Identity is an asset—as valuable as cash in hand. And it’s easily compromised through theft or a data breach. You should give the same kind of care to your identity portfolio as you would an investment portfolio. Your identity should be nurtured, managed and properly protected. Here are some basic tips to help keep you safe.


Shred it. Identity thieves love recycling your trash, but you can break their hearts by buying a quality crosscut shredder. Shred everything with your name and address, such as statements and invoices, receipts, return address stickers, envelopes, catalogs and—especially—pre-approved credit offers, credit card checks and insurance-related materials.

Guard it. Encrypt emails and computer files that contain personal or account information. Use firewalls, antivirus and anti-spyware programs. Protect your smartphone as you would a computer. Keep all your technology current with the latest security updates. Always employ “strong” passwords that contain numbers, symbols and characters such as #, ! &, and %. Don’t use obvious passwords, such as your date of birth, first or last name, child’s or pet’s name or mother’s maiden name. Change passwords often, and don’t use the same one for online banking that you use for shopping or social networking sites.

Lock it up. Keep doors and drawers secure. Identity thieves can’t steal your information if they can’t get to it. Keep computers, paper files such as bank or credit card statements, passports, Social Security cards, earnings statements, birth certificates and any other documents with personal identifying information behind closed—and locked—doors or in locked drawers. Always be aware of who has access, such as household employees or work crews—and even family members.

Keep your Social Security number to yourself. It takes surprisingly little to set up fraudulent accounts and establish false credit in someone else’s name—sometimes only a Social Security number (SSN) and address will do. Never carry your SSN or card in your wallet or purse unless absolutely necessary, and never give out your number to anyone you don’t know and trust. Provide your SSN only when required, and, if any organization, company or medical provider attempts to use your SSN as an identifier, ask them not to (many laws prevent this, in fact).


Cut the cards. Minimize the number of credit and debit cards you use. Carry only one or two at a time.

Watch for new cards. Contact your card issuer immediately if a requested credit or debit card doesn’t arrive promptly by mail.

Don’t put outgoing bills in an unattended or unlocked mailbox. Or better yet, take outgoing mail to your local post office.

Review your checking statements immediately. Don’t delay in notifying your financial institution of any suspicious or unauthorized checks or withdrawals.

Use a gel ink pen (preferably black) to write checks. This kind of ink permeates the fibers in the paper and makes it difficult to “wash” the check and alter it.

If you still have canceled checks, shred them. Never throw out checks, unused deposit slips, old bank statements or ATM receipts without shredding them with a crosscut shredder.

Keep a list and/or photocopies of all accounts. Be sure to store that information in a secure place (not in your wallet or purse). Remember to include credit and debit card accounts, bank accounts and investment accounts. List account numbers and phone numbers for customer service and fraud departments so you can contact them quickly if cards are stolen or accounts are abused.

Avoid using a PIN-based debit card for purchases when traveling or in any place where you aren’t completely familiar with the personnel.

With unfamiliar merchants, use a credit card, which is better protected, or elect to use a non-PIN-based transaction. PIN-based transactions are easily ”skimmed,” making your checking account vulnerable to theft.

Run debit card purchases as credit. Never use a card as a debit unless it’s absolutely necessary, say at the bank or ATM. Why? Because more protections exist for credit cards, and credit card fraud claims are less likely to get declined.

Check your credit reports as frequently as possible, at least twice a year. Ask for a 3-in-1, merged credit report with a summary from all three credit bureaus. Under the federal FACT Act, consumers are entitled to one free credit report each year from each of the major agencies. For details, visit or call 1-877.322.8228.

Enroll for credit monitoring to regularly monitor credit activity in your files.

Enroll in fraud monitoring. This goes far beyond credit monitoring alone. Fraud monitoring can watch for signs of identity theft and fraud in public records, Internet chat rooms, criminal records, and more, to alert you of attempts to alter or acquire your identity data.


Don’t click on links in an unsolicited email. Legitimate companies never send an email asking you to reset your password or provide personal information by clicking on a link. If you receive an unsolicited email asking you to click on a link, don’t. Instead, go to the company’s website to access your account.

Protect your address and password. Your email ID and password are your confidential information. Don’t tell anyone your password or give them a clue to your password. Do not keep a copy of your email details on the internet or on your system.

Use the second sign-in verification option if it is available from your email provider. This option looks for suspicious sign in attempts from a new browser other than the one that you originally used to enable this option. If there is a suspicious attempt, the person will need to enter a verification code that will be sent to your cell phone or will need to answer two security questions that you established as part of the process. If you weren’t trying to access your account and you receive the code, you’ll also know that someone was trying to access your account.

Protect your computer. Install a good anti-spyware program and anti-virus software and update it regularly.

Take caution with public computers and Wi-Fi. If possible, avoid using public computers to access anything sensitive, such as conducting online banking, making purchases, or accessing email accounts. These computers could potentially have malware that is designed to capture the information you have entered. Avoid these same activities when using a public Wi-Fi connection as the information can easily be captured by criminals on the same connection. Make sure to use an encrypted Internet connection whenever you go online.

Watch for communications from unknown or untrusted senders. If you are receiving communications from anyone that you do not know personally or do business with, be wary. Pay close attention to the content since it is possible that a friend or family member’s account could have been hacked. If they are asking for money, contact your friend or family member by phone to verify the request. Check to see if the displayed link matches the underlying hyperlink. Place your cursor over the link in the email (but don’t click!), does the pop-up address match the link in email? Or did suddenly become

Pay attention to expressions of urgency or immediate requests for action. Scammers will try to make you act quickly by saying that your account will be closed or a purchase will be cancelled if you do not act immediately. They want you to act before you think. Don’t fall for it.

Look for requests for sensitive personal information. Banks, merchants, and other reputable institutions will never ask for your personal or account information by email, so never provide it. If you have any concerns, call the organization directly to verify the legitimacy of the communication.

Check for spelling or grammatical errors. Many of the phishers are from outside of the United States, so their grasp of the English language leaves something to be desired. If you see misspelled words, wrong use of pronouns and tenses, or other grammatical issues there is a very good chance you are being phished.

Remember, if it is too good to be true, it probably is! If you receive a communication out of the blue saying that you won the lottery or are heir to a foreign fortune you might want to think twice before claiming your reward.

Lottery & Sweepstakes

Don’t pay to collect sweepstakes winnings. Legitimate lotteries and sweepstakes don’t require you to pay insurance, taxes or shipping and handling charges to collect your prize.

Don’t wire money through companies like Western Union, and don’t send a check or money order by overnight delivery—something scammers often push you to do.

Lookalikes aren’t the real thing. Disreputable companies sometimes use a variation of a governmental or nationally recognized name to try to confuse you and instill confidence in their offers.

Consider whether you played the lottery or entered a contest in the first place. If you don’t remember buying a ticket or submitting an entry, then it’s safe to assume the winnings are bogus.

File a complaint with the FTC, if you think you’re being scammed. Visit or call 1-877-FTC-HELP (1-877-382-4357). Send a copy of your complaint to your state attorney general’s office.


Tips provided by CyberScout.