“Identity theft cannot be prevented. It can’t.”
Those were the words uttered by identity theft expert Adam Levin, who’s the chairman and co-founder of Identity Theft 911, a company that provides data protection services for businesses.
This could make a consumer feel pretty helpless. After all, there are things you can do to prevent home burglaries and auto theft, but identity theft? That's another matter.
By now, you’ve probably heard that the Social Security numbers and credit reports of some famous individuals were posted by a covert group of folks who have, so far, done a pretty decent job of staying anonymous and remaining behind digital walls.
So far, the data bandits posted the Social Security numbers of former Vice President Al Gore, presidential candidate Mitt Romney, Michelle Obama and a bunch of entertainment and sports figures like Tiger Woods, Britney Spears, Jay-Z, Kim Kardashian and Mel Gibson.
Additionally, the hackers released bank account and credit card balances of the celebrities since this information was on most of the credit reports.
Now let’s face it, some of you will probably roll your eyes at the fact that some of the rich and famous were hacked into, since it’s logical to think their level of wealth and celebrity makes them bigger targets and more likely to be stolen from.
Too much information
But Levin says everyday consumers should be just as worried, because identity theft isn’t something that can be completely halted, for the mere reason that there’s an unprecedented amount of information being exchanged today.
“There’s way too much information out there about people," said Levin in an interview with ConsumerAffairs.
“People have a tendency to overshare information and there have been so many breaches at so many levels of government and business. And oftentimes businesses put in fairly well-thought-out security systems, but the problem is a security system is only as good as its weakest link and historically people are the weakest link.”
“So you see a company like RSA, which is arguably the most secure company in the world getting breached, because a low-level employee clicked on a "spearfishing" email that allowed [others] to crawl into the bowels of the company by collecting his email and following the trail to where it led them and basically comprising the security codes of the company and forcing the company to replace 40 million fobs.”
Levin says that between people’s newly developed need to share, state-sponsored hackers and independent hactivists, the world presents a new kind of danger that hasn’t been fully grasped by the everyday consumer, and because identity theft is still relatively new—at least in digital realms—a lot of people haven’t realized that they need to do more than change their password every now and then.
What needs to happen, says Levin, is that people need to develop a completely new mindset when it comes to dealing with data thieves.
“You’ve got to have a paradigm shift in the way you think, stop thinking you can prevent it,” he says. “It doesn’t mean you shouldn’t do everything you possibly can to minimize your risk of exposure.
“That means you do everything that everybody from the beginning of time when the subject of identity theft comes up has told you: Don’t carry your Social Security number, don’t give information to people you don’t know, don’t click on things ever if you can avoid it, certainly not things that don’t look right."
"Have the best security systems on your computer and your smartphone. People think smartphones are communication devices they’re really mini storage devices. Shred everything in sight," said Levin.
One of the most effective ways to learn if your identity or financial information has been tampered with is to request a free credit report, which helps people understand and manage their credit better.
If possible, people should look at their credit information on a daily basis to determine if anything looks off, even slightly, and if it does you should immediately jump into action, instead of assuming something was your fault and that maybe you forgot to pay something off on time.
Joining a transactional monitoring program through your bank and credit card company will help you stay on top of each daily transaction, which may sound a bit drastic to some, but Levin says these are the measures that consumers need to take these days.
In short, the level of consumer vigilance needs to be stepped up tenfold if people expect to keep their information secure, Levin says.
Once you sign up with the transactional monitoring program you can either ask to be notified after every transaction or only on those transactions that reach a certain limit.
In addition, Levin says that thieves are stealing information in much more advanced ways today and often it’s not by hacking or by breaking your password.
He says scammers are moving a lot more slowly and more methodically these days and they'll take long amounts of time to gather the information they need to begin their scam.
Not a hack
In the case of the celebrities, Levin says their information wasn’t actually hacked, it was gradually collected.
“It wasn’t a hack,” he said. “What they did was they assembled all of this information, because that’s what these guys do. They [gather] together information slowly, sometimes from social networking sites, sometimes from businesses of social networking sites and their goal is how much information can they get together to answer the authentication questions.”
Another piece of advice Levin has for consumers is to make up answers for those authentication or security questions that ask you for your mother’s maiden name, for example. Although you may have to write your answer down to remember it, it’ll be hard for someone to use that piece of information in their intended scam.
A big place that people slip up and release personal information is when they’re faced with convenience over using slow and careful safety measures, Levin says.
But even with all of the statistics on identity theft and even after the numerous stories of people having their identities used in a number of different frauds, a lot of people still consider all of the identity theft talk just another scare tactic and just like other dangers in the world, many people don’t believe those dangers will happen to them, at least not on a large scale.
In a poll conducted by research company GFK and released by telecommunications company Omnitel, researchers interviewed 1,000 people, consisting of 500 adult males and 500 adult females.
When the participants were asked if they believed the issue of identity theft was just a scare tactic and not a serious problem, 390 people (39%) said they strongly agreed with that statement. That's a substantial amount and indicative of just how many opportunities there are for people that want to steal your data.
And they’re not just stealing money, scammers are into all kinds of nasty little deeds from child identity theft to medical theft, where a person can steal your information, get medical care under your name and create all types of confusion and harm, says Levin.
What to do
Besides doing all of the traditional things if you learn your information has been stolen or compromised, like changing your passwords and contacting your banks and credit reporting agencies, it’s important to communicate with your insurance company to see what type of identity theft protection you have. In some cases the protection may be free, Levin says.
In addition, filing a police report is imperative.
“You’ve got to file a police report,” Levin says. “If you don’t file a police report it is a nonstarter, because the sense is, if you don’t file a police report that means maybe you’re the identity thief.”
And if your information isn’t just compromised but outright stolen, you’ll have to do a little more legwork, which can be labor-intensive, but extremely necessary to start fixing some of the wrongs that were committed against you.
“You’ve got to communicate with those government agencies that are appropriate,” says Levin.
“There are some states that have an identity password and that’s something where a card is issued in most cases by the Attorney General confirming that you’re a victim, so if you encountered any issues you have the card.”