What is it?

In the broadest sense, identity theft occurs any time a person pretends to be someone else.  However the term usually means more than just impersonation -- it refers to stealing identity in order to steal something else, usually something of financial value. 

What are the most common identity crimes?  Nothing fancy.  Old-fashioned credit card fraud tops the list (28% in 2004), followed by phone or utilities fraud (20%), bank fraud (18%) and employment fraud (13%).

You may have heard that identity theft is one of the fastest growing crimes in the U.S., affecting tens of millions of persons a year.  Fortunately, in most cases the individual theft is not a large one -- the average loss is $200 to $250.  But the total losses add up to more than half a billion dollars a year. 

The most severe form of identity theft occurs when someone appropriates your identity repeatedly, and destroys your credit rating and finances in the process.  That is a crime from which it can take years to recover.   Fortunately, it is comparatively rare, although its rarity will be of little comfort if it happens to you.

Some ID thieves use stolen personal information to open new credit card accounts (19%).  Others simply commit fraud with existing credit card accounts (12%).  Opening up new telephone or other utility accounts is a particularly popular type of theft, with new wireless phone accounts most popular of all (10%).

How do thieves get such information?  Too often, the victim simply hands it over, by providing credit card or other personal information to the wrong person. 

Today the majority of fraud complaints to the Federal Trade Commission (FTC) involve Internet-related fraud complaints -- about 35% related to email and 25% to web sites.  (After that comes the telephone and then postal contacts.)

If you don't want to become a victim, you need to be particularly vigilant about spam email, which is increasingly used for phishing attacks that trick the unsuspecting into handing over personal information.

It doesn't have to be a high-tech theft, however.  Many experts believe that the majority of identity thefts are effected by using information that victims have literally thrown away, such as credit card receipts and statements in the garbage. 

While it is important to take steps to protect Internet thefts, such as learning how to avoid being phished, one of the best things you can do to prevent identity theft is purchase a shredder to prevent such "dumpster diving."

Identity theft is different from most types of crime in that many victims don't know they've been victimized, at least not right away.  They find out about the crime only when they are denied credit or employment, contacted by the police, or have to deal with collection agencies, credit card issuers, and bills for purchases they never made.

It is precisely this form of identity theft -- undetected for a long time, while fraudulent charges pile up -- that can lead to severe problems.

Check your bank, credit card and other online accounts frequently and carefully.  Make sure all listed transactions are valid, and if they aren't contact the company immediately. 

Get a copy of your credit report regularly, and inspect it for errors.  (You're entitled to one free report per year from each of the big three credit bureaus.)  Report anything that is suspicious immediately.

You should be worried enough to be vigilant, but not lose sleep.  Identity fraud detected early is usually a minor inconvenience.   In most cases, your credit card issuer or bank will be responsible for the losses, not you.  The cost to you will be the time to sort it out.

But imagine working for years to build a good credit history, only to find yourself suddenly inundated with debt, credit card balances, outstanding utility bills, lost employment benefits, and having your credit rating destroyed.

Victims of severe identity theft find themselves unable to open a new credit card account, get approval for loans or mortgages, obtain mobile phone or other utility accounts -- all because of what has been done using the identity. Don't make it easy for thieves to do it to you.

Your employer certainly hopes you never become a victim of personal identity theft, of course.   But its greater worry is that your workplace identity may be stolen, and used to access sensitive organizational information.

That can happen in two ways.  Your ID badge may be stolen, allowing physical access to facilities containing sensitive information.  Or a computer account user-ID and password assigned to you (a virtual ID badge) may be discovered, allowing an intruder to gain electronic access. 

Be vigilant, and make a report to the appropriate organizational security department if you suspect your workplace identity has been compromised.

See also:

Identity Theft: What to Do If It Happens to You (Privacy Rights Clearinghouse)
Comprehensive guide for victims of identity theft

Identity Theft Resource Center
Resources for prevention and recovery

Identity theft statistics (Federal Trade Commission)
More than you'd ever want to know about the numbers

Phishing and identity theft (UM Privacy Project)
Basic rules for avoiding the problem

What To Do If You've Given Out Your Personal Financial Information (Anti-Phishing Working Group)
Another comprehensive guide for victims and potential victims

Last modified: 18-Apr-2006 [RC]