The good news is that ID theft is on the decline. The bad news is that ID theft still affected 8.1 million Americans last year, according to Javeline Strategy and Research, down 3.6 percent from 8.4 million in the previous year's study. The average amount of ID theft last year was about $5,500 for a total of $45 billion.
Five steps are recommended for preventing ID theft when online:
1. Do not fall for a phishing e-mail. Using e-mail or phone calls to pose as a trustworthy organization in order to coerce sensitive information from victims is on the rise. According to a survey for Gartner, Inc., 3.6 million U.S. adults lost money in phishing attacks in the 12 months ending in August 2007, as compared with the 2.3 million who did so the year before. The amount of money lost totaled $3.2 billion. Phishing e-mails can look legitimate with graphics and official logos of banks, government agencies, or credit card companies. The e-mails usually include hyperlinks that direct the victim to a Web site designed to install viruses and malware or solicit bank account or Social Security numbers. In order to prevent ID theft through phishing e-mails, computer users should completely delete unsolicited e-mails from banks, credit unions, investment firms and government agencies with which they do not already have an established relationship. If the recipient does have an existing relationship with the supposed originator of the e-mail, call the organization to confirm whether or not the e-mail is legitimate before taking any further action.
2. Create strong passwords and protect them. Developing a habit of regularly changing passwords makes it much more difficult for ID thieves to steal personal information. Some passwords, however, are stronger than others. Attributes of a secure password include a combination of numbers, capitalized letters and even symbols. Consumers should never use sensitive information for a password such as their Social Security number, mother's maiden name or birthday.
3. Be safe and secure when on the go. Computer users on the go should be wary of entering passwords or sensitive information into a computer that is not theirs, such as at an Internet cafe, library, computer lab or airport kiosk. Wi-Fi networks, either on the road or in the consumer's own house, present, even more opportunities for ID thieves. The easiest way to protect a Wi-Fi network at home is to not broadcast the Service Set Identifier. More information on this is available at www.us.bbb.org. A safe rule of thumb is to avoid exchanging sensitive information through the Internet when using a public Wi-Fi connection and to. simply wait until a trusted network can be used.
4. Guard personal computers with anti-virus, anti-spyware, and firewall protection. Opinions vary, but the amount of time it takes for an unprotected personal computer to become infected with a virus or malware can range from four to 34 minutes. That is why a computer must have good anti-virus software, as well as anti-spyware and firewall protection. Also, many operating systems already provide firewall protection so users should always make sure this protection is enabled. After acquiring security software, users must keep the programs updated. Operating systems also require patches and other additional updates that computer users need to install in order to maintain security.
5. Only transfer information over a secure server. When it comes to giving out personal information online, consumers should only do so on a secure server. On a secure server, the information is encrypted as it is being transmitted; that way, others cannot read it if they should intercept it. Consumers should make certain they are on a secure server by checking the URL of the page when asked to give any personal information. An unsecured URL will look like this: http://www.###.com. A secure service will have an "s" either in front of or following the "http" and it will look like this: https://www.###.com or shttp://www.###.com.