Picture of Christopher A. Hopkins, CFA

Christopher A. Hopkins, CFA

Identity theft on the rise – what you can do

Identity theft is soaring, having doubled in frequency since 2019 to become the second most reported complaint according to the Federal Trade Commission. Today nearly every American has had their personal information breached at least once, and the likelihood is high that you will experience an effort to steal your identity at some point, perhaps more than once. But there are steps you can take to mitigate the risk and to act quickly to repair the damage in the event you do eventually fall victim.

For as long as human beings have maintained unique individual identities, crooks have sought to abscond with them. Early brutal examples involved the murder of the victim and the assumption of their physical identity by the criminal in order to evade the law or previous associates. Financial fraudsters quite literally dug through the trash or created elaborate telephone schemes to elicit enough information from the victim to liquidate their bank accounts. But it took the advent of the internet to fuel the dramatic rise in sophisticated identity theft on a large scale. 

The term “identity theft” was actually first used in 1964 and is defined as a crime in which someone wrongfully obtains and uses another person’s personal data in some way that involves fraud or deception, typically for personal gain. According to the FTC, there were 1.4 million reported instances of consumer identity theft in 2021, but industry analysts believe that as many as 90% of cases go unreported. Javelin Strategy and Research puts the number of Americans affected by identity fraud at 42 million last year resulting in $52 billion in losses.

It is impossible to fully inoculate yourself from this type of crime given the plethora of personal information about each of us zipping around in the ether. According to one former hacker turned security consultant, the only reason more people haven’t been victimized is that there are simply not enough criminals to utilize all the data in circulation. Still, there are several measures that each of us can take to minimize the chances of an attack.

Freeze your credit. A credit freeze prevents any potential creditor from accessing your credit file unless you are already a borrower. By law, each of the three bureaus (Experian, TransUnion and Equifax) offer this service for free by creating an account and turning the freeze on or off in real time. This is easy and is the most powerful defense against fraudulent establishment of accounts in your name.

Monitor your credit. Consider signing up for one of many free basic credit score monitoring services that offer access to your credit report and alert you to changes. Several companies including Credit Karma, Credit Sesame and SoFi have basic free offerings. Many credit card issuers now also provide no cost access to your Fico score. And by law you are entitled to one free report from each bureau at

Fix your passwords! According to LastPass, 91% of consumers know that reusing passwords substantially increases risk of theft, but 66% do it anyway. Strengthen your passwords and make them unique. A password manager app can do it for you and even change them periodically. Also enable two factor authentication (email or text verification) wherever possible.

Review statements. Aside from a credit freeze, the best protection is vigilant monitoring. Carefully review bank and credit card statements for any unknown or unexpected activity and contact the institution promptly if you see anything suspicious. 

Identity protection services. Subscription-based monitoring and mitigation services now comprise a $10 billion industry. Paid services may be worth the cost if you are not inclined to do the work yourself or feel you may not be diligent enough. However, it is important to understand that despite their names, these services cannot actually “protect” you from identity theft. Many, for example, advertise monitoring of the Dark Web for your personal information, but note that they cannot remove or block any data they find and cannot stop identity theft, but may provide a heads up that your information is for sale and can assist in recovery from a theft.

Most identity monitoring subscriptions also offer some degree of insurance coverage to reimburse for expenses of fixing a breach and in some cases recovering lost assets. Note however that you may be able to add similar coverage to your homeowner’s policy more inexpensively.

What to do if (when) it happens to you. One of the most useful and least known resources is the Federal Trade Commission’s identity theft website at IdentityTheft,gov. As soon as you suspect your identity has been stolen, report the incident to the fraud department of the FTC. Then change your critical logins and passwords and request your credit report from all three bureaus. Best of all, will create a customized recovery plan to guide you through the steps to secure your accounts. Repairing and securing your profile after an identity theft requires significant effort, but if detected and reported early can usually be resolved within 6 months with no permanent damage.

Given the massive amounts of our personal data in circulation, all of us are at significant risk from identity thieves. Taking a few simple precautions can drastically reduce the risk of a theft and facilitate a quick recovery if it happens.

Share this post