Victimized By Identity Theft - What To Do?

Scam prevention expert Sid Kirchheimer outlines the steps you should take if you are victimized by identity theft—or merely suspect you may have been.

Contact a Law Enforcement Agency
It's unlikely that your local police department will solve the case—or even investigate it. Still, filing a police report may help you regain your good name—and your good credit rating—with creditors and credit reporting bureaus. After contacting your local police, you may also need to notify the police department that oversees the location where the identity theft most likely occurred. (You should also contact your state Attorney General's office, which may direct you to other agencies.)

• If the identity theft occurred from online activity, contact the Internet Fraud Complaint Center (a partnership between the FBI and the National White Collar Crime Center) at www.ic3.gov.
• If you believe the identity theft resulted from mail theft, report it at www.usps.com/websites/depart/inspect.
• If you suspect you were victimized by ATM skimming or crime involving your debit card, notify the local Secret Service field office; a contact list is available at www.secretservice.gov/field_offices.shtml.
• If you believe your credit card number (or the little plastic rectangle itself) has been stolen, notify the fraud department of your credit card company.

Shut 'Em Down
Close the accounts that you know or believe have been tampered with and notify the sponsoring institution(s) of the theft. You usually have to provide the company with two documents: 1) a report filed with the local, state or federal law enforcement agency and 2) an identity theft report.

Some companies provide their own forms for the latter, but most accept the Federal Trade Commission's Identity Theft Affidavit, which is available online at www.consumer/gov/idtheft. There, you can also find a link to file your complaint with the FTC. Or you can call the FTC's Identity Theft Hotline at 877-438-4338, or write to:

Identity Theft Clearinghouse, Federal Trade Commission
600 Pennsylvania Avenue NW
Washington, D.C. 20580

Place a Fraud Alert on Your Credit Reports
Contact one of the three major credit reporting bureaus and request that a fraud alert be placed on all your credit accounts. (The initial bureau you notify is required to contact the other two, which should then place alerts in their systems.) This signals creditors that you've been victimized by fraud. In theory, it should also block any new accounts from being opened in your name unless someone contacts you first and obtains your express consent.

There are two types of fraud alerts:

An Initial Alert
This alert lasts about 90 days. It is placed by a credit reporting bureau if you suspect that you have been—or simply are about to be—a victim of identity theft. If your wallet has been stolen or you've been hoodwinked by a phishing scam, for instance, you should instruct at least one of the three major credit reporting bureaus to place an initial alert on all your accounts. Taking this action entitles you to one free credit report from each of the Big Three.

An Extended Alert
This alert stays on your credit report for seven years. It should be placed if you know you've been victimized. To have an extended alert placed on your accounts, you will need to provide an identity theft report (generated by your local police department) to at least one consumer reporting company. Placing an extended fraud alert entitles you to receive two free credit reports from each of the three main consumer reporting companies within 12 months. In addition, those firms must automatically remove your name from marketing lists for prescreened credit offers for five years (unless you opt back in). Getting the credit reports allows you to examine them quickly, then notify the appropriate agency (such as retailers, credit-card companies, and the like) of any fraudulent charges—or of any changes that a scammer may have made to your address, Social Security number or other personal data.

In 25 states, you can also get a credit freeze that prevents new lenders and creditors from looking at your personal financial history. A freeze offers more protection than a fraud alert, since responsible lenders are very unlikely to issue credit in your name without a review of your history.

For the specific rules of credit freezes, contact each credit reporting bureau:

• Equifax: www.econsumer.equifax.com/consumer
  /sitepage.ehtml?forward=elearning_credit11
• Experian: www.experian.com/consumer/
  security_freeze.html.
• TransUnion: www.transunion.com
  /corporate/personal/fraudIdentityTheft/
  preventing/securityFreeze.page?

Contact Your Bank and Creditors
Notify credit card companies (including retail stores for which you have credit accounts), the mortgage company, and the issuer of your car note or other loans. Your credit card companies will likely close your existing accounts and issue you new plastic with a different card number. By law, you will be liable for only $50 in fraudulent charges (and it's unlikely you'll be charged for even that amount).

You may also want to close your existing savings and checking accounts, and move the funds they contained to new accounts. If your financial company isn't helping you as much as you'd like, contact the agency that oversees your bank. To find the name of this agency, call your bank or go to the Institution Search section of the National Information Center of the Federal Reserve System at www.ffiec.gov/nic.

Respond Quickly to Debt Collectors
If a debt collector contacts you about new accounts opened in your name or unauthorized charges made to existing ones, respond immediately in writing—and keep a copy of your letter. Explain why you don't owe the money in question. Enclose copies of any supporting documents, such as an official identity theft police report or an FTC affidavit.

Also ask the debt collector for the name of the business trying to collect the debt, and the amount allegedly owed. Then contact that business—also in writing—and request copies of the credit applications or any other documents linked to transactions you believe were made by the identity thief. Send these letters by registered mail, and get an acceptance receipt from the post office.

Contact the Department of Motor Vehicles
This step, often overlooked, must be taken to guarantee that the identity thief has not applied for a new driver's license in your name. These bogus licenses take two forms: a replacement license that pairs your license number with the thief's picture, or a new license with a new number. Ask that a freeze be placed on your license until you can get a bona fide replacement (to simplify this process, bring along your Social Security card and other identifiers). And if your state is one of the 19 that still allow your Social Security number to double as your license number, ask to have another number substituted.

A little preparation now will make all of these steps much easier to take later on, should it come to that. Therefore, make photocopies today of all your credit cards and identifying documents. Include your driver's license, Social Security card, birth certificate and even a business card. Keep these facsimiles in a safe spot in your home, workplace or a safe-deposit box. And don't forget to follow the prime directive of foiling identity thieves: Never, ever carry your Social Security card in your wallet!

Sphere: Related Content

How To Stay Safe On The Internet

In May 2005, the privacy software company Webroot revealed a startling statistic: At any given time, said the company's State of Spyware Report, two of every three personal computers in the United States are infected with spyware that raises your risk of identity theft.

When it comes to identity theft, fraud expert Sid Kirchheimer says the primary purpose of spyware is to capture sensitive online data: user names, passwords and account numbers.

How does spyware infiltrate your computer? It can piggyback on other applications, hiding inside the "install" commands of Internet software, such as music download programs.

How to Protect Yourself
The first rule of preventing spyware is to be careful about what you download on your computer, says Doug Tygar, Phd, a computer science professor at the University of California, Berkeley. Think twice about installing freebie software, no matter how enticing it appears. Forbidden landing zones should include any website offering sexy photos of your favorite starlet. And never open unsolicited e-mails promising discount products.

The second rule is to scan your computer once a week or more with a good anti-spyware program. "My recommendation is to use Ad-Aware," suggests Dr. Tygar. "It's free—and, based on my experience, it's among the best anti-spyware programs available." For a free Ad-Aware download, visit www.lavasoftusa.com/software/adaware.

Consider a Different Browser
The most popular browser is Internet Explorer, which comes pre-installed on most personal computers. Small wonder, then, that most viruses and spyware programs target Windows-based PCs rather than Macintosh computers.

Dr. Tygar recommends using alternative browsers such as Firefox or Opera to address identity theft or online privacy concerns. These alternative browsers can be downloaded free of charge. To learn more, visit www.getfirefox.com or www.opera.com.

Although Macintosh computers are generally safer, Dr. Tygar recommends that Mac users download the browser named Safari on their machines. For more information about Safari, visit www.apple.com/macosx/features/safari.

Get a Second (or Third) E-Mail Account
Never use your real e-mail address in online chat rooms. Never use it when shopping online, and never use it to register at any website. "If you have ever done business online," says John Hambrick, an FBI supervisory special agent with the Internet Crime Complaint Center, "you have to expect that your e-mail address will be compromised; there is [then] the potential for that account to be stolen or sold."

So do what the G-man does: Establish a separate e-mail account—free on MSN's Hotmail, Yahoo!'s Mail or Google's Gmail—and use it specifically and exclusively for online purchases. The Hambrick trick should make your private accounts less vulnerable.

How to Protect Yourself
When choosing a free e-mail address for online shopping, some people opt for a pseudonym or non-identifier. As long as you have valid payment information, most retailers won't care whether or not it matches your real name. But which free service is best? "Currently, Gmail probably gets the edge," says Dr. Tygar. "It is excellent at detecting spam and phishing, though Hotmail and Yahoo are improving quickly."

Watch Your E's for Cues
Be wary of any incoming e-mails, to any of your accounts, from unrecognized names—especially strange-sounding ones. Spammers often send e-mails using first names only, misspelled ones, or the simply absurd.

If you read just the names and subject lines of incoming messages, you can often tell they're counterfeit because they are riddled with misspellings and grammatical errors. Of course, sophisticated phishers now take the time to proofread their messages.

How to Protect Yourself
Assuming you don't really know Dai, Petter Parrker, or Hudson Fabergé, why bother opening e-mail from them? At the very least, strangely titled or misspelled e-mails are likely to be spam pitches. Yet the mere fact of clicking such an e-mail open can alert the sender that your e-mail address is active—and therefore ripe for attack or sale. Worse, opening unknown e-mail may automatically admit spyware or viruses into your computer.

Look for Signs of Security
The real dangers in online identity theft typically result from two scams:

Phishing
Fraudulent bulk e-mail messages guide naïve users to legitimate-looking but fake websites—where they are prompted to reveal personal information such as account numbers or passwords. Phishing attempts are such dead-on mimics—hard for even Internet security experts to detect—that scrutinizing the Web address itself may be the best way to spot them. Most banks can offer customers additional information on how to avoid phishing.

Pharming
The domain name server is tampered with to reroute legitimate website traffic to a bogus site. (You have no clue you've arrived at a sham site because its URL appears to be correct in the Web address field.) Pharming scams are more difficult to detect. One clue is to look for valid certificates of authority, such as a locked padlock icon or the VeriSign indicator that matches the site's name.

How to Protect Yourself
Assume that most e-mails requesting sensitive information are bogus; the keepers of your credit-card and bank-account numbers never request e-mail "updates" of your customer information. If they do, they'll provide a phone number that can be easily cross-checked.

Even if such a number is provided, look up the company's number independently, then call it yourself. "Verification" numbers given by phishers and pharmers will simply be answered by a party to the scheme. Except for a few isolated incidences, such as FAFSA forms to apply for student aid, it's the rare government agency that will ask you to supply your Social Security number via e-mail. If you receive an e-mail that requests your SSN and claims to originate inside a government agency, don't respond until you have called that agency directly and received both verbal and written confirmation that the e-mail is authentic.

Trash Files on Old Computers
If you're buying a new computer and plan to discard or donate your old one, consider this: As many as 150 million computers are trashed each year, often without having their hard drives erased. You might as well do the identity thief's job for him. Scammers routinely retrieve old machines from curbside trash or buy them for less than $50 at thrift stores, salvage yards or auctions. In one experiment, MIT students retrieved sensitive information from up to half of the discarded computers they tested.

How to Protect Yourself
Deleted files are easily retrievable by anyone with a larcenous streak and a modicum of tech savvy. To wipe your hard drive clean for good, purchase special hard drive shredding software from a computer supply store. Better yet, physically remove—or have a techie friend do it for you—the hard drive from inside the machine, then use a hammer to destroy it. Or, if you prefer, simply contact a local shredding agency and have them shred the hard drive for you.

Password Dos and Don'ts
Need another reason to guard your computer passwords? It's possible they could be cracked by eagle-eared identity thieves using a high-tech microphone that detects sound through glass.

To keep your passwords unknown—and unknowable—follow these pointers:

Do combine parts of two unusual unrelated words, such as gastrocumulus or cytoplasticity. The longer and stranger the better.

Do mix capital and lowercase characters, as well as symbols and numbers, in the middle of the password: f2reeDoMeYe#wTness, not freedomeyewitness.

Do use words from a foreign language in combo with an English word. Many hackers try to crack passwords with common words, or with those pooled from the dictionary database of a single language.

Don't use anything that can be easily guessed by neighbors, co-workers or strangers who get their hands on your wallet—a nickname, child's name, pet's name, or your favorite sports team or hobby.

Don't use slightly different versions of the same password on different websites, such as ABCebay, ABCmortgage or and ABCvisa.

Don't pair a common word or your name with a different character at the beginning or end, such as $user or johnsmith7.

Don't use the same password from one application to another. "It's fine to have a simple, short password on a news website," says Dr. Tygar. "But use a different, longer, more complicated password on a site with sensitive information."

Sphere: Related Content

Put An End To Junk Mail and Telemarketers

Each year, more than 3 million Americans discover that credit accounts have been falsely opened in their name; of these, at least 400,000 can blame the crime on stolen mail. Fraud expert Sid Kirchheimer says that in the space of an hour you can deter both direct mailers and telemarketers. To decline vulnerable mailings (such as credit card applications) and put an end to most unwanted phone calls, contact the following:

Just Say No

• Credit Bureaus Opt-Out Line
  Call 888-567-8688 (888-5-OPT-OUT) from your home telephone (so it can be checked against an address database) or visit www.optoutprescreen.com to stop preapproved credit card and insurance offers from reaching you by mail or phone.
• Do Not Call List
  If you haven't done so already, by all means, register your phone number with the National Do Not Call Registry, maintained by the Federal Trade Commission. Once you have registered your telephone numbers at www.donotcall.gov or by calling 888-382-1222, most telemarketers are barred from calling you.
• List Brokers
  Pooling information gleaned from phone books, public records and other sources, these companies prepare and sell mailing lists to businesses. To remove yourself from all of their lists, you'll have to contact each one individually. (Preprinted mailing labels to ease the task are available at www.fightidentity theft.com/junkmail_labels.html.) Details on reaching the four largest list brokers appear below.
• Direct Marketing Association
  The DMA is a trade group whose 5,200 member companies use the telephone, mail and the Internet to pitch their products directly to consumers, bypassing such intermediaries as traditional bricks-and-mortar retail outlets. The DMA offers half a dozen ways for you to opt out of receiving solicitations from its members.

Don't Snub Those Stuffers
The opt-out contacts listed above primarily deal with unsolicited mail and telephone calls from companies you have nothing to do with. But what about stopping the spread of your personal information from companies with which you already do business?

How to Protect Yourself
Once a year, financial institutions are required to inform their customers how they use their personal information, and what opt-out rights those customers have.

These notices sometimes provide a mailing address (or, more rarely, a phone number or a website address) that permits customers to stop their financial institutions from sharing their personal information with unaffiliated third parties. This is that rare offer you truly should not refuse: Taking them up on it may halt junk mail that originates from totally unsuspected sources. Even if you don't take this step, you can always stop the spread of your personal information the good old-fashioned way: Contact your bank, credit-card issuer or insurer and inform them you are opting out of sharing.

Waive That Warranty Card
When you buy a new toaster, it's easy to get burned long before the bread pops up. The source? The warranty card included in the packaging.

"Warranty cards are primarily used by the product's manufacturer to profile you," explains California identity theft attorney Mari Frank. "They will then sell that information to others, who in turn send you mailings for their own products and services. That's why warranty cards so often ask you for your household income, how many kids you have, what your hobbies and interests are."

How to Protect Yourself
Provided you keep the receipt, a product is under warranty for the designated period whether you return the warranty card or not. If you unwisely choose to "register" your purchase with the manufacturer, submit the warranty card bearing nothing more than your name, address and date of purchase. (If required, enclose a copy of your receipt.) In the same mailing, specify that your personal information is not to be distributed to others.

Who'll Stop the Mail?
The U.S. Postal Service delivers—but don't expect it to deliver you from the mountains of junk mail it dumps on your doorstep. Direct marketing mailings—which have increased by some 5 billion pieces since the National Do Not Call Registry went into effect in October 2003—generate billions of dollars in revenue for the USPS. Maybe that's why some seemingly obvious steps for refusing these mailings don't really work. For instance:

Just Say No

• Writing "return to sender" or "refused" on the envelopes of unsolicited letters and placing them in your outgoing mail will not remove you from the sender's distribution list. The USPS does not forward third-class bulk mail; postal regulations require that it be thrown away instead.
• Placing unsolicited mail in a return envelope with postage due is another futile attempt to stop future mailings. In all likelihood, the USPS will simply return the envelope to you for the correct postage. If you omit your return address and the Post Office is unable to return it to the sender, the envelope will go to the USPS's mail recovery center.

Box Junk Mail: None for Me, Thanks!
Perhaps hoping to upgrade its image as the nation's leading source of shredder fodder, the Direct Marketing Association has graciously devised all manner of means by which you can just say no. Try one of these:

Stop Receiving Mailings
Go to www.dmaconsumers.org/cgi/offmailinglist and complete the online opt-out form. Then click the Register Online button. This is the fastest way of adding your name and address to the DMA's Mail Preference Service (essentially a "do-not-mail" list), but it costs $5, payable by credit card.

If you don't want to go online, send a postcard or letter including your name, address and signature (and a request to opt out) to:

Mail Preference Service
Direct Marketing Association
P.O. Box 643
Carmel, New York 10512

This option is also free of charge, but it is the slowest: A minimum of two months will be required before your name and address have been added to the MPS opt-out list.

Stop Telephone Solicitations
Visit www.dmaconsumers.org/
cgi/offtelephone and complete the opt-out form you will find there. Here again there is a $5 charge to register online, or you can print out the form and mail it in at no charge. You can also send a letter or postcard with your name, address, telephone number (with area code), and signature to:

Telephone Preference Service
Direct Marketing Association
P.O. Box 1559
Carmel, New York 105120

Reduce E-Mail Solicitations
Visit www.dmaconsumers.org/consumers/
optoutform_emps.shtml. To confirm your submission, the Direct Marketing Association will send an acknowledgment to each address you submit (up to three); you must reply to each one within 30 days in order for your registration to take effect.

Remove the Names of Deceased Loved Ones
Visit www.preference.the-dma.org/cgi/ddnc.php and complete the form you find there. There is a $1 charge to verify your credit card information.

The "A List" for Getting Delisted
They don't exactly make it easy for you, but if you send a written request to each list broker below, your tide of junk mail should eventually ebb.

Dun & Bradstreet
Customer Service
899 Eaton Avenue
Bethlehem, Pennsylvania 18025

R. L. Polk & Co./Name Deletion File
List Compilation Development
26955 Northwestern Highway
Southfield, Michigan 48034-4716

Database America
Compilation Department
470 Chestnut Ridge Road
Woodcliff, New Jersey 07677

Acxiom U.S.
Consumer Advocate Hotline
Phone: 877-774-2094
www.acxiom.com/us

Sphere: Related Content

'Lonely Hearts’ Scam - Are You At Risk?

Most people worry over the risk of becoming victim of such crimes such as burglary or mugging but they don’t expect their money to be stolen through other forms of crime. This is despite more and more publicity over identity theft and other fraudulent crimes.

By making themselves aware of these crimes, the public can prevent them before they occur instead of becoming part of the crime statistics. Every year fraud costs the UK around £20 billion, with £3 billion of it being lost through Internet scams.

One of the latest scams is called the ‘lonely hearts’ scam. This scam affects online users who use chatrooms or dating websites for online relationships. The way it works is the fraudster befriends the victim over a period of time by feigning interest in them. All the time however, they are really interested in how rich their victim is, or how much access they have to credit.

After they have gained the victim’s confidence, the fraudster dupes them into taking out a personal loan or handing over life savings. There is always a ‘hardluck story’, usually a claim that this new friend desperately needs money for an operation or for travel expenses to escape an opressive regime.

Typically this type of fraud involves a man or woman from another country who builds a relationship over time through email and phone calls. The relationship can last for months with the fraudster requesting to borrow money slowly over the time period, or they could suddenly come up with an emergency where they need the funds.

Although you may feel that you would never fall for something so obvious as this scam, it happens to people every day. The internet has a way of breaking down barriers between people, and the victims afterwards report that they genuinely thought they had found love or at least a real friend. When speaking with others who live in much poorer circumstances guilt over their better lifestyle is often all that is needed for the victim to borrow money to help out their new ‘friend’.
Unfortunately fraud has caused many people to become wary of others’ intentions, but with the amount of fraud that is occurring people do need to be more cautious.

Sphere: Related Content

Single Adult's Life Savings - Targets Of Dating Fraudsters

A new type of fraudster is sapping many single adult’s life savings, and even driving them into insolvency. These insidious fraudsters hit their victims from dating sites. They earn their victim’s confidence and learn whether they own a nice house, discover their mortgage level and whether they have a savings account.

A growing number of adults are victims of seemingly ‘caring’ people whose acting skills are so good that they quickly gain access to the victim’s accounts. Reports are surfacing where con artists have stolen as much as £70,000, but usually target smaller amounts.

There are two types of con artists who use these scams. The first type of fraudster often has a heart rending story; perhaps involving medical bills that cannot be met. They ask for financial help. Or perhaps they have a business idea which is a ’surefire winner’. Each time the victim lends money to the fraudster – sometimes clearing their savings accounts, sometimes taking out personal loans to raise the cash. But once the money is handed over, the fraudster is never seen again.

The second type of fraudster dates the victim and then quickly moves in. They set up house and open joint accounts. The fraudster can usually apply for a loan or open joint accounts on the victim’s credit rating. After a while they empty the victim’s accounts take gifts and disappear.

The first type of fraudsters are usually located in foreign countries, making it impossible to press charges. For the second type, they could be masquerading under a false name, or a foreigner who expects money for a visa and airfare to the UK.

There are many different types of scams that separate UK adults from their money. Many victims of fraud are left with no money, no way to repay their mortgages, and with only one option: insolvency.

Sphere: Related Content

Online Lottery Can Wreck You For Life

There are many stories of lottery winners who win money, only to be left in poverty a few years, or even months, after they collect their earnings. But, now, there is a more insidious lottery scam that is taking people’s life savings.

This lottery hits most people from their e-mail address. This scam does not originate in Nigeria, but in London. Once the recipient responds to the e-mail, the fraudsters talk of the money they already won, but there is always an administration fee.

The ‘real’ lotteries do not have fees. They also do not award prizes to people who did not buy a ticket, or fill in a registration form.

Many households in the UK are desperate enough to gamble on the slight chance that the lottery is for real. Unfortunately, victims do not speak up from embarrassment.

The administration fee is rarely charged by the company, but by a ‘government levy’ or a legal fee needed to claim the money.

The scam set up is very advanced. The fraudsters put people in touch with a London-based Lawyer who will help you. Many people take out a personal loan or borrow the money on their credit card.

He will arrange the government levy, and uses the same terms as the fraudsters. He will attach his fee to the top of the government and legal fees.

Near the end, the fraudsters walk away with £3,500 that the consumer has begged or borrowed. This type of scam traps the elderly, and the poor, who have not had financial training. They borrow money in the hopes of eliminating their debts.

Sphere: Related Content

Dont Get Caught-Up In The Soaring ID Theft

ID fraudsters are becoming more sophisticated and are starting to use other avenues to steal from consumers. There has been an increasing amount of mobile phone fraud, current account hijacking, and car leasing and cloned car number plate fraud throughout Britain.

Credit card and loan frauds are now the most popular forms of ID theft, where fraudsters gain information from one person to carry out as many fraudulent activities as they can before the fraud is discovered.

The fraudsters create credit card accounts and run up huge bills which will never be paid. They take out personal loans which get defaulted on, leaving the victim with a bad credit rating.

The average amount an individual is defrauded is currently £6,000. Many consumers are not aware that identity fraud has taken place in a number of different ways and are still not protecting themselves and practicing good methods of identity protection.

Most consumers do not know what to look out for to discover whether they have fallen victim of an identity theft crime.

Identity theft can happen in a number of different ways and only just a few personal details are needed to commit a crime.

Often these personal details can be obtained through phone calls, phising, mail interception and other methods. The personal information gained through the methods can then be used for fraudulent purposes such as account takeovers as well as taking out mobile phone contracts.

Over the last year there has been over a 300% increase in the number of serious fraud cases. Fraudulent cases that included the take over of a current account were up by 24% in the first three months of this year with mobile phone contract crime up by 22%.

Sphere: Related Content

Protect Yourself From Identity Theft

Sid Kirchheimer

Fraud expert Sid Kirchheimer says the most basic ways to protect yourself from identity theft are well known: Check your credit history at least once a year with each of the major credit reporting bureaus. Shred with a cross-cut (or "confetti") shredder all incoming mail with any sensitive information: your name, address, account information, Social Security number and especially "convenience checks" and new credit card offers. Never carry your Social Security card or PIN codes in your wallet. Carefully read bank, credit card and even telephone statements each month. What else can you do to keep the identity wolves from your door?

Shield Your Fortune with a $2 Pen
All it takes to empty your bank account is a single signed check stolen from your unlocked mailbox and some acetone—the active ingredient in nail polish remover. (Conveniently for criminals, pure acetone is also available in the paint department of home improvement centers.)

Here's how the scam goes down: The crook steals mail likely to contain a signed check—envelopes addressed to the phone or electric company are easy pickings. He or she then removes your check, puts a piece of cellophane tape over the front and back of your signature, and places the check in a pan of acetone. This process—known as "check washing"—takes only about 30 minutes to rinse everything but the printer's ink from the check. Your tape-covered John Hancock and the printer-inked information, of course, remain intact. The check is then blow-dried and flattened in a book, the tape is carefully peeled away and voilà—a blank check signed by you, replete with your name, address and bank account information.

How to Protect Yourself
Buy yourself a safe pen. One type of ink—the kind in gel pens manufactured by Uni-Ball—resists acetone or other chemicals used in check washing.

Write Four Digits for More Protection
Even when you fill them out with a wash-proof pen, your outbound checks may offer identity thieves another bit of primo booty: your complete account numbers for credit cards, mortgages or other loans, which are routinely written (at the payee's insistence) on signed checks.

How to Protect Yourself
Rather than obediently scribbling your entire account number on signed checks—often on the Memo or For line—list only certain digits, such as the last four numbers of your credit card account. Or write down no integers at all. Firms routinely ask you to note your entire account number, but there is no need to comply.

Keep 'Em Guessing with New Checks
If your current checks display your first name, order new ones showing only your initials. That's the advice of Mari J. Frank, a California attorney who became an identity-theft protection lawyer after being victimized herself. "That way, the fraudster won't know how you sign your name," notes Mari.

How to Protect Yourself
To further guard your privacy, keep phone numbers off your checks. If you must list one, make it your work number, not your home phone. Another good move: Get a Post Office Box number and use it (rather than a street address) as your mail-delivery point. Of course, never display on any check your Social Security or driver's license number. To prevent new checks from being stolen from your incoming mail, specify that the delivery be sent not to your home but to your bank (for later pickup there).

Finally, seek out check styles that offer security features, such as a special substrate that stains during check washing attempts.

Say Cheese
Stealing your identity isn't hard, but stealing your face is. Take advantage, therefore, of an option offered by certain credit card companies and retail stores that sponsor their own plastic: Your photo can be affixed to your credit card.

Avoid Casual Clues
You welcome trouble into your life when you use your birth date or your mother's maiden name as your clue password or PIN for bank and credit card accounts. Savvy identity thieves are adept at obtaining this information. They simply ferret out birth certificates and other public records online, then use the significant dates they find there to guess passwords until they succeed in cracking your account.

How to Protect Yourself
If a company asks for your maiden name or your mother's maiden name, reply that you want to use an alternative password to that. Alternatively, fabricate a maiden name or pick a bogus birthday—one that you can easily remember, of course.

Sphere: Related Content

eBay's Online-Shopping Safety Tips

Love to buy and sell on eBay? Don't fall victim to an Internet scam. Follow eBay's top five online safety tips for a safe, satisfying shopping experience.

Get to know your seller. Contact and communicate with them and research their reputation by checking their feedback rating.

Pay safely. Pay with a fast, easy and secure payment method such as PayPal. Do not pay with cash or instant money transfer services. These methods are banned on eBay because they are unsafe.

Never click on a link or reply to emails that ask for personal information. eBay and PayPal will never ask you for your account or credit card details, username or password in any communications.

Download the eBay Toolbar with account guard. This will protect you against clicking onto fake eBay and PayPal websites.

Educate yourself before trading on the Internet. Check out the eBay Security and Resolution Center for the latest tips and advice about how to avoid common buying mistakes that increase the risk of a bad buying experience.

Sphere: Related Content