6 ways to protect yourself from online identity theft and fraud
Identity theft involves using someone else’s personal information to impersonate and often steal from them. It’s a type of fraud, and people who commit identity theft can use the data to do a number of things:
- Draining bank accounts or credit cards.
- Opening new accounts or lines of credit.
- Applying for loans or utility services.
- Stealing superannuation, tax refunds or other financial benefits.
- Pass on your insurance information to medical billing officers.
- Tapping into emails to find out confidential information.
- Pretending to be that person on social media, dating sites or apps.
While identity fraud has been happening for decades, it’s becoming increasingly common. We live in a digital world, and many of us communicate with individuals and companies online, meaning the internet hosts a lot of our data in one way or another. This can make it easier for fraudsters to access your personal and sensitive information and potentially pose as you and steal your identity.
Here is the lowdown on identity theft protection and what to do if you’re a victim of identity theft.
How to protect yourself against identity theft
To combat identity theft, follow these best practices for safeguarding your personal information.
#1 Use strong and unique passwords
Cyberthieves count on you using the same password across multiple devices and accounts. The issue? If they crack one password, they can get an all-access pass to a lot of your personal information. One of the best ways to improve your cybersecurity is by creating complex passwords for every single account you use — you can use a password manager to help you come up with and store your passwords so you don’t need to memorise them.
When thinking of passwords, avoid using basic details like your birthdate or kid’s or pet’s name. Chances are, if a cybercriminal was to scroll through your social media profiles or online presence, they’d be able to piece this information together. Instead, make your password as random and obscure as possible, and include a mix of uppercase and lowercase letters, numbers and symbols. While you’re at it, opt into two-factor authentication (2FA) if it’s available.
Top tip: Be sure to password protect your smartphone and tablet as well. If you happen to lose those devices, you want to make it difficult for someone to access the data contained within them.
#2 Be aware of phishing scams
Many cases of online identity theft can be traced back to phishing scams and other social engineering tactics. Phishing emails appear to be from trusted or legitimate sources, and try to inspire you to take action by clicking on a link or downloading an attachment. For example, you might receive an email that looks like it was sent from your bank or credit card company telling you that your account has been compromised, and you need to log in to change your password. This is a trick to get you to hand over your account information or click on a button that will download malware onto your device.
Treat all emails carefully, and flag any suspicious emails as spam. In general, it’s a good idea to never give out personal or sensitive data over email, and to contact a company directly to verify whether an email is legitimate.
#3 Let software do the legwork
Identity thieves can strike at any time, so it’s worth investing in sophisticated antivirus software to protect against identity theft. Antivirus software offer a multi-layered defense and help to prevent a diverse range of cyber attacks. You can install either of these programs on multiple devices, including laptops and smartphones. Online fraud can strike anywhere, so it’s a good idea to also have mobile antivirus installed.
#4 Monitor your credit reports and financial statements
Credit identity theft is when a criminal uses your personal information — like a birthdate or tax file number — to apply for a new credit line. To stay on top of this type of identity theft, keep a close eye on your credit report. You can request a copy of your credit report from any of the major credit bureaus: Equifax, Experian and illion. If you see any changes to your credit score or activity you don’t recognise on your credit report (like new accounts), take action immediately by freezing your credit. Once you do this, no new credit files can be opened until you unfreeze your credit, which you can do if and when you want to open a new account, such as a credit card.
Along with tracking your credit report, read through your banking statements regularly. If you see a transaction you don’t recall, report it to your bank as soon as possible.
Top tip: Sign up for alerts from your financial institution. That way, you’ll get a text or email every time there’s a withdrawal or deposit on your accounts.
#5 Stay vigilant on public Wi-Fi networks
Connecting to public Wi-Fi at an airport, shopping centre or coworking space is a convenient and cheap way to access the internet, but it has its downsides. Security is the big one – since open Wi-Fi networks are unsecured, they essentially leave the door open to clever hackers.
If you need to hop onto public WiFi, use a Virtual Private Network (VPN) first. VPNs allow you to stay anonymous online, meaning cybercriminals can’t see your browsing activity. Even so, it’s a good idea to wait until you’re on a secure network to access sensitive sites or apps, like banking or your work email.
#6 Avoid oversharing on social media
Social media is a great way to share your life with friends, family and like-minded people around the world. But it’s easy to fall into the trap of oversharing and leave a trail of breadcrumbs for hackers who may want to commit identity theft. For instance, you might post your place of work or where you grew up, or have your email address set to public. A fraudster could then use this information to answer security questions and gain access to your accounts.
You don’t need to delete social media for identity protection, but consider setting your profiles to private and deleting people you don’t know or trust from your friends list.
What to do if you’re a victim of identity fraud
If you believe your identity has been stolen, take action as soon as you can. Change your account passwords, let your bank or financial institutions know and request a copy of your credit report. If the identity theft happened online, you can lodge a report through Australian Cyber Security Centre’s ReportCyber.
For advice on next steps, call IDCARE on 1800 595 160. This service offers free and confidential advice to Australians who have fallen victim to identity theft and other cybercrimes.