Imagine having your bank account drained, being unable to use your credit cards and seeing your credit rating trashed. Imagine then spending hour after hour trying to clear your good name and get your life back together. Identity theft is the No. 1 consumer complaint reported to the Federal Trade Commission's Consumer Sentinel Database. An estimated 500,000 to 700,000 people a year become victims, according to the U.S. Department of Justice. The scope of the problem may be even worse than this, with the number of consumers who have fallen prey to identity thieves being significantly underreported, according to a new report by market research firm Gartner Inc. It estimated that 3.4% of U.S. consumers became victims over the previous year. It's not just individuals, but also organized groups who commit identity theft, including international terrorist cells, according to Jonathan J. Rusch, a lawyer with the U.S. Department of Justice who specializes in fraud prevention. "They're using more and more sophisticated techniques to entice people to grant them access to their personal information and more and more sophisticated technology to access it behind their backs," he says. Now that you've gotten the daylights scared out of you, rest assured that by the very fact that you're reading this right now, chances are less that you'll become victimized. Identity thieves are more successful against those who don't stay on top of things. This is particularly so online, where identity thieves can have an easier time finding information about you and profiting from it, if you're not careful. The fastest-growing technique is "phishing," a practice of using "spoofed," or fake, e-mails and Web sites to trick you into revealing your Web site password, Social Security number, checking account information, credit card data, mother's maiden name and other personal information. Typically, you receive an e-mail that appears to be from the customer service department of America Online or an Internet service provider, the online auction company eBay, the online payment service PayPal, or a Web retailer you've done business with. The e-mail contends there's a problem with your account and indicates you need to update your billing information. You're then directed to a Web site that appears to be from the same company but has been set up only to steal your identity. Federal law and the laws of many states stipulate harsh penalties for identity theft, though reports indicate that such penalties are seldom meted out. Even if they were, legislation by itself won't protect you. You need to cover your own assets. Internet service provider EarthLink has been especially active in trying to fight the problem. It suggests these guidelines, suggestions that others have made as well:
- Whenever updating your information online, access the particular Web site through your Favorites or Bookmarks menu or by typing in its address manually. Don't follow a link in an e-mail you receive.
- Most legitimate companies store your personal information on a secure Web page, which will be indicated by a lock symbol at the bottom of your browser window and the letters "https" in front of the page's address.
- If you have any doubts, phone or e-mail the company first, using a number or address you've used before.