Dianne Cutter doesn't swipe her credit card at the gas station anymore. She became a cash-only customer after her card was skimmed from the credit card reader and a thief made charges to her card.
What made Cutter's experience especially egregious is that she's a vigilant consumer who pays most bills online, checks her credit reports regularly and has a fraud alert on her accounts. Oh, one more thing: She's the CEO of Asurency Protection, an identity theft and fraud protection company.
"I always advise people not to pay at the pump, but I got lazy once and didn't take my own advice," she said. Even though many of us have had a brush with identity fraud, there is good news: It has recently declined.
According to a survey by Javelin Strategy & Research in Pleasanton, Calif., identity fraud fell sharply in 2010, after rising in 2008 and 2009. About 8.1 million Americans (3.5 percent of the U.S. population) were victims of identity fraud last year, 3 million fewer than the year before.
But while overall fraudulent activity is down, it's more difficult to detect and resolve, said Brian McGinley, senior vice president of data risk management at Identity Theft 911 in Providence, R.I.
And, despite growing consumer awareness and constant reminders to protect personal information, many Americans still think of identity theft as someone else's problem. The news about security breaches at Google, Sony and Citigroup were widely broadcast, but it didn't make much of an impression on consumers. In fact, it might have had the opposite effect, said McGinley. "We're starting to see breach fatigue," he said. "There are so many examples from so many entities that consumers are slipping into complacency."
McGinley and Cutter recommend that as technology and prevention change the way thieves operate, consumers need to change, too. Shredding sensitive documents and stopping pre-approved credit offers are a good start. Here are some recommendations from consumer experts and the Federal Trade Commission.
--Make your passwords unique. Don't use your pet's name, your mother's maiden name or your favorite team. Use numbers, symbols and a few capital letters to mix-up a password.
--Don't publish your personal information: Keep birth dates, email addresses, pet's name and other personal information off social networking sites such as Facebook, Flickr, Twitter and Linked In.
--Use security freezes. Instead of using professional identity theft protection services, which can cost $120 to $240 a year, Consumer Reports recommends placing a security freeze on your credit reports at all three major credit-reporting bureaus (Experian, Equifax and TransUnion). That will deny access to your credit report to prospective creditors and prevent a scammer from setting up an account in your name. The freeze costs $5 to $10 per bureau, and is free if you have been the victim of identity theft.
--Don't give out private information by phone, mail or email without verification. Check an independent source to get the company website, phone number or email. Even emails that appear to come from trusted sources can be a form of phishing to trick you into providing personal information.
--Secure your smartphone, which offers thieves another way to steal personal information. One in three of us has lost a cellphone or had it stolen, but only half of us bother to set up a password. Some smartphone users store financial information on their phones. Add security software and password protection, and don't store account numbers.
--Protect your children. A child's Social Security number is a thief's mother lode, because it might remain unchecked for years. Parents can monitor any activity once a year by requesting a free credit report at www.annualcreditreport.com or 1-877-322-8228.