Identify theft through physical access

Each week seems to bring a new announcement that yet another massive credit card security breach has occurred. Some of these breaches result in identity theft or the loss of financial assets, and consumers have learned to be alert to risks to their electronic financial information.

A recent Bankrate.com survey showed that even though the majority of Americans access the Internet on a cellphone, tablet or other mobile handheld device, 50 percent never make a major financial commitment (such as getting a mortgage or purchasing stocks) online on such a device. Another 24 percent rarely do. And 41 percent say they don’t use a mobile device for such financial commitments because they’re concerned about information security.

This means we take our electronic security very seriously. But a 2014 study by Travelers Insurance shows that the majority of identity theft cases occur through physical access, such as a stolen wallet or purse. We need to be sure we’re as vigilant about the security of our paper-based information as we are about our electronic information.

Identity theft and account takeover

Identity theft and account takeover © iStock

There are two ways someone can use your financial information to wreak havoc on your financial life, according to Robert Siciliano, a personal security and identity theft expert with BestIDTheftCompanys.com. One is creating new accounts based on your information. The other is taking over your existing accounts. According to the Bureau of Justice Statistics, 85 percent of identity theft cases involve the latter. In both cases, having access to your Social Security number is the key.

“People who have access commit the crime,” says Siciliano. “It could be family, a co-worker, a landlord. Your Social Security number is in filing cabinets, schools, doctors’ offices. It’s in dumpsters.”

You can’t totally prevent access to your financial information, but you can limit it. You can also limit the damage criminals can cause if they do get a hold of your information. “The best way to make it useless is to get a credit freeze and to invest in identity theft protection,” says Siciliano. “All of the fraud that can be committed with your Social Security number is a nonissue if you have a credit freeze.”

Protect yourself against identity theft. Check your credit report for free at myBankrate.

Shredding your documents

Shredding your documents © iStock

A credit freeze doesn’t help if someone accesses your bank account and drains it, though. However, just having your Social Security number doesn’t necessarily mean a criminal can immediately pilfer your accounts. “Criminals try to piece together an identity that can be used to take over accounts,” says Siciliano. If they can swipe your bank account statement and they have your Social Security number, they have a lot of information about you that they can use to steal your assets, if not your identity.

One of the most common ways people have their information stolen is when someone goes through their trash or recycling, according to Rob Douglas of IdentityTheft.info. To help prevent this, make sure you’re shredding all of your financial documents before you throw them away. This includes any type of account statement, tax information, invoices and receipts. Using a crosscut shredder helps ensure the shredded information can’t be pieced back together by a patient thief. Douglas recommends getting in the habit of shredding paper documents immediately if you don’t need to keep them.

Protect your mail

Protect your mail © iStock

Douglas points out that people commonly have their financial information stolen when a thief — not always a stranger — steals mail. Invest in a mailbox that locks, or use a secure post office box to help keep this from happening. If you’ll be away from home for more than a day or two, have your mail stopped at the post office.

“Turn off the paper,” Siciliano advises. “The less paper you have, the better off you are.” When a lot of people are handling your information, it increases the likelihood that one of them will use it to steal from you. An email from your bank is actually less vulnerable than a paper bank statement sent from the bank to your home.

The Federal Trade Commission, or FTC, which functions as a clearinghouse for identity theft information, also recommends the following.

  • Collect your mail from your box as soon as possible.
  • Don’t have new checks sent to your mailbox. Instead, have them delivered to your bank branch, where you can pick them up in person
  • Take outgoing mail directly to a mailbox or post office.
  • Consider opting out of prescreened credit and insurance offers. To do so, call 888-567-8688 or go to OptOutPrescreen.com.

The FTC recently launched a new website, IdentityTheft.gov, to help victims with identity theft protection.

Secure your files

Secure your files © iStock

The theft of financial information is often a crime of opportunity. “Unfortunately, another one of the most common ways that people have their information stolen is by relatives and others (such as caretakers or home workers) who have access to an individual’s home,” Douglas says.

Keeping your personal information in files (instead of out on your desk) and keeping those files locked helps prevent these crimes. “Bolt your file cabinets to the floor,” Siciliano recommends. “Invest in a safe. Even a small fire safe can be bolted to the floor.”

Additionally, Douglas recommends you conduct an annual review of your files. “Shred documents that you no longer need or want to maintain,” he says.

Protect your home and automobile

Protect your home and automobile © iStock

Burglary, particularly automobile burglary, is one of the most common ways people have their information stolen. Siciliano advises installing a home security system to help prevent home burglaries. While you might be peeved if a thief makes off with your television, it’s the theft of the information in your desk that could be more financially damaging.

“To deter smash-and-grab theft of information, don’t leave mail or other papers in plain view in an automobile,” says Douglas. The same is true of your cellphone or laptop. Secure them in your trunk if you must leave them in your car, and lock your doors.

Clean out your wallet

Clean out your wallet © iStock

A pickpocket who swipes your wallet can get more than your cash on hand. “Without a doubt, most people carry more personal information in their wallets, purses and briefcases than necessary,” says Douglas. “You should not carry any information other than what you may need on any given day.” Most days you do not need to carry Social Security cards, passports, birth certificates, health insurance/Medicare/Medicaid cards, or any other document that contains personal or account information.

“For most people, a driver’s license (or other state-issued identification card) and a single credit or debit card will often be all that is needed on a daily basis,” says Douglas. “By limiting the number of items containing personal information you carry, you decrease the risk of damage if your wallet (purse/briefcase) is stolen and you will greatly reduce the amount of hassle you will endure replacing all the documents and cards that are stolen.”

The FTC also recommends locking up your briefcase or purse when you’re at work. This advice holds true for any place where you might be away from your valuables for any period of time, such as when you’re working out at the gym.

Lock your devices

Lock your devices © iStock

One of the dangers of having a thief in your home or car is if they swipe your mobile phone or your laptop, they are likely to be able to log into your accounts unless you keep your devices locked, Siciliano points out. Make sure that you have to use a password to access the information in these devices. This precaution will also help if you lose your phone or laptop.

Also be sure to physically lock up these devices, just as you would a purse or briefcase, if you will be away from them.

The FTC advises consumers not to use automatic logins (where your username and password is saved) for just this reason.

Ask before you share

Ask before you share © iStock

The FTC recommends asking why information is needed before you share it with a school, doctor’s office, business or employer. Be sure to ask how they will keep the information safe, and what happens if you don’t provide the information. (You may learn that that the information isn’t really needed).

Siciliano makes a practice of not providing personal information on documents (such as a job application). “Rarely do I say, ‘I’m not giving you my Social.’ I just omit it. If they don’t need it, they’re not going to ask for it, but if they have to have it, then I give it to them.”

Douglas concurs. “You should decline to provide a Social Security number (or any other specific account number like a driver’s license) on an initial job application. Make a polite notation on the job application similar to the following: ‘For reasons of personal and information security, I will gladly provide my Social Security number separately from this application when it is needed for any lawful purpose.'”

What to do if you suspect theft

What to do if you suspect your information is stolen © iStock

If you suspect your financial information has been stolen or is at risk, Siciliano recommends that you set up a fraud alert. This means notifying one of the three credit reporting companies of your concern. (If you notify one, they must notify the other two.)

A fraud alert makes it harder for an identity thief to open an account in your name. A fraud alert differs from a credit freeze or security freeze in that it serves as a red flag rather than an actual freeze.

Then, be sure to review statements carefully. The FTC recommends that you also monitor your credit reports for suspicious activity. If you confirm that you are a victim of identity theft, filing an identity theft report with the FTC can help you resolve issues associated with the theft, such as removing fraudulent information from your credit report and preventing creditors from harassing you about accounts you did not open.