How to Protect Yourself from Online Fraud and Identity Theft

Identity Theft and Online Fraud

Nearly 12 million Americans were victims of online fraud and identity theft in 2011, according to a report by Javelin Strategy & Research, up 13% from the year before. While no one can totally prevent it, there are many things you can do to protect yourself from online fraud and identity theft.

What is Identity Theft and Identity Fraud?

According to the US Department of Justice, “Identity theft and identity fraud are terms used to refer to all types of crime in which someone wrongfully obtains and uses another person’s personal data in some way that involves fraud or deception, typically for economic gain.”

How Does Identity Fraud Happen?

Identity fraud was the number one consumer complaint received by the Federal Trade Commission in 2011. And of all the fraud complaints received by the FTC, 56% were forms of online fraud (43% via email and 13% via websites).

If you’ve ever received an email from a friend claiming to be stranded overseas and in need of money to get home, an offer from a widow who is looking for a kind, trusting person like yourself to give her your bank account information so she can deposit millions of dollars into your account for safe keeping, or if you’ve received seemingly official emails from banks,, or other financial sites asking you to provide them with your account or other personal info, you’ve probably been targeted for online fraud.

Here are a few of the most common examples of identity fraud:


Those suspicious emails you get that tell you you’ve won a contest, or that the company needs to verify personal information, or that a widow wants to send you a million dollars, are all examples of phishing – an attempt to get you to share your personal information like usernames, passwords, and bank or credit card account numbers. Many of these phishing emails also contain links that, if clicked, can put a virus on your computer to hunt for your sensitive data and send it without your knowledge.


Skimming is the theft of your credit or debit card information at the time you make a legitimate transaction. Skim artists get temporary jobs at restaurants, gas stations and hotels for the purpose of scanning the credit and debit cards of unsuspecting customers using pocket-size skimmers.  Thieves also put skimmers over the top of card readers on ATM machines and gas pumps to capture card info, and some add tiny cameras to watch customers type in their pin numbers. Then they print new debit or credit cards with your number and information on them or simply enter your information online to make purchases.

Unsecure Internet Connections

If you have an unsecure wireless internet connection at home, hackers in your neighborhood could use your internet connection to access personal data stored on our computer or network. Also, if use unsecure Wi-Fi hotspots at restaurants, hotels, etc. to access your bank accounts or make online purchases, hackers can monitor your transactions and capture your personal data.

Data Breaches

A data breach is the theft or unintentional release of private data (like individual social security numbers, driver’s license numbers, medical records, or financial records and account information) by people unauthorized to access or release the data. Data breaches often occur by someone hacking into a corporate network to steal sensitive data. But they can also occur by authorized or unauthorized employees who view or steal the information. As of October 9, 2012, the Identity Theft Resource Center has reported that over 9,000,000 accounts have been compromised in 324 data breaches affecting universities, web sites, financial institutions, health systems, and more.


Smartphone users are 33% more likely to be victims of identity fraud according to Javelin Strategy & Research due to “careless consumer usage.” How? We forget that when we make a call over a cell phone, or send a text or email, someone else may be listening or may be able to access that info. Also, malicious smartphone apps can steal sensitive information that is stored on your smartphone and send it to identity thieves without your knowledge.

What Can You Do to Prevent Identity Fraud?

While no one can prevent all identity theft and fraud, but there is a lot you can do to protect your identity and private information.

  1. Check your financial accounts regularly. The sooner you notice something out of the ordinary and report it, the better.
  2. Install a firewall and anti-virus software to protect your computer and personal information, and update them frequently.
  3. Update your operating system and web browser software regularly.
  4. Secure you wireless home (Wi-Fi) network by enabling encryption.
  5. Be wary of emails that urgently implore you to click on a link to update your account information, use a generic greeting like “Dear Member,” have misspellings or use poor grammar.
  6. Do not click on any links or attachments. You can often spot a fake email by hovering over the links and checking whether the URL actually leads to the website of the business or, in a scam email, to a third party site.
  7. Delete suspicious email from your computer completely and be sure to empty your “trash can” or “recycling bin,” as well.
  8. If you did click on a link, run your anti-virus software’s full system scan feature.
  9. If you’re not sure if an email is legitimate or not, contact the company directly to verify, or visit their web page by typing in their web address (instead of clicking the link provided in the email).
  10. Protect your passwords by keeping them in a safe place. Your passwords should have at least eight characters and should contain numbers, symbols and letters. Create different passwords for each online account that you have, and use an online password manager like Roboform to remember them all.
  11. Use cash more instead of debit or credit cards.
  12. Never give personal or financial information to unsolicited callers.
  13. Use a good debit card as a credit card so you don’t have to enter the pin number.
  14. Never access your financial accounts or purchase anything when using an unsecure public Wi-Fi connection.
  15. Protect your smart phone by adding a password lock, enrolling in a data wiping program that can be accessed from a computer if you lose your phone, and downloading apps only from trusted app stores.
  16. Enroll in an identity guard service like LifeLock for as low as $10.00 per month, to monitor access to your personal and financial information.

What Should You Do if You are a Victim of Identity Fraud?

Don’t think you’re at risk for identity theft or fraud? Think again. My wife and I have been victims several times over the last three years:

  • My wife’s purse was stolen at a restaurant in Miami Beach, Florida the day before we were to embark on a cruise. She lost her driver’s license, debit card, iPod, and all of our cash for the cruise. Gratefully, our passports were not in her purse!
  • My corporate credit card number was stolen during the middle of an 8-day business trip. The credit card company said it was likely due to a skimmer at a hotel.
  • Our home was broken into while we were on vacation two summers ago and our computers were stolen. Our tax returns, financial accounts information, and other private data were stored on those computers.
  • My wife’s debit card number was stolen two months ago. Again, it was likely due to a skimmer.

Here are three things you should do right away if you think you are a victim of identity theft or fraud:

  1. If your purse or wallet are stolen, or home has been broken into, contact the police. If you need to file an insurance claim, they will need your police report number.
  2. If your financial accounts have been compromised, immediately contact your bank or debit/credit card issuer to report the misuse and request a new card.
  3. Report the incident to the Federal Trade Commission (FTC) through their ID Theft Clearinghouse at This will allow the FTC to identify patterns associated with the unauthorized transactions.
  4. If your data has been accessed through a data breach, consider subscribing to a credit-monitoring service, which is often is offered for free for a year by the company that had been breached.

What steps have you taken to protect yourself from identity theft and fraud? Leave a comment below!

FTC Disclosure of Material Connection: In order for us to maintain this website, some of the links in the post above may be affiliate links. Regardless, we only recommend products or services we use personally and/or believe will add value to readers. Read more here.

Add a comment
  1. I noticed you mentioned Roboform. My husband’s company has an app called Keeper Password & Data Vault that enables you to create high-security passwords and access your records anywhere, anytime. It has over a million downloads and is available for iPhone, iPod, Android, Blackberry, Windows Phone, iPad, Android Tablet, and Amazon Kindle Fire.

  2. Wow! I have been lucky. I can’t believe you and your wife have run into so many occurences. I have to say sometimes by being old school with cash is the way to go. Also, trying to put as making hurdles in a spammer/phisher/other’s way with secure wi-fi etc. Thanks!
    I’m sorry that you had a bad experience in Miami. I’m based in Florida. However, I’m glad you got to experience a cruise out of Miami. They are fabulous.

    • Brian, thanks for your comment. We try to get to Florida once each winter. We especially love Miami Beach, but I really want to get back to the Keys…I went there as a kid when my aunt and uncle lived on Marathon Key and would love to take my wife to Key West. We celebrated our 20th anniversary earlier this year and I’m hoping to take her on a cruise sometime this winter. I’m keeping my eyes open for a great last minute deal. And we’re going with our kids and my wife’s entire family again in 2014.

  3. Thanks for the post. Very thorough. One of the challenges it highlights however is how complex this whole issue really is.

    We’re impatient Americans (for good or ill). What one thing would you suggest for people to execute?

    I know there isn’t a silver bullet. It’s naive and foolish to think there is. But what’s the closest thing? What’s the one thing everyone should do today?

  4. JP, thanks for your comment! Here are the top two things I’d recommend: 1. Watch where you surf online, what you click, and where you give your credit card info, and 2. Keep a close eye on your accounts so that you can respond quickly if you find fraudulent transactions.

  5. Great article. If it hasnt already been mentioned freezing your credit is also a very good way to protect yourself.

  6. James Corbin

    Under “Smartphones”, you said, “”We forget that when we make a call over a cell phone, or send a text or email, someone else may be listening or may be able to access that info.” Of course, this applies to any cellphone, smart or not. I also suspect that this method of identity theft is very, very small. I suspect most of it on smartphones comes from malicious smartphone apps, but again we don’t have any numbers.

    Under “What Can You Do to Prevent Identity Fraud?”, you list a number of ways to help prevent ID fraud. One is to “Use a good debit card as a credit card so you don’t have to enter the pin number.” A criminal who gets your debit card number can do the same thing. My thought is to not use a debit card at all. Your protections are much less than a credit card since your bank account can be wiped out much easier. I traded in my debt card for a regular ATM card and charge items on a credit card or pay cash. I then go online and transfer money from my checking account immediately to the credit card. Also, you mention to “Enroll in an identity guard service like LifeLock for as low as $10.00 per month, to monitor access to your personal and financial information.” I’m surprised that you would recommend LifeLock considering all the trouble they got into by false advertising. Remember their CEO that was showing his Social Security Number to the world? Well, it turns out that he was a victim of identify theft at least TWICE because of that. The company also made claims of what they could do which were false. I would recommend any company OTHER than LifeLock. I have been using ID TheftSmart for free since my credit union had a data breech. They have been very low key and monitor my credit for unusual activity, etc. They send me an email once a month telling me that during the previous month nothing unusual was detected, etc.

    • James, thanks for sharing your comments and tips! I mentioned LifeLock because I think it is the best-known identity guard company, but perhaps I should have mentioned some of the others by name as well.

      Yes, LifeLock had some troubles and faced some fines a couple of years ago, but I think it is rebounding positively in the face of the increased public scrutiny. Also, LifeLock just went public last month on the NYSE (its ticker symbol is LOCK), which opens itself up to more scrutiny.

      Thanks for sharing your experience with ID TheftSmart. I will check it out. :)

  7. Most identity thieves will want to apply for new credit at a new address. That way the credit card with a validation sticker does not arrive in the mailbox of the unsuspecting victim, it appears in the mailbox of the thief.

    People should get copies of their credit reports and look for any recent changes of address that are incorrect.

    • Kevin, thanks for your comments! Great point about checking credit reports for any incorrect address changes. Years ago, some of my dad’s credit info started appearing on my credit report. We share the same first name but not the same middle name. My oldest son shares my first and middle name (he is a “junior”) so I’ll be interested to see if any of that happens between me and him too.

  8. These scammers usually provide offers that are tempting enough for us to provide the info they need. They are actually becoming more creative and detailed especially on the letters they send on emails. I usually avoid anything that requires information out of the ordinary. Thank you for the tips, I will keep them in mind.

  9. always getting fraud emails related to lottery.

Add a comment


Name: Your best email address: 5 subscribers No spamming ever. Unsubscribe at any time. Email Marketingby GetResponse