Use the superhero approach to avoid identity theft

Use all your tools, tricks to fend off hackers, other evil cyber arch enemies

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

A recent Exper­ian study found that most peo­ple still have a lot to learn about the risk of iden­ti­ty theft. The major­i­ty of those sur­veyed felt like they were safe from iden­ti­ty theft, but not for the right rea­sons. The most pop­u­lar mis­con­cep­tion was that scam­mers, phish­ers and iden­ti­ty thieves only tar­get the rich and pos­si­bly famous.

In real­i­ty, iden­ti­ty thieves tar­get low-hang­ing fruit. To an iden­ti­ty thief, we’re all Kim Kardashian.

Adam Levin, chair­man and co-founder of and Cyber­Scout (for­mer­ly IDT911)

More than half of the respon­dents didn’t think they’d make a good tar­get for scam­mers because of bad cred­it. This also is a mis­con­cep­tion, since a crook gen­er­al­ly will have zero scru­ples about tak­ing over your cred­it accounts (even with their crip­pling inter­est rates), and mak­ing them even more impos­si­ble to man­age by fur­ther dam­ag­ing your credit.

What makes a good target?

The No. 1 cri­te­ri­on is whether or not per­son­al­ly iden­ti­fi­able infor­ma­tion (PII) has been com­pro­mised in a data breach, but there are oth­er ways that we expose our­selves. One of the most com­mon is through over­shar­ing on social media.

Our infor­ma­tion is out there, but there are things we can do to make it hard­er to exploit.

Enter Clark Kent, Bruce Ban­ner, Peter Park­er and Bruce Wayne. All have a mix of gad­gets and super­pow­ers that make them for­mi­da­ble oppo­nents in a fight. They’re also known for being good in a cri­sis, which is not always the case for reg­u­lar peo­ple when they find out, for instance, their iden­ti­ty has been stolen.

Anoth­er dif­fer­ence between us and the super­hero elite: Instead of Lex Luthor, Absorb­ing Man, Doc­tor Octo­pus and the Jok­er, we’re often tar­get­ed by a slip­per-wear­ing ene­my who sim­ply likes to shop beyond their means or grab our tax refunds, or a small-time crook who’s good at guess­ing games.

To avoid their arch ene­mies, super­heroes lead dou­ble lives. Hav­ing an alter ego allows them to avoid detec­tion in a world where their neme­sis is always going for a kill. You need to do the same thing.

In the real world, we’re all super­heroes, at least when it comes to the stalk­ing arch ene­my wait­ing to ka-pow us with cred­it-based smash-and-grabs. Here are some super­hero tac­tics that can help pro­tect you.

Aban­don your past

If you feel com­pelled to post pic­tures and mem­o­ries to social media, you are play­ing a dan­ger­ous game that an iden­ti­ty thief can use to scam you. Details about you can help a good scam­mer fig­ure out the answers to your secu­ri­ty questions.

Be eva­sive

Even if you think it can’t be avoid­ed, your first answer when asked for your SSN should be no. If they insist, ask how they will store the infor­ma­tion. If you don’t like the response, say no again.


There is no task force out there round­ing up peo­ple who pro­vide a fake birth­day on a gym mem­ber­ship appli­ca­tion. Some­times you can’t fudge date of birth, because it is a piv­otal iden­ti­fi­er, but you can cer­tain­ly lie to your heart’s con­tent on social media, where many thieves look for vic­tims. The same goes for secu­ri­ty ques­tions. Make up an alter­nate sto­ry: You grew up on a farm in Kansas, you’re near­sight­ed, etc.

Be con­sis­tent and vigilant

If you’re going to take the liar’s route, remem­ber your back­sto­ry. There’s noth­ing worse than pro­vid­ing a telling clue when faced with one of your arch enemy’s hench­men because your guard is down.

Use a nickname

Since many thieves mine use­able data about you on social media, that’s the place to use your child­hood nick­name only your besties know. The ben­e­fit there is that your name is a pri­ma­ry piece of PII, and what­ev­er your embar­rass­ing moniker was or is, it’s not asso­ci­at­ed with your Social Secu­ri­ty number.

Take a page from the super­hero annals to pro­tect your iden­ti­ty. You are more vul­ner­a­ble to attack than you may real­ize, but there’s plen­ty you can do to make your­self hard­er to hit.

One very easy thing you can do is adopt the Three Ms, which I describe in detail in my book, Swiped: How to Pro­tect Your­self in a World Full of Scam­mers, Phish­ers, and Iden­ti­ty Thieves. The short ver­sion of them:

• Min­i­mize your expo­sure. Don’t authen­ti­cate your­self to any­one unless you are in con­trol of the inter­ac­tion, don’t over­share on social media, be a good stew­ard of your pass­words, safe­guard any doc­u­ments that can be used to hijack your iden­ti­ty, and con­sid­er freez­ing your cred­it. (We explain here what a cred­it freeze is.)

• Mon­i­tor your accounts. Check your cred­it report reli­gious­ly, keep track of your cred­it score (you can view two of your scores for free on and review major accounts dai­ly, if pos­si­ble. If you pre­fer a more laid-back approach, sign up for free trans­ac­tion alerts from finan­cial ser­vices insti­tu­tions and cred­it card com­pa­nies, or pur­chase a sophis­ti­cat­ed cred­it-and-iden­ti­ty mon­i­tor­ing program.

• Man­age the dam­age. Make sure you get on top of any incur­sion into your iden­ti­ty quick­ly and/or enroll in a pro­gram where pro­fes­sion­als help you nav­i­gate and resolve iden­ti­ty com­pro­mis­es. These are often avail­able for free, or at min­i­mal cost, through insur­ance com­pa­nies, finan­cial ser­vices insti­tu­tions and HR departments.

Final­ly, if you have not yet claimed your super­hero iden­ti­ty, you can do so online, but bear in mind Encryp­toman (aka me) is already taken.

Full dis­clo­sure: Cyber­Scout spon­sors Third­Cer­tain­ty. This sto­ry orig­i­nat­ed as an Op/Ed con­tri­bu­tion to and does not nec­es­sar­i­ly rep­re­sent the views of the com­pa­ny or its partners.

More on iden­ti­ty theft:
Iden­ti­ty Theft: What You Need to Know
3 Dumb Things You Can Do With Email
How Can You Tell If Your Iden­ti­ty Has Been Stolen?