Identity Theft

Identity Theft

What is Identity Theft?

Millions of consumers suffer from identity theft annually, costing the fraud victim thousands of dollars in monetary damages, months and even years to repair damaged reputations, and psychological harm that can last a lifetime. The Federal Trade Commission estimates that over 9 million Americans have their identities stolen each year, with billions of dollars in out-of-pocket losses to families and businesses.

Identity theft or fraud occurs when someone illegally obtains your personally identifiable information, such as your social security number or credit card data, to commit fraud or other crimes. Criminals use the victim’s personal information to make fraudulent withdrawals from a bank account, fill out false applications for loans or credit cards, make unauthorized charges on telephone calling cards, or obtain goods or services in the victim’s name that the identity thief could not have obtained on his own.

Consumers often do not realize that their identities have been compromised until months or even years after their private information was stolen. They first discover the crime when they receive demand letters, collection notices, court summonses, or notices of wage garnishments or liens for debts that they never incurred.

How Can Identity Theft Impact You?

Identity thieves can remove fund from your bank accounts, incur charges on your credit cards, open cellphone accounts in your name, or even claim your tax refund. The financial impact can be devastating. Fraud victims find themselves faced with balances run up on their charge cards, medical bills they never incurred, home loans and equity lines they never opened, and funds drained from their bank account.

For those victimized by identity thieves, the impact on their lives is profound. The consequences of identity fraud are felt for years, as victims may be rejected for loans, turned down for credit cards, or passed over for jobs long after their financial data and personal information have been stolen by the identity thief. The process of restoring your credit, securing your assets and cleaning up your reputation from the devastating effects of identity fraud may take years.

The Crime of Identity Theft

Federal law defines the crime of identity theft in two statutory provisions: 18 U.S. Code § 1028(a)(7) provides that identity fraud occurs when one “knowingly transfers, possesses, or uses, without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, or in connection with, any unlawful activity that constitutes a violation of Federal law, or that constitutes a felony under any applicable State or local law.” 18 U.S.C. § 1028A defines “aggravated identity theft” as occurring when someone “knowingly transfers, possesses, or uses, without lawful authority, a means of identification of another person” in the commission of particular felony violations such as mail, bank and wire fraud, obtaining information by false pretenses, and violations of the Social Security Act. “Means of identification” include a person’s name, social security number, date of birth, official driver’s license or identification number, alien registration number, passport number, employer or taxpayer identification number, and unique biometric data.

The U.S. Department of Justice defines “identity theft and identity fraud” as crimes “in which someone wrongfully obtains and uses another person’s personal data in some way that involves fraud or deception, typically for economic gain.”

In addition, there are numerous state laws that criminalize fraud and related activity in connection with identification documents. For example, California Penal Code Sections 530.5 to 530.8 provides that “[e]very person who willfully obtains personal identifying information … of another person, and uses that information for any unlawful purpose, including to obtain, or attempt to obtain, credit, goods, services, real property, or medical information without the consent of that person” is guilty of a criminal offense. In fact, every one of the 50 United States has a law that criminalizes identity theft or impersonating another.

How to Prevent Identity Theft?

There are measures you can take to help to prevent identity theft. Since many identity thieves seek to gain access to the personal information stored on your computer, be sure to install the latest, up-to-date anti-virus software and firewall on your personal computer, laptop or tablet. A highly-rated, free security solution such as the Comodo firewall application will help protect your computer against viruses, Trojans, worms, hacker attacks, and other threats. You should also be sure to download and install the latest updates and security patches when they are released for your computer’s operating system. Keeping your computer’s security protection up-to-date with the latest anti-virus software, firewall, and security patches will provide a good first line of defense against potential intrusions to the personal information stored on your computer.

You should also avoid transmitting sensitive information over public Wi-Fi networks such as at coffee shops, airports, fast food restaurants, and shopping centers. Accessing your devices over public networks may make you vulnerable to so-called “man-in-the-middle” attacks where a cyber-criminal impersonates a legitimate website in order to intercept personal information that you might send over popular apps or directly to a website. The FTC recently announced settlements with websites Fandango and Credit Karma over charges that they failed to properly secure their mobile website applications against cyber-attacks. The FTC found that the online companies failed to secure the transmission of millions of consumers’ sensitive personal information from their mobile apps, leaving consumers’ sensitive personal information at risk. In the case of Credit Karma, the FTC determined that attackers might be able to access the consumer’s credit score and credit report, leading to identity theft, including existing and new account fraud, the compromise of personal information maintained on other online services, and related consumer harms.

“Phishing” is a scam where criminals send out phony emails which they pretend are from legitimate websites such as banks, social networks (such as Facebook, LinkedIn or Twitter), e-commerce sites (such as eBay or Amazon), or other popular web destinations. The emails contain URLs linking to bogus sign-in screens where the cyber-criminals hope to capture your login credentials, passwords, and other personal information. As a general rule, companies will never ask you to log-in to their websites directly from an email. If you get an email that asks you to log into your account through a link provided in the email, it is likely an attempt to phish for your personal financial data. Do not click through the link and never enter your personal information on any log-in page that opens through the link. Gmail provides a drop-down functionality in your inbox that allows you to designate the email as a likely phishing attempt. You can also report the phishing incident to the U.S. Computer Emergency Readiness Team at But never provide your personal information through a link you receive in an unsolicited email.

If you’re going to provide your personal information on a website, web addresses that begin with the prefix “https” are generally more secure than web addresses which begin with the prefix “http”.

For offline information, be sure to use a shredder to destroy personal documents before disposing of them in the trash, as identity thieves may sift through garbage to find financial data. If you will be out of town for a period of time, have a neighbor collect your mail from your physical mailbox or ask the post office to hold your mail until you return. If your mailbox has a locking mechanism, use a key to secure your incoming letters. And never give out your personal information on an incoming telephone call.

If your wallet is lost or stolen, you need to cancel your credit cards and report any theft to the police. Your next step should be to change your identification numbers, including your driver’s license and social security number.

Consumers should regularly monitor their credit reports to check for unusual activity. Your credit report is the best early indicator of identity theft, and early detection is important to limiting the damage caused by identity thieves.

Additional Resources

For more information on what you can do to protect yourself from identity fraud, you can visit the Federal Trade Commission: Identity Theft portal for additional guidance on how to detect and prevent identity theft. Further information is available at the Federal Deposit Insurance Corporation (FDIC): Identity Theft website which provides useful advice on the techniques that thieves use to access your private information as well as tips on identity crime prevention. Additionally, you can visit the United States government cyber-crime portal at On Guard Online: Identity Theft for helpful information on how you can guard against becoming a victim of cyber-crimes such as identity theft.

For more information on what to do if you become a victim of identity theft or fraud, go to What to do if You are a Victim of identity Theft. For more personal finance advice including helpful tips on how to improve your credit score, go to

Copyright © 2017 All Rights Reserved.