Prevnting Identity Theft

Identity theft is the fraudulent acquisition of another person's personally identifiable information, usually for financial gain such as applying for credit cards and loans, or to provide false information to police or healthcare providers.

In 2012 approximately 16.6 million individuals, or 7 percent of all U.S. residents age 16 or older, experienced at least one incident of identity theft, according to the U.S. Justice Department's Bureau of Justice Statistics.

Financial losses due to personal identity theft in 2012 totaled $24.7 billion – $10 billion more than the losses attributed to all other property crimes measured in the Bureau's National Crime Victimization Survey.

Fortunately, the Bureau of Justice Statistics findings contain positive information even for those who have fallen victim to identity theft. It is possible to successfully resolve the financial and credit problems that result from this crime. The majority of victims were even able to resolve these issues in less than one day, once they became aware of the crime and took concrete action.

By knowing how to prevent identity theft – and knowing what to do if it happens to you – you can save yourself financial difficulty and emotional distress.

How does identity theft happen?

You can be exposed to identity theft when your personal information – such as a credit card number, Social Security number, or password – falls into the wrong hands.

This can happen through a variety of methods including:

Physical Theft: Physical theft of a credit card, insurance card, driver's license, or other document with sensitive personal information.

Phishing: Phishing and social engineering scams seek to fool you into giving away your sensitive information, or fool you into clicking a link that will download spyware onto your computer. Never act on any email, text message, pop-up window, or other electronic communication that asks you to provide your personal information, click on a link, or open an attachment. Scams like these often mimic the legitimate emails that might be sent by a bank, utility company, or a government agency.

Malware: Spyware and other forms of "malicious software" silently invade victims' computers in order to gather personal data such as passwords, bank account information, or credit card numbers. Malware may spread across computer networks, through emails, or via phishing scams that fool their victims into clicking on innocent-seeming links or attachments. You can protect your computer by installing virus protection software, and keeping it up to date. Many virus protection programs offer automatic updates. You should also use a firewall to block unwanted data from entering your computer. It is also a good idea to use a variety of smart passwords that a hacker cannot easily guess. Finally, if you use a wireless router or file-sharing system, be aware that they may leave your computer vulnerable to hackers. Refer to your user's manual or ask your Internet service provider for information on how to secure these systems.

Unsecured Websites: If you must provide personal information over the Internet, such as when making a purchase online, first make sure the website is legitimate and make sure it is secure. A secure website uses encryption to protect the information you will transmit online. The two elements that indicate a website uses encryption are the image of a closed padlock, and a URL that begins with "https" rather than "http." Beware that hackers may be able to create malicious websites with fake padlock icons. The best way to make sure a website is trustworthy, is to call the company directly and ask questions.

Fraudulent Websites: Fraudulent or "spoof" websites are designed to look like legitimate websites for shopping, obtaining information from a utility company, or some other purpose, in order to trick you into entering your credit card number or other sensitive information. The best way to know whether a website is legitimate is to call the company or government entity with which you intend to do business, and ask about the website in question. One sign that a website may be a "spoof" is an inaccurate web address, such as a slight misspelling of the actual company's business name. If a link to the website appears in an email, hover your mouse over the link to make the web address appear. "Spoof" websites also may include poor spelling and grammar, and poor-quality graphics with low resolution.

Improperly Discarded Devices: When disposing of an old computer, whether you recycle it, donate it, or give it to a friend, you must take extra steps to permanently wipe all information form the hard drive. Your computer may include insurance and banking information, tax records, health records, account numbers, and passwords. Simply deleting this data or moving it to the "trash" will not make it permanently disappear. Use a "wipe" utility program to overwrite the computer's memory. Smart phones, tablets, and other devices also may contain sensitive data; be sure to follow the manufacturers' instructions on how to permanently wipe their memories. Some manufacturers may provide information about how to properly dispose of hard drives, or provide free services to dispose of them for you. (The New Jersey Department of Environmental Protection's New Jersey E-Cycle site offers information on the State's free, environmentally sound recycling program for computers and other devices).

Data Breaches: This refers to the theft or accidental release of personal information – for example, when hackers invade a company's computer system to steal credit card information from its customers. Businesses are required to promptly inform affected customers and law enforcement if a data breach takes place.

If You Become the Victim of Identity Theft

The good news is that you can regain control of your identity, credit, and finances, even if you have become the victim of identity theft.

The Division of Consumer Affairs recommend​s the following actions if you know or suspect that you have been exposed to identity theft: