Do not let your guard down. Always be cautious in revealing information about yourself or your employer. “Stop, look and think” about emails, texts, and phone calls. Slow down, be aware, be safe, and don’t be the weak link to identity theft.
Nearly eight years ago I wrote a December 2014 article for the Arizona Republic titled Read the fine print when buying ID-theft protection services.
The premise of my article was that the core product offered to most identity theft protection service providers is credit bureau monitoring and that credit bureau monitoring offers a false sense of security.
Credit bureau monitoring cannot monitor non-financial identity theft events. Events like:
- taxpayer ID theft and refund fraud,
- unemployment ID theft, benefits fraud,
- medical ID theft and fraud,
- or credential (e.g. driver’s license and passport) ID theft and fraud.
The identity theft protection community is largely reputable and trustworthy. It is not uncommon, however, for identity theft marketing campaigns to include deception, exaggerated threats, and flawed offers.
In addition, I encourage consumers to read the fine print for hidden “exclusions” when selecting an identity theft service provider. Hidden exclusions are commonly found in the “terms and conditions,” where marketing meets reality.
Marketing versus reality.
I find it interesting how more consumers are paying for ID theft protection services than ever before and yet there are more victims of ID theft than ever before. (The bad guys getting better? Are there more PII records our there? The ID Theft Protection Providers Failing or are they just marketing beyond their ability?)
For example and according to the March 2022 Javelin Strategy Annual Identity Fraud Study, identity theft and fraud losses totaled $52 billion affecting 42 million U.S. adults in 2021.
Here are a few ways consumers lower their risk of being a weak link to identity theft.
- First, consumers need to stay up to date on the most recent data breach and identity theft trends such as Phishing (fraudulent emails), Vishing (fraudulent phone calls and voice mail messages) and Smishing (fraudulent text messages) tactics.
- Second, consumers should be taking advantage of risk mitigation tools such as fraud alerts, credit freezes, credit/debit card alerts, and yes – even credit bureau monitoring – as long as you understand the limitations of credit bureau monitoring.
- Third, consumers should consider using new and strong passwords every 90 days or use a password manager that can help create new and strong passwords along with scanning existing passwords to flag reused and weak passwords.
- Lastly, consider using a Virtual Private Network (VPN) as VPN software scrambles your IP address, encrypts data sent between your computer and the websites you visit, and masks your true location and service provider. Masking your data is very important while using public WIFI
To conclude, I would like to reference Kevin Mitnick, the Chief Hacking Officer and part owner of security awareness training company KnowBe4 and convicted hacker turned paid security consultant, public speaker, and author.
Mr. Mitnick is best known for his high-profile 1995 arrest and five years in prison for various computer and communications-related crimes. He has said many times that “the weakest link in the security chain is the human element.”
To add to Mr. Mitnick’s comments about the human element, I always say that hackers, social engineers and ID theft criminals depend on human nature, psychology and “trusting” consumers to let their guards down.
Do not let your guard down. Always be cautious in revealing information about yourself or your employer. “Stop, look and think” about emails, texts, and phone calls. Slow down, be aware, be safe, and don’t be the weak link to identity theft.
Sincerely,
Mark
