From banking and shopping to job-hunting and even medical matters, our lives are increasingly conducted online—unintentionally creating troves of personal data for cybercriminals to potentially exploit. Between 2018 and 2020 alone, the number of reported identity fraud cases more than tripled.
The number of identity fraud cases more than tripled in just two years as cybercriminals found new ways to exploit consumer data.
Source: Federal Trade Commission.
"The question is, What are you going to do to keep thieves from capitalizing on your data?" says Lisa DeVos, director of financial crimes risk management at Charles Schwab. "Because there's a lot you can do."
To protect against new accounts being opened in your name:
- Initiate a credit freeze: Start by placing a freeze on your credit report with each of the three credit bureaus—Equifax, Experian, and TransUnion—which makes it much more challenging for cybercriminals to open in your name a new account or loan that requires a credit check. Should you need to apply for credit in the future, you can temporarily lift a freeze using a password or personal identification number. "Consider freezing your kids' credit reports, too," Lisa says. "Children may be more alluring targets for criminals because parents don't typically review a minor's credit history as often as they do their own."
- Request fraud alerts: You can place a fraud alert with any one of the three credit bureaus, which must then instruct the other two agencies to do the same. This option, which you'll need to renew annually, requires businesses to verify your identity before opening a new line of credit in your name. "This is particularly beneficial as a means of protection if you already know your data has been exposed in a breach," Lisa says.
To protect the accounts you already own:
- Enroll in multifactor authentication: Keeping your login credentials safe is a key step in protecting your accounts from unauthorized access. Consider adding multifactor authentication—a two-step process that requires a unique code sent via email or text each time you attempt to log in to a given account. "Many financial firms already require it when accessing accounts from unfamiliar devices," Lisa says, "and many more offer it as an optional precaution in all instances."
- Monitor account activity: Although most firms offer security alerts, you should still regularly review your financial accounts for fraudulent activity. "No algorithm is as good as you at spotting suspicious behavior," Lisa says.
"With identity fraud on the rise, it's important to do whatever you can to shield your sensitive information from criminals," Lisa says. "Fortunately, just a little bit of protection can go a long way."