that point. Plus, he had no real guarantee that it wouldn’t happen again.
John’s story is almost as common as his name — which is to say: super common. Javelin Strategy & Research released a study that found criminals stole $56 billion from Americans in 2020 with identity theft attacks. About $13 billion of that sum was stolen by cybercriminals who hacked identifying information.
That’s a ton of money. And if trends continue the way they’ve been going, we expect it to continue rising year over year. So, what’s the deal? Why is this form of cybercrime so prevalent?
There are many reasons for this increase in identity theft, but a major one is that there’s so much personal information out there now about each of us. A cybercriminal can use a combination of your email, full name, birth date, address, and answers to security questions — like your pet’s name, your mom’s birth name, your elementary school, etc. — to steal your identity. And all that information is available online with a little technical know-how.
How to protect yourself from identity theft online
It’s a pretty scary prospect that can make the average person feel… Helpless. But, luckily, just as there are people working full time to try and steal your identity for nefarious purposes, so too are there people working hard to prevent that theft. Here are five tips for protecting yourself from identity theft online.
1. Don’t overshare
Sharing the minute details of our lives online has become so common over the past decade that most of us don’t even think about it anymore. But when you share lots of personal details about yourself, you’re not just connecting with your community—you're also supplying a rich trove of information to cybercriminals to use if they want to steal your identity. Something as innocuous as your pet’s name can be used to answer security questions, so consider making your social media profiles private to restrict access to that info.
2. Download Avast Secure Identity
Avast Secure Identity is the latest offering from global cybersecurity and privacy company Avast. It protects you by constantly and continuously monitoring places like social media and the Dark Web to immediately identify if your personal and financial information have been leaked. When it finds something, Avast Secure Identity informs you immediately so you can act or engage our certified protection experts.
Avast Secure Identity also offers credit report monitoring for one US credit bureau, lost wallet protection, white glove restoration, and identity theft reimbursement up to $1M. It quite literally protects you while you sleep, so that you rest easy knowing you’re safe.
3. Use strong authentication methods
Usually we say “use strong passwords” but, these days, passwords just aren’t enough. If you really want to protect yourself from identity theft online, the best way to do that is through multiple identity authentication methods, which is also called multi-factor authentication (MFA) or, sometimes, two-factor authentication (2FA). Sometimes that means a strong password plus a strong PIN; sometimes it’s a biometric sign-in, like your face or fingerprint; sometimes it’s a passkey generated by a third party. Whichever method you choose, remember that each login should be unique and, if it’s a password or PIN that you generate, hard to guess.
4. Stay away from free Wi-Fi
Like most things “free” on the internet, free (or public) Wi-Fi can come at a price. While it’s convenient to use, public Wi-Fi is, by its nature, open. That means anyone with the skills can hack into it to steal the information that’s being sent over the network, including usernames, passwords, security question answers, birth dates, financial information, etc. So, if you absolutely have to use a free Wi-Fi network, just make sure to protect yourself with a virtual private network (VPN).
5. Keep an eye on your bank statements
One of the best ways to spot identity theft before it gets out of control is simple: Periodically look at your bank statements and see if there’s anything funky going on. If you find an unauthorized charge, report it at once to your financial institution so that they can shut down the avenue through which the cybercriminal drove in. Many financial institutions are also insured, so there’s a decent chance you’ll get your money back, especially if you catch the problem quickly.
6. Educate yourself about phishing methods
Phishing is when cybercriminals use social engineering techniques to get you to give up your personal information willingly. That can look like posing as your boss, for example, and asking for an “urgent” document or pretending to be a loved one in distress. Educating yourself about phishing methods so that you can spot them when they happen is a great step toward protecting yourself from identity theft.
Identity theft is a real, prevalent problem for pretty much everyone these days. But, with a little know-how and some technical tools to back you up, you can avoid ending up in John Smith’s situation.
*Name changed from another very common name in order to protect the person’s identity, obviously.