How To Protect Yourself From Identity Theft in 2022

Share this:

In this article:

    Identity theft and fraud protection for your finances, personal info, and devices.

    Get Identity Guard

    Share this:

    Identity Thieves Are Everywhere

    From organized gangs running sophisticated phishing schemes to hackers leaking personal information on the Dark Web. But not all identity thieves are shadowy figures hidden away in far-away countries.

    An identity thief could be your neighbor, a family member, or even your mail carrier.

    This past December, a group of ten people — including USPS mail carriers — were indicted in an identity theft conspiracy [*]. Over a two year timeframe, the group stole more than 1,000 identities and credit cards, costing their victims $750,000 in total.

    That’s just one example among the 1.5 million identity theft reports that the Federal Trade Commission (FTC) received in 2021 alone [*].

    With so many scammers and hackers out there, how do you protect yourself from identity theft in 2022? The good news is that while identity thieves are becoming more sophisticated, there are simple steps you can take to secure your identity.

    17 Ways To Protect Yourself From Identity Theft

    1. Keep your Social Security number (SSN) safe

    Identity theft occurs when bad actors illicitly use your personally identifiable information (PII) for personal or financial gain. But there’s one piece of PII that identity thieves want most: Your Social Security number (SSN).

    Scammers use stolen SSNs to open fraudulent credit card accounts or take out loans in your name. They could also collect government support (like unemployment benefits) or commit workplace fraud.

    Identity thieves are constantly searching for new ways to steal your SSN. You should be especially careful of the following methods by which scammers can gain access to your SSN and ultimately steal your identity:

    • Taking your SSN card from your wallet or purse.
    • Looking through your mail or trash for bank statements, credit card statements, tax information, etc.
    • Sending phishing emails pretending to be from the IRS that ask you to “verify” your SSN.
    • Posting fake job ads and requesting your SSN as part of the hiring process.
    • Buying your SSN information from an inside source at a bank or lender, or off the Dark Web.
    • Pretending to be a family member (via phone or email) and asking for your information.
    • Tricking you into downloading malware that steals your sensitive information.

    Unfortunately, it’s not enough to protect your Social Security card from scammers. SSNs are frequently targets of major data breaches — with 65% of all data incidents in 2021 involving SSNs [*].

    How to protect your SSN from identity thieves:

    • Keep your Social Security card at home in a secure location.
    • Shred any physical documents that include your SSN (even those that just contain the last few digits).
    • Collect your mail as soon as you can — especially if you receive account statements.
    • Be cautious if anyone requests your SSN. Leave it blank on applications, and ask for verification as to why they need it and how it will be stored.

    2. Secure your mail, and opt for online statements whenever possible

    While a majority of identity theft incidents happen online, scammers can still find personal information in your mail. Recent reports show that mail theft was up by 600% in the past three years — especially as more people shop online [*].

    What can an identity thief get from your mail?

    Bank records, credit card statements, and other financial documents are the most commonly stolen pieces of mail. But fraudsters may also look for medical or business-related documents, too. They are on the lookout for anything that contains personal information like your SSN, birth date, and PINs.

    Watch this video from ABC News on an identity theft ring involving USPS mail carriers →

    In some cases, criminals can even reroute your mail to a different location using a change-of-address scam. This way, they can receive replacement credit cards, driver’s licenses, and more.

    How to protect your mail from identity thieves:

    • Collect your mail as soon as it arrives. If you can, install a lockable mailbox. And if you’re on vacation, place a hold on your mail with the post office until you’re back home.
    • Opt for online account statements — especially from your bank and other financial institutions. Pick up new checks or credit cards at the bank rather than having them sent through the mail.
    • Notify the USPS of address changes immediately. Be suspicious of change-of-address notifications you didn’t request.
    • Request signature confirmation for important mail, and install a doorbell camera.
    • Look for the warning signs of missing mail. If you haven’t received something you expected, report it immediately.

    3. Safeguard your Medicare number

    Identity thieves aren’t just after your financial information.

    Medical identity theft is a growing threat. It occurs when scammers use your stolen personal health information (PHI) to use up your health benefits, submit fraudulent claims to Medicare, or even get access to prescription drugs.  

    The USC Center for Elder Justice estimates that Medicare loses approximately $60 billion each year to fraud, errors, and abuse [*].

    Your Medicare number is a prime target for hackers who can sell it on the Dark Web for upwards of $1,000 [*]. That’s 500X more valuable than a stolen SSN.

    How to protect yourself from medical identity theft:

    • Safeguard your Medicare number and health insurance documents the same way you would your SSN.
    • Review your medical bills and Explanation of Benefits (EOB) regularly for false claims or errors.
    • Verify that you are enrolled in the right Medicare plans, and don’t switch from your current plan without proper support.
    • Report unsolicited calls that threaten to deactivate your Medicare card.

    4. Be vigilant about your tax returns  

    Tax season is scam season. Identity thieves use your tax information to file fraudulent tax returns and pocket the refunds. In 2020, the IRS flagged 5.2 million tax refunds for fraud, a 50% increase from 2019 [*]. Of those, about 1.9 million required identity screenings.

    Thieves steal personal tax information in a few different ways. The most common is stealing your personal data — like your SSN or W-2 — and filing a fake tax return on your behalf. They might also pose as tax preparers and steal your information instead of helping you.

    One recent tax scam to be aware of is the “IRS debt collector” fraud. In this scheme, criminals pose as IRS agents and trick preparers into providing refund amounts and bank account numbers.

    Then, after you’ve received a refund, they contact you posing as an “IRS debt collector” and demand you return the money due to an error. If you don’t, they’ll threaten criminal charges.

    How to protect your tax information from identity thieves:

    • Store tax documents securely. If you don’t receive your tax forms in January, contact your accountant to make sure the documents weren’t stolen.
    • Never give sensitive information over email, text, or social media. The IRS never contacts taxpayers in these ways.
    • Confirm any requests by calling the IRS toll free number: 800-829-1040.
    • Work with a trusted tax preparer. Ask for a Preparer Tax ID number and verify your preparer’s CPA status before providing your information. Make sure your preparer signs your tax return when you’re finished.

    5. Closely monitor your credit cards and bank account statements

    Credit card fraud was the second most reported type of identity theft in 2021, according to the FTC [*].

    This type of financial fraud happens when a criminal steals your credit card numbers to make purchases or obtain cash advances. It’s one of the fastest-growing types of identity theft and the most challenging to prevent.

    Identity Theft Types - FTC 2021
    Source: FTC

    If scammers gain access to any of your financial information, they can empty your bank account, rack up debt in your name, and ruin your credit score.

    How to protect your credit cards and financial accounts from identity thieves:

    • Regularly monitor your credit and bank account statements for signs of fraudulent transactions. Identity thieves often start small to “verify” that your card works (a scam called “carding”).
    • Be careful when shopping online. Verify the site you’re shopping on is secured with an SSL certificate. Don’t let websites “remember” your credit card or payment details.
    • Keep your cards safe in your wallet, and report stolen or lost cards immediately. Try not to keep too many credit cards other than ones you need and use regularly.
    • Go to AnnualCreditReport.com and request a free copy of your credit report from the major credit bureaus. Look for new cards or credit accounts you didn’t open, hard inquiries you didn’t request, and any other suspicious additions to your credit file.

    Pro tip: Credit monitoring services like Aura can automatically monitor your credit report, bank accounts, and SSN for you. You’ll be alerted about any suspicious activity including whether someone is using your identity to open new accounts or take on new credit.

    6. Use strong passwords and two-factor authentication (2FA)

    Passwords are your first and sometimes only defense against online identity theft. For example, if someone hacks your email account, they can request password resets for your bank or social media accounts.

    Shockingly, 66% of Americans use the same password for multiple accounts [*].

    Secure passwords are unique to each site. They’re also at least eight characters long and include a combination of uppercase and lowercase letters, symbols, and numbers.

    Unfortunately, even secure and unique passwords can get hacked or leaked in a data breach.

    For added protection, enable two-factor or multi-factor authentication (2FA or MFA). This is an added security measure that requires a special code or other authentication method in addition to your password. For example, a code is sent to your phone or you are asked to confirm fingerprint identification.

    How to protect your online accounts from identity thieves:

    1. Get a password manager. This is a smart piece of software that saves and manages all your passwords online. You only have to remember one password to access your online accounts on any device. Many password managers offer 2FA authentication by default, too.
    2. Use an authenticator app instead of SMS. Mobile apps like Google Authenticator or Authy generate a 6–8 digit code every 30 seconds. You can use the code to sign in to an account. Some apps may require a fingerprint, face recognition, or PIN for extra security.
    Identity Guard Dark Web scanner
    Hackers might already have access to your passwords on the Dark Web. Check to see if your accounts are at risk using Identity Guard’s Dark Web scanner.

    7. Don’t overshare on social media

    Social media identity theft is becoming more prevalent. Up to 30% of active social media users claim to have experienced identity theft [*].

    But there’s more at risk than a hacker taking over your social media accounts. The more you share on Facebook, Instagram, Snapchat, and other sites, the more information identity thieves can use to target you.

    Many people share personal information, location data, or even sensitive photos in social media posts without even realizing it.

    How to protect yourself from identity thieves on social media:

    • Switch your account settings to “private” so that only friends and family can see your updates. When your posts are “public,” anyone can view them.
    • Don’t fill out every section of your profile. Only include relevant information.
    • Try not to share location data or photos that show you’re away from your home in real-time. Criminals can use this to track your location or commit crimes while you’re not at home.
    • Make sure you haven’t posted anything that reveals your PII — such as your driver’s license or SSN.
    • Use secure and unique passwords for each account, and enable 2FA.
    • Regularly check your open sessions, and force any unfamiliar device to log out of your social media accounts.

    Read more: How To Protect Your Personal Information on Social Media

    8. Protect your devices from hackers, and avoid public Wi-Fi

    Wi-Fi networks are notoriously easy to hack — especially “open” ones in public places like restaurants and airports. Scammers can use a man-in-the-middle (MitM) attack to intercept any sensitive data that you send (i.e., your banking login and password).

    In one example, criminals stole $100,000 worth of Bitcoin from someone logged into a restaurant’s public Wi-Fi network [*].

    How to protect your devices and Wi-Fi from identity thieves:

    • Use a virtual private network (VPN) whenever you’re using Wi-Fi in public. A VPN encrypts your data so that even if hackers can spy on you, they won’t be able to see what you’re actually doing.
    • Install antivirus software to protect your devices against malware and warn you if you’re entering a potential phishing site.
    • Keep your devices and software updated. Hackers use vulnerabilities in outdated software to take over your device.
    • Never install apps outside of official app stores.

    9. Invest in identity theft monitoring and insurance

    Your identity today is more than a name and Social Security number.

    There are more ways than ever for identity thieves to steal your personal information. By some estimates, the average American owns 10 connected devices [*] and uses 100+ online accounts [*].

    Each of these — not to mention your SSN, bank account, driver’s license, and other PII — could be used for ID theft.

    It’s no wonder that 2021 was the worst year ever for identity theft — with nearly 1.5 million reported cases in the U.S. [*]

    FTC sentinel report on fraud
    Source: FTC 2021 Consumer Sentinel Report

    It’s unrealistic to think that you can monitor each account and every piece of PII for signs of identity theft.

    And you don’t have to.

    Identity theft protection services like Identity Guard provide you with an easy way to get continued peace of mind. Identity Guard has protected over 47 million customers and helped resolve 140,000 cases of identity fraud.

    With Identity Guard, you get:

    • Identity monitoring powered by IBM Watson® Artificial Intelligence.
    • $1,000,000 insurance policy covering eligible losses due to identity theft.
    • Data breach notifications.
    • Dark Web monitoring.
    • High-risk transaction monitoring.
    • Credit and debit card monitoring.
    • Risk management reports.
    • Social media insight reports.
    • Safe browsing tools.

    10. Be careful whenever you receive unsolicited emails, texts, or phone calls

    “Phishing” attacks are among the most common ways that scammers try to steal your identity.

    In these scams, criminals reach out via emails, texts, or phone calls — claiming to be from a government agency or company you trust. For example, you might receive a text from your bank claiming your account has been hacked and that you need to “verify” your identity.

    Example of a phishing text message claiming to be from Wells Fargo
    Example of a phishing text message claiming to be from Wells Fargo

    If you click on the link, you’ll be taken to a site that looks like your bank’s login page. But any information you provide — bank account numbers, password, etc. — goes straight to the scammer.

    How to protect yourself from phishing attacks:

    • Be suspicious of any unsolicited message claiming to be from a government agency. These groups will never reach out via text and won’t ask for sensitive information like your SSN over the phone.  
    • Look for the warning signs of a scam email such as misspelled email addresses and poor grammar.
    • Don’t click on links or download attachments from people you don’t personally know.
    • Use antivirus software with phishing protection.

    11. Check for new loans or leases in your name

    Recent data from the FTC cites lease and loan fraud as the fourth most reported type of identity theft, with almost 200,000 reports in 2021 [*].

    FTC sentinel report on identity theft
    Source: FTC 2021 Consumer Sentinel Report

    In this type of fraud, scammers use your identity to take out fraudulent loans — such as auto, business, personal, student, and real estate loans. They might also use your identity to lease a car or rent a home.

    In any case, they ruin your credit when they stop paying back what’s owed.

    Loan fraud is a symptom of larger identity theft. In order to take out fraudulent loans, a scammer needs access to sensitive information such as your SSN and bank account number.

    How to protect yourself from loan fraud:

    • Take advantage of free credit reports to check for loans you didn’t take out.
    • Set up a credit freeze or security freeze with the major credit reporting agencies. This requires any lender to verify your identity before giving you credit.
    • Watch out for messages or calls from debt collectors you don’t recognize and student loan statements for loans you never took out.
    • Sign up for a credit monitoring service to become aware of suspicious activity quickly.

    12. Be alert to SIM jacking

    It’s probably safe to say that your phone contains more sensitive information than your wallet or purse. This makes your phone a major target for identity theft.

    SIM jacking occurs when a scammer tricks mobile carriers into transferring ownership of your phone number to an SIM that the scammer controls.

    Then, once they control your phone number, all calls, texts, and other data are routed to the scammer’s device. This includes texts with one-time use authentication codes and 2FA. A hacker can quickly gain access to your email accounts, social media profiles, financial records, and bank account.

    In recent years, SIM jacking has increased by 400% [*].

    How to protect yourself from SIM jacking:

    • Keep track of your phone, and make sure you don’t leave it unattended when you’re in public. Secure it with biometric security like fingerprint or facial scanning.
    • Don’t use SMS for 2FA. Instead, set up an authenticator app like Google or Authy.
    • Don’t reply to suspicious texts, emails, or voice messages.
    • Contact your carrier and set a PIN or passcode on your account.

    13. Know the people you interact with online

    Beware of online interactions with people or companies you don’t know. These could include scammers targeting you with social engineering attacks.

    Social engineering is a type of phishing attack in which scammers build trust to obtain sensitive information. Also known as “human hacking,” fraudsters use psychological manipulation to trick you into making a security mistake which they then exploit for financial gain.

    For example, a scammer could create a pop-up ad that offers free games, downloads, or gift cards in return for filling out a survey. But when you click on the link, it infects your device with malware.

    How to protect yourself from social engineering attacks:

    • Slow down and verify whom you’re talking with online — especially if you find yourself in a heightened emotional state.
    • Reduce your online footprint so hackers have less personal information to use against you.
    • Ignore ads, pop-ups, and offers for free software or gift cards.
    • Secure your devices with antivirus and malware protection.

    14. Protect yourself from malware attacks

    Hackers are coming up with more and more sophisticated types of cyber attacks to steal your identity. Malware – such as Ransomware and Trojans — are especially dangerous.

    In these instances, criminals use phishing attacks to get you to click on a link or download an infected attachment. When you do, your computer or mobile device is infected with viruses that can steal your information.

    Recently, hackers have found ways to infect your devices without needing you to click or download anything. These “drive-by” downloads take advantage of security vulnerabilities on websites and in browsers. Just by visiting an infected site, your devices could become compromised.  

    How to protect your devices from malware attacks:

    • Use antivirus software, which blocks and alerts you to malware attacks.
    • Be very cautious about clicking on links or downloading attachments in emails. Don't trust messages from people you don't know or companies claiming your account was hacked.
    • Don’t ignore or skip OS and software updates. Legitimate software companies constantly remove vulnerabilities with new updates. You’re much safer if you’re up-to-date.
    • Look for phishing warnings from your browser or antivirus software.

    15. Secure your cryptocurrency

    Cryptocurrency scams are on the rise and often include some type of identity theft.

    In 2021 alone, scammers took home a record $14 billion in cryptocurrency [*]. Identity fraud is the most common form of fraud in crypto, accounting for 44% of cases [*].

    Crypto scams work similarly to traditional financial scams. A scammer will act as a friendly person or administrator of a crypto exchange and get the private keys to your crypto wallets.

    Private keys in the crypto world are the equivalent of login credentials for an online bank account. Once scammers have your private keys, they take over your digital identity and have unlimited access to your crypto.

    Scammers will typically empty your wallet from there — selling your NFTs and transferring all your coins to their own wallet(s) and cashing out.

    How to protect your cryptocurrencies from identity thieves:

    • Store cryptocurrency and tokens (like NFTs) in an offline wallet, known as a cold wallet. This makes it much harder for hackers to access.
    • Don’t respond to suspicious DMs about cryptocurrency (or anything else) on social media platforms like Discord or Twitter.
    • Do not click on links sent from unknown parties. Most communities will have an official “links thread” in their Discord where you can safely explore the project or mint it.  
    • Use multi-factor authentication on your crypto wallets to keep out scammers.
    • Thoroughly research any crypto investment opportunity — as many are scams.

    16. Keep your children safe from child identity theft

    Anyone in your family could have their identity stolen. But children are becoming a larger focus for criminals and scammers.

    A 2021 study found that one in 50 children in America were the victims of identity theft last year [*].

    Child identity theft happens when scammers target young people for their clean credit scores and SSNs. As most lenders or credit card issuers don’t verify ages, an identity thief can use your child’s information to open fraudulent loans.

    Child SSNs are also regularly used for synthetic identity theft — in which scammers combine a real SSN with other fake information to create a fraudulent identity that’s harder to track.

    How to protect your children against child identity theft:

    • Freeze your children’s credit. This stops anyone else from using their credit without your permission.
    • Never share your child’s SSN. If anyone asks for it, question why they need it and how it will be stored.
    • Teach your kids to limit the information they share with strangers and post on social media.
    • Secure any physical documents such as birth certificates or Social Security cards.
    • Sign up for family identity theft protection that will monitor your child’s SSN for signs of identity theft.

    17. Protect your parents and elders from seniors scams

    Unfortunately, identity thieves frequently target the elderly. According to the FBI, Americans over the age of 60 lost $1.7 billion to fraud last year — the highest amount lost of any age group [*].

    Elder fraud takes advantage of the fact that older people are often more trusting, less likely to monitor their credit, and less tech-savvy. Even worse, 60–90% of all cases of elder fraud are committed by someone the victim knows – including friends, family, and caregivers.

    How to protect your elderly family members from identity theft:

    • Sign up for credit monitoring to alert you of any potential fraud against your elderly family members.
    • Engage in open and honest conversations with your parents or grandparents about scams. Elderly people will often stay quiet, even if they’re suspicious, out of fear of being seen as incapable of looking out for themselves.
    • Leave notes next to phones, computers, and devices that remind your older family members to slow down and question people they don’t know.
    • Sign up for a family identity theft protection plan. For example, with Aura, you can add up to five adults and children to a single plan.

    Did You Give Info to an Identity Thief? Don’t Panic! Do This.

    Just talking to an identity thief or opening a spam message doesn’t automatically put you at risk. But if you see any of the warning signs of identity theft, you should act quickly to shut the scammer down.

    Here are a few steps to take immediately:

    • Freeze your credit with the three major credit bureaus: Experian, Equifax, and TransUnion.
    • Place a fraud alert on your accounts.
    • Contact your bank, credit card company, or any other lender that might be impacted.
    • File an official identity theft complaint with the FTC at IdentityTheft.gov. This report is essential for repairing your credit after identity theft.
    • File a police report with your local law enforcement agency. Share any information that could help them find the criminal — emails, texts, fraudulent charges, etc. You’ll also want to contact the police department in the municipality where any fraud occurred (for example, if your stolen identity was used to commit fraud in a different state).  
    • Secure all your accounts with new passwords and 2FA.
    • Follow the fraud victim’s checklist to dispute fraudulent accounts and charges, and recover from identity theft.
    • Consider signing up for identity theft protection. More than 30% of people are repeat victims of identity theft. Identity Guard will help keep you safe from future scams. Plus, you’ll be covered by a $1,000,000 insurance policy for eligible losses due to identity theft.

    The Bottom Line: Be Proactive About Protecting Your Identity

    There’s a lot that goes into protecting your identity. But by taking the steps above, you’ll be well on your way to safeguarding yourself from a range of threats and scams.

    And remember, you don’t have to do it all alone. Identity Guard gives you peace of mind to shop, bank, and browse without fear of identity theft.

    Special offer: Save 33% on your Identity Guard membership.

    Related Articles

    How to prevent medical identity theft

    How To Prevent Medical Identity Theft: Can You Stop It?

    Billing error from your healthcare provider? Maybe. But what if it's medical identity theft? Learn how to prevent medical ID theft and spot the red flags.

    Read More

    September 26, 2022

    Fraud protection services

    What Are Fraud Protection Services? Do You Need One?

    Credit cards offer only basic protection against fraud. To protect your hard-earned money, choose one of the top dedicated fraud protection services.

    Read More

    September 14, 2022

    Get Started with Identity Guard

    Get started with Identity Guard today, risk-free.

    Get Protected Today
    1. Financial identity theft and fraud
    2. Medical identity theft
    3. Child identity theft
    4. Elder fraud and estate identity theft
    5. “Friendly” or familial identity theft
    6. Employment identity theft
    7. Criminal identity theft
    8. Tax identity theft
    9. Unemployment and government benefits identity theft
    10. Synthetic identity theft
    11. Identity cloning
    12. Account takeovers (social media, email, etc.)
    13. Social Security number identity theft
    14. Biometric ID theft
    15. Crypto account takeovers