Security · November 26, 2021

Preventing Online Identity Theft: 4 Ways to Protect Yourself

With just a few taps on a keyboard, you can easily make a purchase or sign up for a new subscription or service online. However, each of these transactions often involves the exchange of sensitive personal data—valuable information that's ripe for cybercriminals to try to exploit.

Online identity theft has become more widespread, especially as school, work and even healthcare rapidly shifted online during the pandemic. According to data from the Federal Trade Commission, reports of identity theft surged 45% in 2020 (PDF) compared to 2019, with 4.72 million fraud reports up from 3.24. With the threat growing and the possible avenues for attack multiplying, it's more important than ever to understand the risk of online identity theft—and what you can do to protect yourself.

How identity theft happens

Online identity theft occurs when someone steals your personal information to commit fraudulent activities. This can happen in several ways.

In recent years, several large companies have experienced public data breaches in which hackers stole customer information that consumers legitimately provided to these businesses. You may provide your first and last name, date of birth, address or Social Security number when you sign up for cable or utility services, make an online purchase, register for an event, enroll in school or register as a new patient at a doctor's office. If these organizations don't have strong enterprise security in place, hackers can easily exploit their security vulnerabilities and illegally access customer information.

Cybercriminals have become increasingly sophisticated in their approach. Ransomware—a cyberattack that involves hackers stealing data, encrypting it and demanding a ransom to give organizations access back to their data—has become the predominant threat. In 2020, these attacks increased a whopping 485% (PDF).

Hackers also have turned to email phishing schemes to steal personal data. If employees or consumers lack cyber awareness and mistakenly click links in one of these emails, they could land on a fake website and unknowingly provide their information to hackers. With advances in technology, hackers even have adopted an emerging tactic called smishing, where they send text messages to try to steal people's information.

If hackers are able to access your data, they can do a lot of financial and personal damage. They can use your personal information to open a new credit card in your name or to make fraudulent purchases if they have access to your current credit card information. They can open a new account in your name for utility or cable services, steal your tax refund, use your health insurance information to access medical care or even access your unemployment benefits, as seen during the pandemic.

Online identity theft can undermine any sense of trust you have that a company will keep your information safe. It can make you leery of providing any information online, even if it may be more convenient. However, you can take proactive measures to protect yourself from this threat.

How to prevent identity theft online

As you engage with service providers online, post on social media and upload your information on different websites, identity theft will continue to be a risk. Here are four steps you can take to reduce the likelihood you experience one of these incidents.

1 Be aware of phishing schemes

Never click on a link from an email address you don't recognize or from an unsolicited sender. Many email providers have gotten better about strengthening their security defenses, so a lot of suspicious emails end up in your spam folder. However, some hackers can get through, so if you're unsure about an email or know you never requested information from the sender, it's better to be safe and delete the email.

2 Practice better password protection

Your password can be exposed if a company experiences a data breach. That's a risk in and of itself, but if you often use the same password across multiple sites, there's an even greater risk a hacker could access your personal information.

To prevent this, use unique passwords on different sites, especially your online banking and email accounts. Never share your passwords with anyone, especially over the phone. Hackers often use this approach with senior citizens who may be more vulnerable. Most companies will never ask for your password or personal information by phone or email if they make the initial contact. However, scammers will when they try to impersonate a legitimate company. Being aware of this tactic could prevent you from mistakenly sharing your information.

3 Regularly check your bank and credit card statements

If hackers do access your information, they may begin to make credit card purchases or withdrawals from your account.

Be vigilant and actively monitor your accounts. Many financial institutions have mechanisms in place to monitor fraudulent activity, such as putting a freeze on your card if they suspect suspicious activity. However, you also can be more proactive by setting up real-time account and transaction alerts, and by monitoring your credit report to see if anyone has opened a new account in your name. Staying on top of your account activity can help you minimize the impact, notify your financial institutions or service providers, and contact the proper authorities right away in the event someone is able to unlawfully access your accounts.

4 Keep all your software updated

Hackers can exploit security vulnerabilities to access personal data. That's why it's important to make sure you're using technology with the most up-to-date protection.

Companies often send security patches and updates to stay one step ahead of hackers. For example, if your smartphone provider sends an alert with its latest security patch, you should make these security updates on your phone as soon as possible. The same thing goes for any mobile or software applications you use. In some cases, software vendors may make automatic updates, but if not, make sure you have the latest version of their application installed on your device. This can help prevent malware, or malicious software that can infiltrate your phone or laptop to steal your personal data.

Combating identity theft and protecting yourself online

The increase in digital channels means online identity theft will always be a risk. The key is to take actionable steps to reduce this risk as much as possible.

Use strong passwords, and never click on suspicious links or provide your personal information over the phone. Make sure you always download the latest version of the apps you use and have the latest security updates installed on your device. Hackers will use any opening they can find to steal information, so putting all these strategies together can help you identify and prevent potential security vulnerabilities identity thieves are just waiting to exploit.


A few financial insights for your life

No results found

This information is provided for educational purposes only and should not be relied on or interpreted as accounting, financial planning, investment, legal or tax advice. First Citizens Bank (or its affiliates) neither endorses nor guarantees this information, and encourages you to consult a professional for advice applicable to your specific situation.

Links to third-party websites may have a privacy policy different from First Citizens Bank and may provide less security than this website. First Citizens Bank and its affiliates are not responsible for the products, services and content on any third-party website.