First, watch this video by Becky Worley of Yahoo's Upgrade Your Life to see just how easy a talented hack can ascertain your information ... then beware of ever joining a "public free Wi-Fi" spot!
Her write up can be found here.
More recently, my former marketing professor, Ken Homa, from Georgetown University wrote a couple of interesting posts about his experience and close calls with identity thefts.
His personal account is enough to make anyone nervous, and he then provided some great tips, which I have included below.
- Take this privacy stuff and ID theft seriously. If it happened to me, it can happen to you. My view: not a matter of “if”, it’s a matter of when. This is an instance when an ounce of prevention really is worth a pound of cure.
- Tighten-up user IDs and passwords. If you use common User IDs (e.g. your name), it’s like shooting fish in a barrel for hackers. Similarly, simple passwords are easy to crack. Use letters & numbers, caps & lower case, special characters. Be as random as possible – e.g. don’t just cap the first letter. Strong passwords aren’t unbreakable to pros, but can hinder the amateurs. If you’re not yet a believer, see Gotcha: How long does it take to hack a 16-character password?
- Hold the phone. Mobile is the weakest link in the security system … by its general nature … and because people are lax re: cell security. My take: Any and all mobile transactions open you up to trouble. Do your banking via your smart phone and you’re asking for trouble.
- Subscribe to an ID theft tracking service. They’re a relatively cheap insurance policy. They don’t catch everything, but I’ve been impressed with what they detect and how quickly they report what they find – essentially real-time. And, while they don’t fix the problem, they can usually point you in the right direction.
- If hacked, immediately place a fraud alert with the credit bureaus (Equifax, TransUnion, Experian). Easy to do online – just go to any of their sites – if you notify one, they notify the others. Fraud alert lasts for 90 days. During that time, there are extra levels of scrutiny – including a phone call to you – if somebody tries to dink with your accounts or apply for credit in your name. Extra bonus: when you place a fraud alert, you get a free copy of your credit report. Note: you can place a 90-day fraud alert proactively … even if you haven’t been subject to suspicious activity.
- File a police report. Just call a local station and ask how to do it. In my case, an officer was promptly dispatched to my house. He was courteous, and efficient. The entire process took only a few minutes. Armed with a police report number, you have the option to extend the fraud alert for years, not just months.
- Read your account statements. Don’t just glance at them and throw them on a stack. Scan for unusual transactions, and check your credit max and current balance – if either move unexpectedly, figure out why. Note: Sometimes crooks will hack in and simply shift your credit line to a different (new) card within the account.
- Heads-up when you complete a big, extraordinary transaction. I don’t know how or when the bad guys got my info, but I have some suspicions.