How To Protect Yourself From Identity Theft in 2024

What Are The Best Ways To Protect Your Identity?

Identity theft is one of the fastest growing crimes in America. According to the Federal Trade Commission (FTC) [*]:

Since the start of 2023, over 4.2 million Americans have been victims of identity theft and fraud — with losses in the billions.

Identity theft protection is about putting all defense mechanisms in place before criminals can get to you.

In this guide, we’ll run through how to protect yourself from identity theft and fraud before you become a victim, the warning signs to look out for, and what to do if you think your identity has been stolen.  

{{show-toc}}

How To Protect Yourself From Identity Theft

Here are some of the most recommended methods to protect yourself from identity theft and fraud according to experts:

1. Freeze your credit with all three bureaus

Identity thieves are usually financially motivated. They take out loans, open credit accounts, or apply for new credit cards in your name to steal as much money as possible.

A proactive credit freeze prevents anyone from accessing your credit file or credit history, which can stop scammers from opening a line of credit in your name. It’s a free service and well worth the peace of mind that it provides. Plus, you can lift (or “thaw”) the freeze anytime.

How to freeze your credit:

To freeze your credit, you’ll need to contact each of the three major credit bureaus individually (Experian, TransUnion, and Equifax). Once you provide proof of identity, they’ll give you a PIN that you can use to freeze and thaw your account.

2. Review your credit card and bank statements as soon as possible

According to the Identity Theft Resource Center’s (ITRC) 2022 report, over half of reported identity theft cases remain unresolved — a 37% increase compared to 2021 data [*]. The sooner you spot suspicious activity, the better chance you have of fully recovering.

If a criminal has your bank account number or targets your financial accounts, you’ll see the evidence in your credit report and your credit card statements. Ignoring monthly account statements can let suspicious activity go unnoticed.

How to review your financial statements:

• Check your credit report regularly. You’re entitled to three free credit reports per year — one from each of the three major credit bureaus. Official resources like AnnualCreditReport.com make the process even easier.
• Carefully inspect the charges on your credit card and bank statements each month. If you see strange withdrawals or signs of credit card fraud, call the number on the back of your bank card and ask to talk to the fraud department.
• Consider signing up for a credit monitoring service that continuously reviews your credit report and alerts you to suspicious activity. For example, a 2022 consumer survey found that Aura notified users of potential credit fraud more consistently and up to 250x faster than other services³.

3. Secure your online accounts with strong passwords and two-factor authentication (2FA)

If criminals get access to even one of your online accounts, it could open the door to your entire digital life. That’s why strong passwords and two-factor authentication (2FA) are important when it comes to protecting yourself from identity theft.

How to secure your online accounts:

• Download a password manager to safely store all of your passwords. Aura’s identity theft protection plan includes a password manager that is also password-protected.
• Create complex, unique passwords for each account. Many password manager platforms provide automatically-generated passwords that are more difficult for hackers to crack.
• Go into the settings menu on each of your online accounts and set up two-factor authentication wherever possible.

📚 Related: How To Tell If an Email Is From a Scammer →

4. Install antivirus software on all of your devices

Personal computers and mobile devices are attractive targets for criminals because they contain vast amounts of personal data. In some of today’s most devastating scams, hackers gain control of a victim’s computer or phone and install invasive malware, spyware, or ransomware designed to steal sensitive information.

Invest in reliable antivirus software that will continually scan your device for potential security threats and block malware and viruses.

5. Learn to spot the warning signs of a phishing attack or online scammer

Social engineering scams like phishing also tend to target your financial information. Identity thieves use scam messages to trick you into giving them the information they want.

To the untrained eye, a phishing scam is difficult to detect. And it’s by far the most prevalent type of scam on the internet [*].

The more you educate yourself about what phishing messages look like, the safer you’ll be.

How to spot the warning signs of an online scammer:

• Be extremely cautious about unsolicited emails and urgent messages that contain links — even if they appear to come from government agencies, well-known businesses, or your financial institution.
• Research how to avoid phishing scams. Learn how they play out, and how to recognize red flags and scammer strategies.  

6. Check URLs or use Safe Browsing tools to warn you of fake websites

Internet criminals create fake websites that are skillfully disguised as the official websites of companies like Amazon, Bank of America, USPS, PayPal, and the DMV. Scammers commonly lure targets with links in phishing emails or text messages.

These copycat web pages look indistinguishable from the authentic ones. Many even feature a padlock symbol (signifying SSL encryption) next to the URL. This makes people feel comfortable entering their login credentials or account numbers.

How to use Safe Browsing tools:

• Free resources like Google Transparency Report and URLVoid offer searchable databases that check URLs for harmful content and known scam websites. Before entering information on a web page, simply copy and paste the URL into the database’s search engine.
• Aura’s digital security features include a website checker to alert you before a dangerous website is able to load.

📚 Related: How To Know If a Website Is Safe →

7. Don’t use public Wi-Fi (without a VPN)

Everyone loves free Wi-Fi, but few realize that it's risky. Malicious hackers use public Wi-Fi networks to access private accounts and documents, discover personal data, and send phishing emails to any device that’s connected to the network.

You might connect to what looks like the official Wi-Fi hotspot of your hotel or local cafe. But in reality, it could be a hacker’s hotspot that they’re using as bait to access your data.

How to protect your Wi-Fi connection in public:

• Always use a Virtual Private Network (VPN) in public. VPN services encrypt the connection between your device and public Wi-Fi networks. This allows you to browse privately and securely.

8. Reduce the amount of information available about you online

Social media websites are lucrative resources for fraudsters. Now more than ever, criminals are using online profiles as jumping-off points to commit ID theft.

According to astounding new data from the ITRC’s Consumer Impact Report [*]:

“Social media account takeover increased by 1,000% in 2022 alone.”

An identity thief can use details that you post about yourself to impersonate you online and take over your personal and financial accounts.

How to reduce the amount of information about you online:

• Limit the amount of personal information that you share online, including on social media and online marketplace websites. Don’t include your phone number, birth date, live location, hometown, or home address.
• Never post sensitive photos of documents. This includes your driver’s license, passport, paycheck, Social Security number (SSN), Social Security card, or any other document that you wouldn’t give to a stranger.
• For even more protection, follow our guide on how to remove your personal information from the internet.

📚 Related: 9 Critical Resources To Use If You're the Victim of Identity Theft →

9. Remove your contact details from “People Finder” websites

Data brokers use public records and social media websites to create detailed profiles about anyone who has an online presence. They offer full access to these profiles for a fee to marketers and scammers alike.

How to remove your data from People Finder websites:

Manually removing your personal history, contact details, and demographic information from websites like Whitepages is a legitimate (albeit painstaking) option. Unfortunately, the results are temporary at best.

Some people opt to pay an annual fee for automatic removal of their data from select sites.

• How to manually remove your personal information from data brokers: Use online resources like PrivacyRights.org to locate People Finder sites and submit data removal requests.
• How to automatically remove your personal information from data brokers: Aura can automatically scan data broker lists for your personal information and request its removal on your behalf. If the services add your information again, Aura will keep sending them takedown requests until it’s gone for good.

📚 Related: How To Remove Your Data from Data Broker Sites →

10. Be cautious in public with sensitive documents and information

Digital security is a huge part of identity theft prevention, but it’s not the whole picture.

Stealing wallets or using card skimmers to collect swiped credit and debit cards may be old strategies, but they’re alive and well. Even some good, old-fashioned “shoulder surfing” in the right location provides a great opportunity for criminals to strike.

How to be cautious with non-digital forms of sensitive information:

• Don’t bring sensitive documents with you to public places unless it’s absolutely necessary.
• Avoid relaying personal information verbally in public whenever possible. If you’re communicating over the phone, go to a location where you won’t be overheard.

11. Safeguard your mailbox, and be cautious when sending checks

Identity thieves still benefit from raiding mailboxes.

Recently, law enforcement officials have warned about a surge in mail theft. Criminals all over the United States are stealing mail to look for checks and then alter them, deposit them into their own accounts, and withdraw the cash before the doctored checks are flagged [*].

Whether mail thieves are looking for a quick buck or a way into your personal accounts, your mailbox can be their ticket to success.

How to protect your sensitive documents at home:

• Shred all sensitive documents before throwing them away. This includes health insurance forms, tax returns from the IRS, student loan documents, pre-approved credit card offers and more.
• Check your mail regularly and secure your mailbox at home. Consider applying for a P.O. box at your local post office for added security.
• Avoid USPS collection boxes. Instead, deposit sensitive mail directly by going to the post office.

12. Use biometric security on your mobile devices

Your smartphone and computers are already signed in to multiple personal accounts. If scammers steal your phone and crack your password, they could take over your personal and financial accounts immediately.

Biometric security features, such as fingerprints or facial recognition, can counteract these types of threats. Once activated, this technology makes it much harder for hackers to break in to your device.

How to use biometric security on your devices:

• Set up facial recognition or fingerprint ID (known as “Touch ID” on Apple devices). If possible, combine biometric fingerprint or facial recognition tools with a strong passcode or password.
• Find out whether your laptop or desktop computer accommodates biometric security measures.

💡 Related: What Can Hackers Do With Your Phone Number? →

13. Scan the Dark Web for your personal information (especially after data breaches)

Large-scale data breaches remain a serious concern in 2023. Security Magazine reports that over 4,100 data breaches occurred in 2022 alone [*].

If your sensitive information gets compromised in a data breach, there’s a good chance it will end up in the possession of criminals buying and selling stolen data on the Dark Web.

Discovering that your data is leaked on the Dark Web is unsettling because you can’t remove it. But you should increase digital security precautions once you know that your information has been exposed.

How to scan the Dark Web for your personal information:

• Use a free Dark Web Scanner periodically to check whether your personal information has been leaked. For example, Aura’s free leaked password scanner can send you notifications if your login credentials have been compromised.
• For a long-term solution, consider investing in a Dark Web monitoring tool.

💡 Related: Is ProtectMyID Worth It? What To Know Before Buying →

14. Use email aliases when signing up for new accounts

Scammers can use your email address to target you with phishing attacks — or use leaked passwords to break into your online accounts.

An email alias is a “throwaway” account that you can use when signing up for new services. Any message that’s sent to your alias will still end up in your inbox — but scammers won’t know your real email address in the case of a data breach.

Here’s how to use email aliases:

• Use a “+” in your Gmail address. Gmail users can create email aliases by adding a “+” and other information to their email address. For example: yourname+newsletter@gmail.com will still send emails to yourname@gmail.com, but can protect your main inbox.
• Use Aura’s email alias feature. Aura offers automatic and random email aliases whenever you sign up for a new service online. Aura manages all of your aliases for you and gives you full control over which ones are forwarded to your main inbox.

💡 Related: What To Do If a Scammer Has Your Email Address →

15. Use a digital wallet for purchases

Safeguarding your credit card numbers is an essential part of identity theft protection. But any time you use, enter, or store your credit card information, it puts your data at risk. Digital wallets use technology called “tokenization” to pay for goods and services without providing your actual credit card numbers to companies.

This means that in the case of a data breach, scammers won’t have access to your credit card numbers.

Here’s how to use a digital wallet:

• Add your credit cards to a digital wallet on your smartphone — for example, Apple Pay, Google Pay, or Samsung Pay.
• When you pay for services in person or online, use your digital wallet instead of your actual card. This ensures that your card information is protected from scammers.
• Digital wallets also protect your card information with the same security measures provided by your phone — such as biometric security.

What Are The Warning Signs of Identity Theft?

While you can do everything in your power to protect yourself against the different types of identity theft, it’s almost impossible to completely guarantee your safety. Instead, when it comes to being the victim of identity theft, speed counts. The sooner you can spot the warning signs, the better chance you have of mitigating the damage scammers can do.

Here are some of the main warning signs that your identity has been stolen:

• Mistakes or strange accounts on your credit report.
• Suspicious activity on your bank account or credit card statements.
• Calls, emails, or letters from unrecognized lenders, debt collectors, or credit card issuers.
• Lost or stolen ID (driver’s license, passport, birth certificate, etc.)
• Your tax return is rejected or is way off.
• You’re denied a loan or credit card due to your credit score suddenly changing.
• Strange emails, calls, or text messages.
• Unrequested 2FA codes or password reset request emails and texts.
• You’re locked out of your online accounts.
• Your devices are acting strangely or won’t let you access files.
• Your health benefits are suddenly used up.
• Unfamiliar income on your Social Security statement.
• Notifications that your data was leaked in a data breach.

If you see any of these warning signs, act fast to secure your accounts using the steps above.

Is Identity Theft Protection Worth It?

Following the steps in this guide can help make you less of a target for identity thieves. However, even the most stringent precautions can’t guarantee that you won’t have your identity stolen. Plus, if you do become a victim of identity theft, you’ll be left to deal with the consequences on your own. 

That’s why millions of Americans are choosing to sign up for an identity theft protection service. 

Tools like the ones included in every Aura plan do the work for you. Aura monitors all of your sensitive information and financial accounts for signs of fraud and proactively protects you and your family against online threats. 

Here’s what you get with Aura: 

• Award-winning identity theft protection. Aura continuously monitors your personal information for signs of fraud. If someone tries to use your SSN, name, or other PII to open accounts or conduct other fraudulent activity, you’ll receive an alert in near real-time. 
• Three-bureau credit monitoring with instant credit lock. A 2022 mystery shopper consumer study by ath Power Consulting found that Aura discovered more instances of potential fraud (such as when new credit accounts are opened in your name) and sent fraud alerts up to 250x faster than competing services.
• Digital security tools (password manager, antivirus, VPN, and more). Aura proactively protects your devices and data from hackers with a full suite of digital security tools. 
• Family protection for your kids and elderly family members. If you have children or elderly family members, Aura’s family plans can keep them safe from online threats.  
• 24/7 access to U.S.-based Fraud Resolution Specialists. When you need help, a dedicated Aura teammate is only a phone call, email, or chat message away.  
• Up to $5,000,000 in identity theft insurance coverage. If the worst should happen, every adult member on an Aura plan is covered for up to $1 million in eligible losses due to identity theft (up to $5 million total for family plans). 

Ultimately, deciding whether identity protection is worth it is a matter of risk assessment. Are you willing to tackle the threats on your own, or would you benefit more from automated monitoring and expert assistance?

What To Do If You’re a Victim

If any of your personal information gets compromised, these emergency steps can help you regain control of the situation sooner rather than later. 

• Contact the three major credit reporting agencies (Experian, TransUnion, and Equifax). Request a security freeze so that lenders won’t issue credit in your name.
• Request a free copy of your credit report and review your credit score and files carefully for signs of identity fraud. 
• Report the incident to the Federal Trade Commission (FTC). File an official report online at IdentityTheft.gov. An FTC report acts as your official proof of innocence and will be required in order to dispute fraudulent charges and close accounts.
• File a police report at your local law enforcement agency. If you know the identity thief or have information that could lead to an arrest, you should bring this information to your local law enforcement. A police report may also be necessary to prove the incident and claim the benefits to which you’re entitled.
• Contact your bank and credit card company and notify them of the fraud. Dispute any fraudulent charges that appear on your bank account statements.
• Consider signing up for identity theft protection. New data from the ITRC reveals that 50% of identity theft victims endure repeat attacks. This means that if you’re targeted once, you’re at risk of another incident [*]. For added protection, consider an identity theft protection service like Aura. 

📚 Related: What To Do If Your Identity Is Stolen (2024 Update) →

The Bottom Line: Keep Your Identity Safe and Secure

A fraudster can compromise your identity at any time. And recent surges in online scam attacks highlight the need for a serious approach to personal cybersecurity. 

Looking for an all-in-one solution to shield you and your family from invisible threats? Aura’s top-rated identity protection services can help you achieve your personal security goals for 2023.

Secure your digital life against scammers. Try Aura free for 14 days.