Home > Consumer Protection > Identity Theft & Fraud > How to Avoid ID Theft on the Internet

How to Avoid ID Theft on the Internet

The Internet offers consumers convenient ways to shop, bank and communicate. But, it also offers con artists new opportunities to quickly and secretly obtain Social Security or credit card numbers, account passwords and other personal information that can be used for fraudulent purposes. How can you protect yourself from ID theft online?
  • Be suspicious of offers on Web sites or in e-mails that seem too good to be true, such as exceptionally high interest rates for deposits or ridiculously low interest rates on credit cards. They're likely to be scams attempting to get your existing account numbers or other personal information.

  • Before responding to an Internet offer, determine if the business is a legitimate company or financial institution. "When you go into a store or office it's fairly easy to know if you're dealing with a legitimate company, but on the Internet it's much more difficult to determine who you're dealing with," says Cynthia Bonnette, a bank technology specialist with the FDIC in Washington. If you don't have personal references for the site, contact a federal or state consumer protection agency or your local Better Business Bureau (BBB). To be sure a Web site belongs to a legitimate company—and not to con artists—consider calling the company using a number from the phone book, a government agency or some other trusted source, not the one provided on the Web site (in case the site is a scam). Many Web sites also display seals showing they've been certified for reliability or privacy by an independent organization, such as the BBB (www.bbbonline.org), the American Institute of Certified Public Accountants (www.cpawebtrust.org) or TRUSTe (www.truste.org), a group dedicated to addressing consumer concerns about online privacy.

  • Only use your credit card number, Social Security number or other sensitive information online when it's absolutely necessary. Also read the Web site's privacy policy to be sure the information you send is being "encrypted" (scrambled) so it can't be read by outsiders.

  • Check the Web site's privacy policy for details about how your personal information would be protected after it's received. "Sensitive information must be stored securely and only people with a need to know should have access to the information stored in the company's files and computer systems," says Bonnette. She notes that companies must adhere to their published privacy policies or they may face penalties for unfair and deceptive business practices.

  • Keep your passwords and "PINs" (Personal Identification Numbers) confidential and secure. Avoid passwords and PINs that will be easy for a thief to figure out. For example, don't use your name, street address or birth date. Also change your passwords periodically.

  • Report suspected Internet-based fraud to the Federal Trade Commission
    (see Who to Call to Report a Possible ID Theft) or to the Internet Fraud Complaint Center (http://www.ic3.gov/), a new joint project of the FBI and the National White Collar Crime Center.
Reprinted from FDIC Consumer News.

Last Updated 11/20/2007 communications@fdic.gov