How To Protect Yourself From Identity Theft

Share this:

Gaetano DiNardi

Head of Content at Aura

In this article:

    Identity theft and fraud protection for your finances, personal info, and devices.

    See pricing
    Share this:

    Don't Be The Victim of Identity Theft This Year

    Identity theft is now the fastest growing crime in America. According to the Federal Trade Commission (FTC), 1.5 million Americans had their identity stolen last year [*].

    Unfortunately, 2022 isn't looking any better.

    The first few months of the year have set new records for cases of fraud, identity theft, and data breaches. Hacks at companies like Microsoft, Cash App , and Okta have compromised the personal data of millions of people [*].

    Even the CEO of the Identity Theft Resource Center (ITRC) says "There is no reason to believe the level of data compromises will suddenly decline in 2022."

    Identity thieves are getting more sophisticated with their attacks. But the good news is that there are still some simple measures you can take to prevent identity theft.

    How Can Identity Theft Happen?

    Identity theft happens when bad actors use your personally identifiable information (PII) for their personal gain.

    For example, an identity thief could buy your Social Security number (SSN) off the Dark Web for as little as $5 and then take out fraudulent loans in your name.

    PII includes things such as your:

    • Full name
    • Date of birth
    • Home address
    • Account logins and passwords
    • Social Security number (SSN)
    • Financial information
    • Driver's license number and ID

    With even just a few pieces of your personal data, criminals can commit up to 15 different types of ID theft . But the most common are credit card fraud, loan fraud, and tax or government benefits fraud (medical identity theft is also now gaining popularity).

    Before we go any further, here's what you need to know:

    • Credit card fraud occurs when criminals steal your credit card number and rack up debt or even open new cards in your name. Even if they don't have your physical card, scammers can use your stolen credentials to make fraudulent purchases online. Unfortunately, there's also been a rise in familial fraud where a family member opens a credit card in your name .
    • Loan or lease fraud occurs when someone uses your identity to take out auto, business, personal, student, or real estate loans. Scammers have no intention of paying off these fraudulent loans and may even file for bankruptcy in your name.
    • Tax and government benefits fraud occur when a criminal files for taxes or benefits in your name. For example, they might use your SSN to file a falsified tax return and receive a large refund from the IRS. Or, they could use it to apply for government benefits and pocket the money.

    The easiest defence against these and other types of identity theft is to become a harder target.

    While it's impossible to guarantee protection against identity theft, there are ways to protect your PII and make your data harder to steal.

    10 Steps to Avoid Identity Theft

    1. Know the most common ways criminals steal your identity

    To steal your identity, criminals need access to your PII. Unfortunately, there's a good chance some of it has already been leaked in a recent data breach. But that's not the only way you can become the victim of identity theft.

    To prevent identity theft, learn where you're most vulnerable to attacks:

    • Phishing attacks. Also known as an imposter scam, this is when scammers send spam emails and texts or call you on the phone pretending to be someone you trust. For example, they could claim to be from the IRS and ask you to "confirm" your identity by revealing your SSN. Or, they might try to get you to click on a link that will infect your device with malware.
    • Physical theft. Identity thieves can find everything they need to steal your identity on your driver's license, ID, or even in the mail.
    • Shoulder surfing. This "attack" occurs when you use your devices in public. A scammer with lurking eyes watches you enter your online banking password. Or if they're more sophisticated, they could use a man-in-the-middle attack to intercept your Wi-Fi connection and spy on you.
    • Social engineering attacks. Similar to phishing, social engineering attacks use psychology to pressure you into doing what criminals want (like giving up your PII). Identity thieves research your life and use your personal information against you.

    Simply put, you could be at risk any time you receive an unsolicited message or call, lose a piece of mail, use your devices in public, or browse the internet.

    2. Watch out for the warning signs of a phishing attack

    Phishing attacks are the main way scammers trick you into giving up personal information. These messages and phone calls can look and sound convincing. But any information you provide or links you click on can put your identity in danger.

    So, how can you tell if a message is from a scammer?

    Scammers will often try to spoof their contact information to make it look like they're coming from an official number or email. But if you look closely, you'll see that they're different from what's listed on the supposed sender's official website.

    Phishing messages usually don't address you by name, may include typos, and often use threats, urgency, or promises to spur action. They'll also often include links, attachments, or QR codes with convincing reasons why you should click on or scan them.

    If you have any suspicions, don't respond or click on links or attachments in these messages. Instead, contact the company directly using the information listed on their website.

    Read more: How To Tell If Someone Is Trying To Scam You Online

    3. Safeguard your IDs and wallet

    Identity thieves don't only rely on sophisticated hacking. Criminals can steal your identity with just the ID you carry in your wallet or purse. That's why the less personal information you carry with you, the better.

    Carry only your driver's license and one or two necessary credit or debit cards. Leave your passport, Social Security card, birth certificate, and extra credit or debit cards at home.

    Even then, it's important to keep your physical ID safe from scammers.

    Try to always keep a list of what's inside your wallet or purse as well. This way, if your wallet is stolen, you'll know what accounts to close and how you might be at risk.

    For even more security, keep important documents in a locked safe at home in case of burglary. And if you're going to pay with a credit card, choose a chip or contactless reader, as these are more secure than swiping.

    4. Avoid public Wi-Fi (unless you have a VPN)

    Free wireless internet at an airport or your local coffee shop is convenient. But it also presents the perfect opportunity for fraudsters to steal your information.

    Public Wi-Fi networks are notoriously easy to intercept. If an identity thief taps your connection, they can steal your usernames and passwords.

    If you need to use public Wi-Fi:

    1. Use a cellular hotspot. Tether your phone to your laptop to ensure that hackers can't scam you over vulnerable Wi-Fi networks.
    2. Use a virtual private network (VPN). A better option is to use a VPN. This tool encrypts your data — all hackers will see are strings of numbers and letters. Aura's VPN uses military-grade encryption to protect all your devices and prevent identity theft.
    Aura antivirus software
    Source: Aura VPN with military-grade encryption

    5. Secure your online accounts and use two-factor authentication (2FA)

    Strong passwords are often your first (and only) defense against identity thieves. But a shocking 22% of U.S. adults use their own names for passwords on online accounts [*].

    Statistics on American's attitude towards password safety
    Google surveyed a sample of 3,419 adults (aged 18+) living in the U.S. to understand their beliefs and behaviors around passwords and online security. Source: Google

    This is essentially giving an identity thief a free pass to hack your email, take over your online bank account, or steal your social media profiles.

    Instead, secure your online accounts by using:

    • Strong passwords that are at least eight characters long. Use a combination of upper and lowercase letters, numbers, and symbols.
    • A secure password manager that keeps track of your login information. Aura's password manager will also alert you when an account has been compromised.
    • Two-factor or multi-factor authentication (2FA or MFA). These add an extra layer of protection to your accounts by requiring a special code along with your password. But skip using SMS for authentication as it can be hacked or bypassed if someone steals your phone. Instead, use an authenticator app like Google or Authy.
    • Fingerprint or biometric security on your devices. If you're signed into accounts on your mobile device or laptop (like your email), hackers can steal your identity by stealing your phone. Biometric security is much harder to hack (although there have been cases of fingerprint identity theft). For the best protection on your devices, combine biometrics with a strong passcode.

    Finally, keep an eye out for messages about your passwords — especially failed login attempts or password changes. If you can connect your phone with a remote security feature like Apple's Find My app or Android's Find My Device, set it up now.

    6. Monitor your credit report and consider a credit freeze

    The warning signs of financial fraud from identity theft start small. Scammers regularly "test" accounts and credit card numbers with small charges. But the end results can be disastrous if you don't catch these early on.

    Identity fraud can cost you thousands of dollars and hours of your life as you try to repair your credit.

    Paying close attention to bank and credit card statements is a good way to spot financial fraud early. Look for unusual charges on your account statements, like those from unfamiliar vendors.

    If you believe you're a victim of identity theft, contact the company, card issuer, or financial institution. They should be able to cancel the charges, close compromised accounts, and get you a new account number.

    By law, you're also allowed a free copy of your credit report every year from each of the three major credit bureaus: TransUnion, Experian, and Equifax.

    You can get your free credit report at Look for suspicious activity, such as new credit inquiries, negative changes in your credit score, accounts you don't recognize, or incorrect information (like your date of birth).

    Related: What Is Credit Protection? Are You Making the Most of It?

    7. Reduce your online footprint

    Everything you do online — from Google searches to social media posts — makes up your online footprint. Identity thieves use this information to design phishing emails, guess your passwords, and scam your friends.

    While you can't erase your online footprint, here are some ideas to limit access:

    • Don't overshare on social media. Think twice before you post. Many of us accidentally reveal sensitive information, location data, and even PII in social media posts.
    • Adjust your privacy settings. Limit your account visibility to just close friends and family. This way, you can be a bit more liberal with what you post.
    • Delete old and unused accounts. Identity thieves use inactive accounts to run scams or steal passwords. If you stop using an online service, disable your account and delete your data.
    • Create a Google Alert for your name. This will inform you anytime your name appears on a website. While it adds to your online footprint, it reveals auto-generated content that you should take down.

    8. Use antivirus to protect your devices from malware 

    Malware is malicious software that hackers use to spy on you, steal your sensitive information, or even encrypt your devices until you pay a ransom.

    One especially insidious type of cyber attack uses a keylogger. Once installed, these record everything you type — including passwords, logins, and emails — and send them remotely to a hacker.

    Many phishing messages include links or attachments that secretly download malware.

    With how much personal information is on your devices, it's essential you keep them safe from hackers. Don't click on any strange attachments or links in messages, no matter how enticing they seem.

    Aura antivirus protection
    Antivirus software can keep your devices secure and warn you of potential phishing attacks. Source: Aura Antivirus Software

    But what if you accidentally opened a spam email or clicked on a dangerous link?

    First, look for the obvious signs of a virus. This includes performance delays, unfamiliar browser plugins, and persistent pop-ups.

    If you see signs of malware, immediately disconnect from the internet. It's much harder for hackers to steal your information without an internet connection.

    Then, secure your device before you get professional help. For example, on a Mac, you should:

    • Steer clear of logging into any account.
    • Delete any temporary files from your Cache folder.
    • Check Activity Monitor for any malicious apps running in the background.
    • Run a malware scanner separate from the antivirus software already on your device.
    • Clear your browser cache after removing dubious extensions.
    • Finally, consult Apple Support to wipe or reinstall your OS.

    9. Safeguard your mail from scammers

    As unsophisticated as dumpster diving or mail theft sound, they're still lucrative sources of sensitive information for identity thieves. If you don't already own a shredder, invest in one and shred anything with personal data before throwing it away. That includes:

    • Bank statements
    • Letters or offers from your credit card company
    • Health insurance claim
    • Personal or student loan statements
    • Anything with your phone number or other contact information
    USPS Informed Delivery service
    Collect your mail daily to give thieves less time to steal your documents. If you’re traveling, set up a temporary mail hold with the post office until you return.

    Check for unfamiliar mail, like debt collection notices from lenders you don’t recognize or notifications of new accounts you didn’t set up. All these red flags point to identity theft in the works. 

    Finally, pay attention if your mail stops arriving. A thief may have used a change-of-address scam to redirect your address to their own.

    10. Keep your whole family safe with identity theft protection

    Protecting your identity can feel like a full-time job. But you don't have to do it on your own.

    Aura's identity protection and credit monitoring services proactively protect your accounts from thieves and criminals.

    With Aura, you get:

    • Credit monitoring with fraud alerts. We'll monitor your bank and credit accounts in near-real time and alert you of fraud and suspicious activity. ‍
    • Identity theft and online account protection. Aura monitors your online accounts, SSN, and other sensitive information that identity thieves try to steal. ‍
    • Device and network security. Aura's VPN and antivirus software protects your devices from hackers, malware, and phishing sites. ‍
    • Protection for your whole family. Aura's family plans include coverage for up to five adults and children.
    • A 24/7 White Glove Fraud Resolution team. If your identity is stolen or you're the victim of fraud, our team will walk you through the next steps. ‍
    • A $1,000,000 insurance policy. You're covered for eligible losses due to identity theft.

    Related: The Top 10 LifeLock Competitors & Alternatives For 2022

    Was Your Identity Stolen? Here’s What To Do

    1. Immediately change any exposed passwords and delete inactive, vulnerable online accounts.
    2. Report identity theft to the Federal Trade Commission (FTC) at
    3. Make sure to file a police report with local law enforcement.
    4. Freeze your credit and place a fraud alert with a credit bureau.
    5. Call any organizations you think may have also been affected by the theft — online services or banks.

    Remember, identity theft protection services make it easier to be proactive about digital security. Rather than reacting to data breaches or, even worse, identity theft, you have peace of mind knowing someone's got your back.

    Ready for ironclad identity theft protection? Start your Aura 14-day free trial.

    Related Articles

    how to know if your identity has been stolen
    Identity Theft

    Here's How To Know If Your Identity Has Been Stolen

    Nearly 50% of Americans have experienced identity theft. Here's how to find out if someone has stolen your identity.

    Read More
    September 26, 2022
    Illustration of someone debating whether identity theft protection is worth it
    Identity Theft

    Is Identity Theft Protection Really Worth It?

    Is it identity theft protection worth the money? If you’re on the fence about it, here’s everything you should know before making a decision.

    Read More
    April 26, 2022

    Try Aura—14 Days Free

    Start your free trial today**

    This is some text inside of a div block.

    Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

    1. Financial identity theft and fraud
    2. Medical identity theft
    3. Child identity theft
    4. Elder fraud and estate identity theft
    5. “Friendly” or familial identity theft
    6. Employment identity theft
    7. Criminal identity theft
    8. Tax identity theft
    9. Unemployment and government benefits identity theft
    10. Synthetic identity theft
    11. Identity cloning
    12. Account takeovers (social media, email, etc.)
    13. Social Security number identity theft
    14. Biometric ID theft
    15. Crypto account takeovers