I was out on my boat a couple of years back and got a call from the credit card company. Seems someone had tried to charge a ticket to Dubai, one way, first class, on my card. That set off all sorts of alarms.
How they got my number, I do not know. They had first charged $1.11 to iTunes to see if the card worked, and then went for the big patootie.
I called the card company back (just to be sure it was not a phishing call) and confirmed I did not make the charge. They canceled the card and sent me a new one the next day. It was pretty painless, and of course, I was not liable for any of the bogus charges.
All this happened while I was out on my boat, drunk, and it was settled within 20 minutes, without any fuss or mess or any "credit protector" necessary.
So what's the big deal? Even if the credit card company had not noted the unusual charges, I would have had 30 days to dispute them, and since I didn't make the charges, not be liable for them. That's the law, plain and simple.
(And that's a law the Credit Card companies can live with, as if it were not so, no one in their right mind would pay by anything other than cash!)
Since I check my credit card charges almost daily, the idea that a charge could slip by my for 30 days is remote. I enter all my charges on Quickbooks and then balance them with the charges on my credit card company website. You should, too, at least weekly, if not more often.
And yet, so many people are paranoid about identity theft. I just had a client send me his credit card information through seven different e-mails. Others are squirrely about sending the info over the phone even. Here's the deal: You don't make the charge, you aren't liable for it. You have a lot of protection under current credit card laws. You are not liable for purchases you don't make.
I have friends who refuse to bank on line, because they think that someone will "steal their identity" and "break into their bank account". But unless you willingly hand over your PIN number, chances are, this is a long-shot. Getting your banking statements and sending checks in the mail, on the other hand, is far less secure. Thieves can "wash" checks you mail out and then try to cash them. And as I have noted before, with the advent of Check-21, a paper check is little more than a request for an electronic transfer. Doing banking online is just cutting out one step - the one step that has the highest risk of interception - the paper check.
And I've read of stories of some folks who actually DO pay off debts that are not theirs - simply to get collection agencies off their backs. Now, if you are going to pay off a debt that you don't owe, just because someone sent you a nasty phone call, I can't help you. And scammers do this sort of thing all the time. There is one robo-caller out there who leaves ominous messages on your answering machine, asking you to call a law firm to pay a debt you supposedly owe. And apparently, people call the number, convincing themselves that somehow they forgot about a debt, and they pay these people off.
Hey, if you are that dumb, I can't help you. But it illustrates how some folks do not keep track of their money - and how scared they are of banks, creditors, and collection agencies - as well as the legal process.
I think the whole idea of "identity theft" is over-hyped, so that the credit card companies and credit report companies can sell "credit protector" services. The credit card companies report any credit card fraud as "identity theft" these days, so it makes the numbers seem higher.
People seem to be under the impression - an impression that "News at 5:00" stories like to make and an impression the credit card companies let hang out there - that someone can "steal their identity" and go out and buy a Porsche, hire a bunch of hookers, and snort a pound of crack, and make the poor sap whose identity they stole spend the rest of their lives paying it all off.
That is, of course, not true. If a bank gives out a loan to an impostor, you are not liable for it. Now granted, this could cause some difficulty for you in terms of straightening things out and it might ding your credit score - temporarily. But is this very common at all?
Not really. When you scratch the surface of most of these "identity theft" stories, they start to fall apart:
1. The Credit Card companies report all credit card fraud as "identity theft" so the numbers seem astronomical. Credit Card fraud has been with us since credit cards were invented. People steal credit card numbers - usually clerks or waiters at shops and restaurants - and then charge things. You are not, and have never been, liable for such charges.
2. Some folks rack up a pile of debt and then try to use "identity theft" as an excuse to get out of it. It doesn't work, of course.
3. Banks do get snookered by folks impersonating a solid citizen. But the impersonator is usually a family member or friend (or acquaintance) of the "victim". You take in your crack-head cousin, and he swipes your wallet while you are at work and takes out a car loan. Since the two of you look similar, he gets away with it - but not for long.
But true, stranger-based "identity theft"? Much rarer than the credit card companies (who have a vested interest in cranking up the paranoia) want you to think.
Still paranoid? You can put a "hold" on your credit report, at little or no cost to yourself. Such a hold prevents anyone from obtaining credit under your name without written authorization from you. Of course, I suppose a thief could just forge the written authorization, right?
"Credit Protector" services will monitor your credit reports and send you e-mails if someone tries to borrow money under your name, or if other suspicious activity occurs. But they really do not provide any additional protections for what is the most common form of "identity theft" - simple credit card fraud.
As noted above, checking your credit card balances regularly will help you detect fraudulent charges. And the major credit card companies have very efficient fraud departments. Citibank, for example, will deny charges when I am traveling sometimes, unless I call them to confirm the charges. It often pays to call them in advance and tell them you are traveling, so charges are not declined. They are very aggressive about fighting fraud, as it comes out of their bottom line. Complex computer algorithms check to see if your spending habits are outside of predetermined norms.
And of course, it pays not to fall for "Social Engineering" schemes. Yes, a huge percentage of so-called "identity theft" is a result of people willingly handing over credit card and other information to strangers on the phone or online. A friend of mine recently fell for one such scheme, handing over his e-mail address and password to a stranger in a "social engineering" scam. I realized it because the scammer then sent out an e-mail under his name, claiming to have been mugged in London, and needing $5000 wired right away.
Just in case you missed the point - no company will ever, ever ask you for your user name and PIN through an e-mail. And if you get a realistic looking e-mail that asks you to click on a link to go to a site to enter such data, don't do it. Open a new browser window or tab and then visit the company site that you normally visit (which you have bookmarked, so as to not visit look-alike sites that are keyed to typo URLs). It is really not that hard to avoid.
And some of these "Social Engineering" scams are pathetically crude, such as the "e-mail" supposedly from Yahoo or Microsoft, asking for your user name and password so they can do "maintenance" or to avoid "having your account canceled".
When in doubt, visit www.snopes.com and look up the scam, or visit that site weekly to keep up on the latest scams.
Is there a real risk of identity theft? Yes, it can occur - but you can take steps, which are free, to reduce your risk. Will it bankrupt you? Unlikely. The horror stories on TeeVee are designed to make the stories seem more compelling - and get you to watch.
Which brings us to the main point about identity theft - getting your social cues, norms, and basic economic data from the television is a really, really bad idea. Stop watching the TeeVee and your life will improve in so many ways. To begin with, you will no longer be bombarded with really, really bad economic advice.
UPDATE 2020: I found out later on that when I bought some BMW car parts from a place in California, they were employing contract labor to pull the orders and pack them. They handed the order forms to these day-laborers, some of whom were felons on parole, complete with name, address, and credit card numbers. One of these laborers photocopied the forms and sold the data to a 3rd party. I found this out only later on when they admitted the "data breach" after my debit card was stolen.
Both were a minor hassle, but in both cases, I was on the hook for nothing. The risks are far over-stated, trying to get you to be afraid of everyone and everything. Fear is not an emotion to be trusted.