All About Cookies is an independent, advertising-supported website. Some of the offers that appear on this site are from third-party advertisers from which All About Cookies receives compensation. This compensation may impact how and where products appear on this site (including, for example, the order in which they appear).
All About Cookies does not include all financial or credit offers that might be available to consumers nor do we include all companies or all available products. Information is accurate as of the publishing date and has not been provided or endorsed by the advertiser.
The All About Cookies editorial team strives to provide accurate, in-depth information and reviews to help you, our reader, make online privacy decisions with confidence. Here's what you can expect from us:
- All About Cookies makes money when you click the links on our site to some of the products and offers that we mention. These partnerships do not influence our opinions or recommendations. Read more about how we make money.
- Partners are not able to review or request changes to our content except for compliance reasons.
- We aim to make sure everything on our site is up-to-date and accurate as of the publishing date, but we cannot guarantee we haven't missed something. It's your responsibility to double-check all information before making any decision. If you spot something that looks wrong, please let us know.
Unfortunately, online identity theft is common because victims can find their identity at risk in many ways. Their information could be compromised because they shared it as a result of a romance scam or because a hacker stole their data using a spoofed website. No matter how it happens, identity thieves can cause a lot of stress and aggravation — as well as financial loss in some circumstances.
The good news is you can maximize your ability to keep your data safe by following these 10 key tips for how to prevent identity theft online, like using the best antivirus software, setting up an internet firewall, learning how to spot phishing scams, and more.
What is identity theft?
How can personal information be stolen online?
FAQs
Bottom line
How to protect your data and identity online
With so many threats out there, it's crucial to learn how to protect your data and identity online. Taking these 10 steps could help.
1. Use antivirus and anti-malware software
Antivirus or anti-malware software is designed to identify and prevent malicious software from being installed or from causing harm if installed accidentally. With most antivirus protection tools, the software can be configured to manually scan for viruses or malicious software, and you can also initiate manual scans.
It’s also worth installing antivirus software on your cell phone since there are malicious apps out there that could try to steal your sensitive information.
If antivirus software detects problems, it asks if you want to clean the file to remove the malicious software. The best antivirus programs continually update to make sure they can always identify the latest malware definitions. Here are some antivirus recommendations if you don't know where to start:
- Norton: Norton is a popular name in antivirus, thanks to its top-notch malware detection rates and real-time protection. Norton's security suite also comes with identity theft protection, so you can proactively protect yourself from identity theft.
- McAfee: If you want an antivirus with lots of bonus features, like a firewall, VPN, and privacy controls, then we recommend McAfee. It comes with a free version and several pricing tiers, so you can fine-tune your antivirus selection for your needs.
- TotalAV: Whether you're using antivirus for the first time or are just looking to make a switch, TotalAV is a top-tier choice. It offers an intuitive user experience and plenty of features, like real-time protection, anti-phishing protection, and malware scanning.
2. Create strong passwords
Using a strong password can protect your personal data, like your credit card info or Social Security number, from hackers and scammers. A weak password — your birthday, your mother’s maiden name, or a pet's name — can be very easy for hackers to guess, especially if you make this information available on social media.
You don't want someone to be able to hack into your bank account or other sensitive websites just because you made your password a simple word that anyone could find out.
Creating strong passwords means:
- Using different passwords for each website
- Using long passwords
- Using a mix of different characters, letters, and numbers
- Avoiding common passwords such as a birthday or pet's name
Random strings of characters can be best but can be hard to remember. Using a password manager can make this easier. You can use one like NordPass to organize passwords, as well as notes, credit cards, and personal information all in your vault. It also offers a free version and paid plans, so you can choose depending on your budget.
3. Set up an internet firewall
Firewalls refer to hardware or software tools designed to protect your computer. When you have a firewall installed, all the data coming into your computer is reviewed by the software to determine if it should be forwarded on or blocked.
Both hardware and software firewalls provide added protection by stopping attacks on your computer that come in from the internet.
Secure your Wi-Fi
Hackers can breach your Wi-Fi network if you don't have a strong password. Be sure to choose a long password that's difficult to guess and to change it every few months. And consider using a WPA2 password for added security.
4. Learn how to spot phishing and online scams
Phishing scams are used to try to steal your personal information, such as passwords or account details. Often, these scams are initiated via email or text.
You may receive a message that claims there is suspicious activity on your accounts or that includes a fake invoice or offers coupons. The goal is to get you to click on a link that installs malware and/or to provide your financial details via email or a spoofed website.
You can spot phishing scams because they often:
- Pretend to be from companies you know and trust.
- Include threats, such as a claim your account is on hold, or your credentials have been compromised.
- Include a generic greeting.
- Ask you to click on a link to provide personal information or payment details.
To avoid falling victim, don't click on links in emails. If you get an email that looks to be from your bank, for example, instead of clicking the link navigate directly to your bank's website in a separate browser window.
How to report a scam
Scams can be reported to the police, your local government, and the federal government. USA.gov and IdentityTheft.gov have instructions for reporting scams to different agencies, including the IRS and other federal agencies like the Federal Trade Commission (FTC).
5. Don’t share personal information online
You should always avoid sharing personally identifiable information online, including via social media. Scammers can take information from your online profiles and use it to guess your passwords, gain access to your account, or otherwise commit ID theft.
One recent example that Health and Human Services warned about was the posting of COVID-19 vaccine cards. The information contained on these cards, including your full name, date of birth, and other medical details, can make you vulnerable to having your identity stolen.
6. Only use secure websites when shopping online
Online shopping scams are common and occur when scammers pretend to be legitimate online sellers, either on fake websites designed to look like storefronts or on genuine retailer sites.
To avoid falling victim to this type of scam, make sure to:
- Research the retailer to find out if they are a domestic or foreign entity and to learn where purchased items will come from and when they will arrive.
- Review the store's refund or return policy.
- Look for details about dispute-handling processes in case something goes wrong.
- Submit payments only to sites using secure payment services. These are denoted by a website address starting with https rather than just http.
- Avoid making upfront payments via money order, wire transfer, pre-loaded gift card, or cryptocurrency.
You may also want to research whether the website has ever been the victim of a data breach, as even legitimate retailers can put your identifying information at risk if they don't have strong security measures in place.
7. Monitor credit scores
It's a good idea to review your credit report and score regularly. You can access your free credit report from the three major credit bureaus, Experian, Equifax, and Transunion, from AnnualCreditReport.com. In response to the pandemic, it’s currently possible to obtain a copy of your report up to once per week.[1]
When you've pulled your report, look for new accounts you don't recognize, address changes, unfamiliar names on your credit report, or an unexplained drop in your credit score. Any of these signs could be an indicator that your personal information has been compromised.
If you notice anything out of the ordinary and think you might be a victim of identity theft, you can contact the credit bureaus to issue a credit freeze or fraud alert.
It’s also a good idea to regularly check your bank statements as well to catch any fraudulent purchases your debit card or credit card company might have missed. In the case you spot a charge you didn’t authorize or an ATM withdrawal you didn’t make, it’s worth calling your financial institution and working with a representative to get the issue resolved.
8. Keep your computer, mobile device, and web browser updated
Updating your computer software, cell phone, and web browser is a good way to keep your system and information secure. Vendors of these programs release patches for their software when new vulnerabilities are detected.
The good news is that you can enable automatic updates for most software and browsers to make sure you are always using the latest versions with the most up-to-date protections.
9. Use a VPN
A virtual private network (VPN) should ideally be used whenever you're on public Wi-Fi. A VPN encrypts or encodes data, including account numbers and other sensitive information, you transmit on your computer to prevent it from falling into the wrong hands.
Here are some of the best VPNs you can use to protect your identity online:
Starting price | Starts at $2.99/mo (billed every two years) | Starts at $1.99/mo (billed every two years) | Starts at $2.03/mo (billed every two years) |
Number of devices | 10 | Unlimited | 7 |
Server count | 6,800+ servers in 111 countries | 3,200+ servers in 100 countries | Unlisted in 100 countries |
Streaming support | |||
Torrenting support | |||
Learn more | See NordVPN Pricing | See Surfshark Pricing | See CyberGhost Pricing |
10. Install identity theft protection software
Identity theft protection software can monitor your credit file, your financial information, and internet websites to detect the misuse of your data. There are many different software programs out there, including Aura, LifeLock, and Identity Guard, that offer credit monitoring and identity theft protection services.
What is identity theft?
Identity theft occurs when a criminal steals your personal information and fraudulently uses any aspect of your identity. Some common ways criminals misuse your personal information include:
- Applying for a new credit card in your name
- Filing a tax return to claim a refund
- Obtaining medical services
How can personal information be stolen online?
There are many different ways personal information can be stolen online, including:
- Romance scams: Criminals use fake identities to pretend to be in a romantic relationship with you in order to obtain personal information like your credit card numbers.
- Phishing: This involves unsolicited emails or texts pretending to be from a legitimate company in order to obtain login credentials or other personal details.
- Data breaches: This occurs when confidential information is improperly leaked or accessed from a secured location by an unauthorized person.
- Account takeovers: This occurs when a hacker is able to improperly gain access to an online account.
- Lottery scams: Victims are told they have won a lottery or sweepstakes and must provide personal information
- Malware: Criminals will put software or code onto a computer in order to damage or disable the computer system or unlawfully access information entered on the computer.
- Nonpayment/non-delivery: Online websites purporting to sell goods or services will collect payment information and not send items.
- Spoofing: Websites are designed deliberately to mislead and to appear to be from a legitimate source when really they exist only to improperly obtain personal details.
- Social media: Social media or social networking sites can also be used to obtain personal details.
FAQs
What are the first signs of identity theft?
Some warning signs of identity theft include receiving bills for products that you did not purchase, calls from debt collectors for accounts you didn't open, unfamiliar accounts on your credit report, address changes on your online accounts, and loan denials.
What can someone do with my full name and email?
Thieves can use your full name and email to make a phishing attempt that's designed to help them obtain other personal information. If an email with your full name is delivered to your address, you may be more likely to think it is legitimate.
Scammers can also use this information to impersonate you with friends and family, to try to hack other accounts, to get around two-factor authentication requirements, and to harvest other information about you that can be used to commit identity theft.
Bottom line
These tips provide insight into how to prevent identity theft online. Unfortunately, though, no matter how careful you are and how much you know about how to protect your data and identity online, things can go wrong.
If your identity is stolen, you'll want to be sure to report it right away to the appropriate authorities and your creditors. The sooner you act, the more damage you can prevent when your information is being misused by scammers.
We recommend using the best identity theft protection so you have access to remediation specialists and identity theft insurance should any issues arise.