Identity Theft: What to do since your identity has already been stolen

You may have missed it, but last week was the Federal Trade Commission (FTC) ?Identity Theft Awareness Week, January 27 to 31.? The goal of Identity Theft Awareness Week is to provide information on the best practices you can put into place to avoid being a victim of identity theft.? Over time, the FTC awareness programs, along with others, seemed to have worked. ?The FBI, in the 2023 Internet Crime Compliant Center (IC3) report, listed Identity Theft as one of the few classes of Internet crime that decreased from previous years.? For example, the number of internet crime complaints classified as identity theft in 2021 was 51,629, in 2022 was 27,922, and in 2023 was 19,788.? This represented a decrease in loss from 2021 at $278,267,918 to $126,203,809 in 2023; by both measurements’ identity theft has been more than halved in three years.

This is all good news to all but cyber criminals.? However, the risk of being a victim of identity theft is persistent and is one that will not go away over time.? The reason is that for most people, their personal information, through any number of breaches, has been compromised and is in criminal cyberspace.? This means your social security number, date and place of birth, addresses, etc., are posted on the internet somewhere.? This information may paradoxically be good to some degree.? It has been stated that the best way to protect a network or information system is to assume the security has been breached and act accordingly.? As with identity theft, the best advice may be to consider your personal information compromised, so be proactive and act accordingly.?

From the FTC Identity Theft website and others, there is a consistent message on how to act and how to protect yourself from identity theft.? The message is a set of best practices, no matter whether your personally identifiable information (PII) has been compromised or not.? One of the most important practices is to freeze your credit.? This is a free service provided to you by the three major credit reporting bureaus (TransUnion, Experian, Equifax), and if you need to, you can unfreeze your credit.? Criminals use your identity and good credit to take out cash loans, obtain credit cards, buy property and cars, engage in medical fraud, etc.? When you freeze your credit, there is no access to your credit information, and it is almost impossible for anyone to use your identity to engage in a credit transaction.? The second point is to freeze the credit for all members of your family, even children.

Related to freezing your credit is to monitor your credit; under the Federal Consumer Reporting Act (FCRA), consumer credit reporting companies are required to provide you with a copy of the information they report.? As a consumer, you are entitled to a free credit report once every twelve months from each of the three credit reporting bureaus. You will need to request a copy from each bureau, and your request will not impact your credit score.

Practice financial vigilance and awareness. ?One of the ways people are compromised is through scams.? In all scams, there will be a call to action, meaning that at some point, there will be a crisis, and you need to approve something or provide information.? Examples are: (1) the IRS with the police going to your home to arrest you for something or (2) there is a too-good-to-be-true offer, and if you take the offer you will make millions or if don’t you will not lose millions. ?These scams first appear innocently enough on your cell phone, in email, or you run across them online.? After contact with the scammer, there can be an immediate call to action, or the scam can take months to unfold.? The irony is that in the physical world, most people do not engage with or trust strangers. Not many would invite people they never met into their home and let them roam around. However, in cyberspace, they will let strangers into their homes, give the stranger money, or provide personal information (PII) that is used against them.? To secure your identity, don’t trust anyone from cyberspace.

Use multifactor authentication (MFA) for everything.? The purpose of MFA is to validate your identity; this is a process that requires you to provide another form of authentication.? This can be sent through a code to something you have, such as your cell phone or email to your registered email address.? Even if someone has compromised your login credentials, they would not be able to access your account because they do not possess your phone or have access to your email account.? It is these additional factors of authentication that provide multiple layers of security.

Use long and complex passwords. There are two considerations in password security: length and complexity.? The longer the password in character count, the longer it will take to crack the password, and a long and complex password is less likely to have been used before.? Complexity refers to the requirement for multiple types of characters, numbers, letters, and special characters.? A consideration is to use the more obscure special characters; the goal in passwords is to be unique and have a password that stands alone, one that has never been used.

Identity theft is the use of your identity by criminals to make money for their enterprise.? The effects can be catastrophic.? This can destroy your credit, cause untold hours of frustration, and cost you time and energy to contain and repair the damage.? You need to consider that for any number of reasons, your personal and credit information has already been compromised.? The best advice is to be proactive and secure your credit, freeze your credit, and do not ignore your credit health.