This past month Experian released a survey about identity theft.
Some of their findings were pretty surprising, so we talked with Experian Vice President of Identity Protection Michael Bruemmer to understand what the average consumer is thinking and why identity theft remains a problem when there seems to be solid awareness among consumers.
Here’s a quick overview of 2017 identity theft facts that Experian found when they talked with 1,000 consumers 18 and older:
- 84% of consumers are concerned about people taking their personal information
- 64% of consumers think it’s too much hassle to actively protect their identity
- 52% think “it’s not very likely” they’ll be hit with identity theft
- 72% said they think thieves are only interest in rich people’s information
This data represents an interesting national mentality about identity theft. Most Americans know it’s a problem but most of them believe it will either end up being someone else’s problem or it’s not worth the work to protect themselves.
Why Don’t Consumers Want to Do the Work to Protect Themselves From Identity Fraud?
With so many people aware of – even concerned about – identity theft, we found it pretty fascinating that a majority of us are just plain lazy about taking action to protect ourselves.
We asked Michael Bruemmer why this was the case.
“I don’t want to comment on society in general, but I’ve used the example before that for those people who haven’t been exercising,” Bruemmer said. “They think it’s hard to get in the routine, but even some of the simple stuff – walking, swimming, biking – that still is a way to get off the couch.”
In other words, while you do have to be savvy about security measures, taking the first step can go a long way in building habits that can keep your information safe.
Why Do Consumers Think Only Rich People Get Their Identity Stolen?
The thought is that rich people have money and identity thieves are after money. So, they steal information – credit card numbers, social security numbers and names and addresses.
However, it’s not just the rich who are victimized because, Bruemmer said, everyone has information worth buying and selling.
“As soon as you are born and in diapers in the hospital, you get in your information packet an application for a social security number. So, within weeks, you’ll have your first bit of really important information,” he said.
And, in that sense, you’re fair game for criminals who buy and sell personal information.
“It doesn’t matter how old you are, how much money you have or what ethnicity, if you have a social security number, address and any other information, that info can be used to make transactions,” Bruemmer said.
What Happens to Your Information When It’s Stolen?
According to Bruemmer, this past year 15.6 million people reported that they had their identity stolen.
“It’s the number one consumer complaint to the FTC for the last 14 years,” he said. “At Experian last year, we serviced about 24,000 individuals that had issues of identity theft.”
Where does that information go? Plenty of places, but one of the areas where information is bought and sold, Bruemmer said, is the Dark Web, a black market for all kinds of illegal stuff, including personal information.
“What we often see is these sites selling bits of stolen information on the Dark Web and they create a synthetic identity that uses information from multiple people,” Bruemmer said.
Synthetic Identity Fraud: A Growing Problem
According to a 2015 article from ABC News, synthetic identity theft “accounts for 85 percent of all identity fraud in the United States” and costs consumers around $2 billion every year.
That same news story goes on to say that a common form of synthetic identity creation is what’s known as a nine-digit CPN, or “credit profile number’, which is marketed as a sort of fresh start for consumers.
Basically, the article’s sources said, scammers tell you a CPN is like a new social security number, and with it you can apply for credit without having your name associated with your previous credit history.
However, ABC pointed out, some scammers will use the social security numbers of children for their CPN’s. Customers purchase the CPN without even knowing they’ve stole someone’s identity.
In a 2017 press release, the United States Attorney’s Office Northern District of Georgia said that synthetic identities are “one of the fastest growing forms of identity theft in the United States.”
How to Protect Yourself from Identity Theft
The statistics are clear: Consumers seem to be less willing to protect their identity as identity-related crimes continue to be a problem.
Experian’s press release about their survey includes an excellent quote from Brummer about our confusing concern and lack of action.
“Consumers seem to be tuning out rather than tuning in,” Brummer was quoted as saying. “Nothing replaces an individual’s active role in identity protection, but there are products … that help consumers increase their awareness and provide tools enabling quick response to potential fraud.”
We wanted to get Experian’s advice about practical things consumers could do to protect their identity, so we asked Bruemmer for a few tips.
1. Keep an Eye on Your Bank and Credit Accounts
With everything being automated and run through apps these days, it’s easy to go on financial auto-pilot and not be vigilant about checking your accounts on a daily or weekly basis.
However, Bruemmer said, identity protection is all about vigilance.
“It starts with simple stuff,” Bruemmer said. “You should always monitor your transactions. Many banks and credit card companies give apps that show transactions in real time.”
He went on to point out that many banking/credit card apps have alert features that let you get a notification when a transaction over a certain amount is made on your credit or checking accounts.
For example, Chase gives you 22 options for alerts. There are five listed in the “Protection and Security” category for checking accounts:
- Outgoing wire transfers
- Incoming wire transfers
- ATM withdrawals
- External transfer
- Debit card transaction
Their credit card alerts also have the Protection and Security category of alerts:
- Individual transactions
- International charges
- Online, phone or mail charge
- Gas station charge
Setting the alert is simple: You choose the dollar amount that will trigger the alert and how you want to get the alert: email, push notification, Android notification or text.
So, you can tell Chase to send you a text alert if there are any outgoing wire transfers over $25. You can change the dollar amount to as low or high as you want.
2. Check Your Credit Report at Least Three Times a Year
The next tip Bruemmer gave us is also very practical: check your credit report on a regular basis.
“You can pull your free credit report one time a year from each of the three bureaus on annualcreditreport.com,” Bruemmer said. “We recommend you pull one at the end of the first third of the year, the second report in the second third and the final report in the final third of the year.”
Checking your report three times a year is a good start. If you want to do it more often – say, weekly – Credit Karma is a great option because you get free, year-round access to your TransUnion and Equifax credit reports. Also, the scores and your credit history are updated weekly.
The only drawback is that you don’t get access to your Experian credit score, which is why it’s nice to get a free Experian report from annualcreditreport.com.
While nearly all of the information about new accounts is the same across all three credit bureaus, there could be some variation. If you’d feel more comfortable seeing your Experian report on a weekly or daily basis, you’ll have to sign up for a paid credit-access/credit-monitoring service from Experian.
3. Use Long, Unique Passwords
What’s the easiest way to remember all your passwords? Having the same passwords for all your accounts.
“Most people get into trouble when they use their same password for their bank account and use it for their online shopping accounts,” Bruemmer said.
While having repeat passwords may not guarantee that your accounts will be hacked and your identity stolen, it certainly makes it easier for crooks.
When you’re generating your unique password, make sure that it’s a little more formidable than just 1234, Bruemmer said.
“Make sure you’re using long alphanumeric multiple character passwords,” he said.
Bruemmer said that passwords should contain between 12 and 15 digits, numbers or symbols.
In our article, Password Security Best Practices, we give a few additional tips, too:
- Don’t use a real word as a password
- Start your password with “www.” and end it with “.com”
- Use a password generator (Google offers one in Chrome)
- Use a password management tool
Our favorite tip here is sandwiching your password between “www.” and “.com”. According to experts with whom we spoke, adding those two combinations to the beginning and end of your password can make life difficult hackers.
Going with the example we used in our password article, adding the URL phrases in front and at the end of “ilovebatman” can turn a one-day hacking job into a two-lifetime hacking job.
Identity Theft Facts 2017: Our Final Thoughts
Identity theft affects more than 15 million Americans every year. As time goes on, theft techniques get more complex and pervasive.
Despite the growing threat and even a strong concern about protecting personal information, consumers are still apathetic toward actionable solutions to protect themselves.
While more than 80% of us think identity theft is a real threat, 64% say that they don’t take the time to actively protect their personal information. A lot of this has to do with the fact that consumers see identity protection as a time-consuming effort, time that they don’t have.
Nearly three out of every four consumers believe that identity thieves are after the rich. As we found out, that isn’t true. Just a single piece of personal information can be meshed together with other single pieces of info to create a synthetic identity.
The best way to keep an eye on your financial life and identity is to:
- Be vigilant with your financial accounts
- Sign up for banking and credit card alerts
- Check your credit report every week
- Make sure you have a long password designed to thwart hackers
We’re not saying that using all these techniques will prevent all hacks, but we do believe the simple practices can greatly reduce the risk of someone stealing your personal information.
Additional resources on this topic:
- How to Develop Your Digital Literacy Skills
- Gift Card Scam Robs Money from the Buyer and Receiver: Don’t be a Victim
- How to Get Your Money Back If You Were Scammed Online