Traditional tactics, scams, and skimming

Beware traditional tactics

Identity thieves continue to use these simple, time-tested tactics to steal your identity. Avoid these everyday dangers.

Mail Theft

  • Use a locking, security mailbox is possible, or consider renting a P.O. box at your local post office
  • Put outgoing mail into a postal mailbox

Dumpster Diving (Trash Theft)

  • Shred unwanted document containing personal information and all unsolicited credit card or loan offers
  • Invest in a high-quality cross-cut shredder. Thieves can piece together paper shreds into horizontal strips

Shoulder surfing

"Shoulder surfers" observe your actions or eavesdrop to steal personal information. They look over your shoulder or stand close by and may use a camera phone to record you.

  • Shield keypads with your hand or body before entering PINs, passwords, or card numbers
  • Avoid sharing personal information over the phone in public. If you must, use a low voice and shield your mouth

Purse or Wallet Snatching

  • Minimize what you carry in your wallet, especially payment cards
  • Never carry your Social Security card unless absolutely necessary
  • Don't carry PINs or account passwords with you: memorize them or keep them safely locked up at home

Stay Away from Scams

Running a scam or fraud is another time-tested method for identity thieves. They may contact you in person; by phone, postal mail, or email; or through the Internet to try to trick you into giving out personal information. Avoid scam artist ploys by following these tips.

  • Stay aware of current scams. Watch or read the news. The nation's consumer protection agency, the Federal Trade Commission (FTC), offers information and tips on current scams. Go to consumer.ftc.gov and click on "Scam Alerts." For Internet scam updates, go to the Internet Crime Complaint Center site at ic3.gov and click on the "Alerts" link.
  • Before divulging personal information to anyone, know with whom your dealing. Independently verify any information provided. Find the physical address and phone number of who contacted you by yourself. Don't trust email addresses given by unknown people. Search online for a company's name and website. Read through the site and read any of the online reviews of the person or business.
  • Never reply to messages asking for personal information, whether the message was sent over the phone or by email, text message, or through an ad. Do not call phone numbers or click on links contained in these messages. You could be a target of phishing.
  • Never send money or account information in a reply to notices that you won a prize of lottery.
  • Give only to established charities. Avoid pop-up charities that suddenly appear after disaster. Check a charity's trustworthiness at give.org, the Better Business Bureau's Wise Giving Alliance site.
  • Don't fall for pressure tactics. Never react quickly or impulsively to offers or requests.
  • Be wary of "imposter" scams in which a scammer pretends to be someone close to you or an entity you're unlikely to question. The FTC reported a big increase in complaints about imposter scams in 2014. Fraudster pretends to be family members, friends, love interests, governments agencies, or companies, often trying to get personal information. Make sure that you:
    • Never let your phone out of sight
    • Use every available security feature and system
    • Keep your device’s operating system and applications updated to get the latest security features
    • Choose hard-to-guess PINs and passcodes and enter them unobserved
    • Always sign out when finished with a transaction
    • Never use the autosave feature for login information

Guard Your Cards

Credit/debit card fraud is a form of identity theft. It occurs when a criminal deceitfully gains access to and uses another person’s payment card account. If this happens to you, fraudsters may not stop at racking up charges on your card in a store. They can cause many other problems, including accessing and changing your personal information.

You can reduce your exposure to card fraud and theft by following basic card account maintenance and safety procedures.

  • Safely store cards when they are not in use.
  • Consider the number of cards you possess. The benefits of having several may be outweighed by the risks, such as losing track of their location or account activity.
  • Always memorize your card PINs. Never write them down on cards or share them with others. Change them frequently.
  • Make a list of your card account numbers, expiration dates, and customer service numbers. Keep the list in a secure place that you can access quickly if your cards are lost or stolen.
  • Go “paperless” with bills and statements. Otherwise, know when to expect credit card bills in the mail and keep an eye out for them. If they don’t arrive, it’s possible an identity thief stole them, or gained access to your account and changed your mailing address. If you suspect this, call your credit card company immediately.
  • Check your card activity and bank accounts regularly. Look for unfamiliar charges.
  • Keep a close eye out for charges of less than a dollar or two. A thief may first charge a small amount to “test out” using your card. Unwary consumers often do not notice or care about small amounts, making them prime targets for identity theft and fraud. Report and investigate and questionable charges to your card immediately.
  • When you receive replacement cards, thoroughly destroy the old ones.
  • Stop unsolicited credit card convenience checks. Thieves can steal these from your mailbox or trash and use them to access your credit and identity. Contact your credit card provider to find out how to be removed from the appropriate mailing list.
  • Don’t give out card information ever over the phone unless you made a call and you know you’re dealing with a trustworthy business.
  • Assign just one credit card for online shopping purchases.

Watch Out for Skimming

  • Credit and debit card skimming is when potential thieves steal or “skim” your card information. They use it to create an illegal copy of your card (called “cloning”) or to charge items to your card over the phone or internet. Or, they may sell it to others to do the same.
  • Thieves use skimming devices that are small, easily portable, and hard to detect. Certain types are illegally installed on ATM machines and sales terminals such as those on gas pumps.
  • Card skimmers fit over original card readers. As you insert your card, the account information stored on it skimmed by the device. Keypad overlays are placed directly on top of factory-installed keypads. The circuitry inside the overlay stores your keystrokes, such as those you make while entering your PIN.
  • Try to only use ATMs inside of banks, which tend to have more oversight and are less vulnerable to tampering. Devices are more often installed on nonbank ATMs, such as those at convenience stores.
  • At an ATM or sales terminal, check to see if the colors and materials used match up. Look for an extra piece of plastic or anything that appears added on, wrong, or out of place. These can be signs of skimming devices.
  • Don’t use the machine if anything looks suspicious. It’s better to be safe than sorry!

“Pay” It Safe When Out and About

Whether you are running errands or just out for fun, be vigilant about payment card safety. Follow these tips to help you avoid identity theft and card fraud when you’re out.

  • Keep a sharp eye on the person you’re paying. Make sure that person isn’t holding anything like a portable skimmer and that your card doesn’t leave your sight. When you receive your card back, double check that it is indeed yours and was not swapped for another.
  • Insist on privacy when entering a PIN. Watch out for shoulder surfers.
  • Check sales vouchers carefully before signing.
  • Never leave a line blank on a receipt. Draw a sqiggly line through any blank spaces to prevent an unwanted amount being added.
  • Be sure a transaction is complete before you walk or drive away from an ATM machine.
  • Always take card sales receipts or ATM transaction slips. Never toss them carelessly away near the sales or ATM terminal or leave the, dangling from a receipt printer. Save them to compare against account statements. Shred them when no longer needed.
  • When eating at a restaurant, ask to pay your bill up front at the sales terminal instead of giving your credit card to a server.
  • Consider RFID-blocking card carriers and protectors. RFID stands for Radio Frequency Identification. It is one of the technologies that allow digital information to be stored on payments cards and other items. Tiny radio-frequency tags hold information (like bar codes and magnetic strips do). Identity thieves with RFID-skimming devices can scan, read, and capture information from payment cards embedded with RFID tags just by being near them.

Be extremely careful with your mobile phone or other device that you use to make payments. Mobile payment services and bank apps link to your accounts and/or credit and debit cards. This technology offers great convince, but it is not risk free.

  • Never let your phone out of sight
  • Use every available security feature and system
  • Keep your device’s operating system and applications updated to get the latest security features
  • Choose hard-to-guess PINs and passcodes and enter them unobserved
  • Always sign out when finished with a transaction
  • Never use the autosave feature for login information

Be a Savvy Traveler

Travel can be great, but it can also make you extra vulnerable to identity theft. Here are some things you can do to lower risks.

Reduce what you carry. Before you leave, clean out your purse and/or wallet. Remove all unnecessary cards or items. Carry nothing with your Social Security number on it. Make note of which cards and documents you decide to carry in case of loss or theft.

Take care in tourist areas. These are favorite payment card skimming spots as well as popular with purse snatchers.

Avoid using public or shared computers. They could have information-stealing software in place. If you must use one, avoid entering any personal information or logging onto online accounts.

Avoid taking your checkbook. Your checks show your name, address, bank name, checking account number, and checking account routing number – a whole “kit” thieves can use to take over your account. They also can forge checks to withdraw money. When you don’t wish to use cash or payment cards, use traveler’s checks.

Verify callers to your hotel room. A common scam involves a call to your hotel room from a “desk clerk.” This person tells you about a problem that requires you to provide your credit card number over the phone. If this happens, hang up and call or visit the front desk yourself to check.

Downsize delivery dangers. Thieves slip made-up fliers for fake food delivery services under hotel room doors, hoping you will call and order with your credit card. Check the reliability of all fliers with the desk clerk.

Watch out when using Wi-Fi. Airports, hotels, and other public places offer Wi-Fi, or wireless networks, for internet access. A secure wireless network encrypts all the information you send using that network. (It scrambles it into a secret code so unauthorized parties can’t read it.) However, Wi-Fi hotspots are often not secure/ This means information you send through some websites or mobile apps can be accessed by other network users. If you choose to use public Wi-Fi, be very cautious.

  • Make sure it’s an authenticated Wi-Fi network. Always manually select network connections and know the exact name of the establishment’s network. Scammers may set up “free” computer-to-computer networks with look-alike names to fool you.
  • Never log in or send personal information to unencrypted websites and be aware that for security, the site should be fully encrypted (Use encryption on every page).
  • Always log off an account as soon as you have finished using it.
  • Don’t use apps that require personal information.