You can freeze your credit for free with all three credit reporting agencies (TransUnion, Experian, and Equifax) - that will essentially stop anyone from stealing your identity and opening accounts you're liable for via your SS#. I keep all three frozen all the time, only unfreezing when I'm applying for something. Unlocking (unfreezing) each account is free, easy, and takes just a couple of minutes.
If you're using your phone or laptop outside of your own wifi without a secure VPN you're playing with fire. The chances of someone actually intercepting your data without a VPN is pretty slim for most people, but it's an inexpensive way to protect your digital data transmissions.
Also, use credit cards for purchases rather than debit cards - the issuing banks generally have more leverage wrt stolen card data purchases for credit cards compared to your debit card.
This is spot on.
We had an identity theft scare several years ago. It turned out fine, and nothing bad actually happened, but it was sobering.
We immediately froze all our credit reports — as in nobody gets a credit report for any reason unless we say it’s OK. We don’t open new debt accounts, so I think we’ve unfrozen exactly once in over 10 years. We unfroze, Capital One pulled the reports, I verified they had what they needed, and I re-froze them, all within one business day. Cap One understood the situation entirely, and was really cooperative in that process.
The main thing is don’t give your SSN out to anyone other than those legally required to have it — banks, the IRS and other taxing authorities, insurance companies. Doctors’ offices are bad to ask for it, and I guess a lot of people give it out, but I never do.
And I like the idea of paying with PayPal. Yes, they have your credit card information and could get hacked. But your CCN is in only one place, and I promise you, they have otherworldly internal security. Plus, for reasons Crimsonaudio cites, if your CCN gets out, it’s not all that big of a deal.
Just keep in mind that there’s risk rolling out of bed in the morning. You can certainly minimize your exposure, but you can’t eliminate it altogether. Any institution can get hacked, and if anybody says they’re hack-proof, they’re lying.
Strangely, the biggest vulnerability is a function of being financially responsible — mortgage fraud.
The bad guys get an address and cross it against mortgage liens, which are public record. They find one that is mortgage free, and borrow from a lender that lends on property value alone at really low loan-to-value (LTV) — like less than 50%. These shylocks don’t even bother trying to pull a credit report. The bad guy says it’s a second home, so please send all correspondence to his (the bad guy’s) address.
Of course, they never make even the first payment. The real homeowner finds out only when served with foreclosure papers.
Now, it’s fraudulent debt, and the homeowner doesn’t legally owe anything, and the bad guy doesn’t own the property, so he didn’t have legal standing to pledge it in the first place. But proving all that is a monumental pain.
I don’t use any of the online services because my credit reports are frozen and have been for years. I also check my credit cards every day. I probably need to check liens on my house a couple times a year, but haven’t done that.