If you thought that the promising (albeit modest) drop in the total dollars stolen by identity thieves in 2015 was a harbinger of things to come, think again. According to the just released 2017 Identity Fraud Study from Javelin Research, the number of victims of this crime—in all its permutations—climbed to a record high of 15.4 million last year. And, despite the fact that the average amount per fraud went down, the total cost topped $16 billion, also an all-time high. What does that say about efforts to rein in identity thieves? “We’ve gotten pretty good at closing the door once the horse has left the barn.

  • Emphasize Email Security: It’s obviously important to use strong passwords for all financial accounts, but you may not realize how essential it is to focus on email in the course of shoring up such cyber defenses. Your primary email address will likely serve as your username and means of resetting your password on other websites, so if it’s vulnerable, all of your other accounts will be, too. As a result, make sure to use an especially secure password and establish two-step verification for this account.
  • Sign Up for Credit Monitoring: Credit monitoring is the best way to keep tabs on your credit report, providing peace of mind in the form of alerts about important changes to your file, including potential signs of identity theft. WalletHub offers free monitoring of your TransUnion credit report.
  • Leverage Account Alerts & Update Contact Info: Setting up online management for all of your financial accounts (e.g., credit cards, loans, Social Security), and keeping your phone number, email address and street address up to date will make them harder for identity thieves to hijack. Establishing alerts for changes to your contact info and other suspicious account activity will serve as a safeguard.
  • Use Common Sense Online: Don’t open emails you don’t recognize. Don’t download files from untrustworthy sources. Don’t send account numbers and passwords via email or messenger applications. And don’t enter financial or personal information into websites that lack the “https” prefix in their URLs.