How to Protect Children from Identity Theft

In this post, we’ll show you how to protect your children from having their identity stolen. Along the way, you’ll learn the how and why of criminals stealing children’s identities, who does it, and warning signs to watch for that suggest your child’s identity has been stolen.

It’s not just adults that have to be worried about having their identity stolen — children are at risk, too. In fact, it’s a big problem throughout the United States, not to mention other parts of the world. According to a 2018 study more than 1 million child identities were stolen in the U.S. alone — and half of them were victimized by someone who knew them personally.

If you already worry about having your own identity stolen, worrying about your child’s being illegally taken and misused only adds to it exponentially. But to learn how to protect your children from identity theft, you first need to understand how it differs from theft of an adult’s identity.

Understanding child identity theft

The biggest problem (and attractor for criminals) with child identity theft is that children don’t normally use credit. So often, it can be many years before anyone realizes that their identity was stolen and has been misused. But that aside, there are some key differences between child identity fraud and adult fraud cases. The biggest is that most adult cases involve existing credit accounts being illegally accessed and abused — just 4% of adult cases involve new accounts being opened. But for children, new account fraud is the most common type — by as much as 51x the rate it occurs for adults.

Once identity thieves steal a child’s Social Security Number or other personal info, there’s a lot they can do with it, including:

  • Open new accounts, like bank, credit, loans, etc
  • Get a driver’s licenese
  • Apply for a job
  • Set up utilities
  • Rent an apartment
  • Apply for government or health benefits
  • Buy a home or car
  • And more

One thing thieves can do that’s particularly hard to detect and put a stop to is create an entirely new identity using a child’s SSN. This is called “synthetic identity theft” and involves combining your child’s SSN with a fake name and birthdate. Many victims to this type of child identity theft don’t even know until they turn 18 and apply for their first credit card — only to find their SSN attached to someone else’s name on a credit report.

Because child identity theft is so difficult to detect, it can take a long time to recover once it is. This is one of the primary ways child identity theft is similar to adult theft. Dragging out for years, 25% of child fraud victims surveyed by Experian reported that they were still dealing with issues as a result of the theft more than 10 years since that first fraud happened.

But of all the terrible things involved with child identity theft, perhaps worst of all is that it can happen to a child at any age. The average is 12 years old at time of theft, but two-thirds of the victims are under 8, and children as young as 5 months have been reported elsewhere. Plus, with changes made to the way the Social Security Administration assigns SSNs — using random digits, rather than numbers based on their birth-region — clever thieves can obtain use SSNs that haven’t even been assigned yet, which means newborns can receive SSNs that have already been stolen.

Who commits identity theft?

So who commits child identity theft? There are 3 primary groups:

  • Friends and family of the child
    Parents with poor credit ratings have been known to steal their own children’s identities — and thus, their clean credit. Friends and acquaintances do so, too, often for similar reasons. They don’t necessarily mean harm to the child, but their actions give the child a false credit history that will follow them around for years.
  • Organized criminals
    Criminals will steal identities to get money. Using a child’s SSN, they create a fake identity and build a credit history; once they have good credit, they take advantage of it and rack up large amounts of debt. When the identity has been “sucked dry” of all use, they discard it and find a new one, leaving their victims with severely damaged credit.
  • Illegal immigrants
    To make themselves look like U.S. citizens, illegal immigrants commit synthetic identity theft by pairing a child’s SSN with their own name and date of birth. Then, they can apply for jobs, file tax returns, vote, and take advantage of any rights guaranteed to citizens.

Warning signs of child identity theft

Now that you understand how and why child identity theft happens, you’re ready to learn what to watch for. Certain indicators should throw up red flags to you and suggest that your child may have had their identity stolen. Many will come in the mailbox. To name the most common:

  • A sudden influx of credit card and loan offers addressed to your child;
  • They’re turned away for Medicaid or other government benefits because their SSN is attached to an existing account already receiving benefits;
  • Credit card bills addressed to your child;
  • Collection calls for your child;
  • IRS notices for unpaid taxes or that they’ve been claimed as a dependent on another tax return;
  • They’re denied a bank account or driver’s license;
  • Notifications for unpaid parking or traffic tickets;
  • Jury summons.

One notable exception is pre-approved credit cards addressed to your child: it’s not always a sign of identity theft, as credit card companies often send these out to people at random. They may have gotten your child’s name off a bank account, college fund, or otherwise legitimate account. The point at which you should start worrying is when you get many of these offers at once, or alongside any of the other warning signs. As you go through your mail, keep an eye out for any of these suspicious items.

Protecting your child’s identity

Protecting your child’s identity from being stolen requires some simple measures. The first thing to note is that prevention > restoration — meaning preventing identity theft in the first place is always easier and better than trying to repair and restore it later. That said, here’s what to do:

Protect their personal information

Start out by keeping documents locked up. Find a safe place to store any documents that contain SSNs, birth certificates, tax returns, etc. Anything paper put in a safe or locked file cabinet — anywhere a visitor won’t be able to get at them easily. Protect digital documents with strong passwords on all electronic devices — no “remember password” here. In that same vein, update all your devices’ antivirus protection. Adding anti-virus, anti-adware, and antispyware greatly reduces your chances of identity theft.

Next, use a shredder. If you don’t need a document, shred it. If something comes in the mail that has any of your child’s personal information on it — like those random pre-approved credit card offers — shred it. Doing so ensures that any thieves going through your recycling won’t be able to steal anything.

Don’t carry sensitive documents around, either. Any document that contains their SSN — like passports and SSN cards — should be kept in that locked safe place, not your wallet, purse, or car. Anyone who breaks in or mugs you then gains access to your information. As a side note, the same goes for your own documents: don’t carry them.

Limit who has access

Outside of the home, limit who has access to your child’s information. Schools and camps are often the biggest offenders, with directories that include names, photos, and contact information — sometimes even making it available to the public, not just families of other enrolled children. The federal Family Educational Rights and Privacy Act, or FERPA, protects the privacy of students in the U.S. Under it, you as a parent have the right to inspect your child’s records, request changes to wrong information, and most importantly, opt out of having any of your child’s information disclosed to third parties. Beyond knowing your rights, you can protect your child further at school or in any camp or non-school related programs by doing the following:

  • Verify that their records are kept in a secure location
  • Pay attention to forms from school
    Particularly terms like “personally identifiable information”, “directory information”, and “opt out.”
  • Read notices from their school
    An annual notice will be sent to your home explaining your FERPA rights.
  • Know the school/program’s policies
    What information is kept on your child in their directory? Who has access to that directory? How can you opt out of directory information release, surveys, and anything else that might result in your child’s information being released?
  • Respond to any breaches
    If you get a notice from the school or believe your child’s information may be at risk, contact the school and find out more. What happened? What are they doing about it? Keep written records and follow up.

Educate your children

Finally, educate your children on keeping their personal information private — particularly online safety. Kids spend a lot of time on connected devices nowadays, so you need to make sure they know not to share any personal information. Have a discussion with them about not sharing information with strangers or online; if they know their SSN, keeping it secret; and show them how to spot internet and email scams so they don’t fall for them. It doesn’t matter how perfect you are at the other protective measures if your child doesn’t understand and gives away their information themself.

What to do when identity theft happens

If you’re concerned your child’s identity has been stolen, there are some specific steps you should take. First, find out if your child has a credit report. And in case you haven’t picked up on it yet, here’s a big hint: they shouldn’t have one yet. Credit reports only exist if they’ve applied for credit, and children are too young to do that. So if they do, that’s a sign that an identity thief may have stolen their SSN.

It’s important to note that you should only request a child’s report from the 3 major credit reporting agencies if you have a reason to do so (i.e. red flags). If you don’t have any reason, problems can happen because of the multiple requests — that’s straight from the Identity Theft Report Center. They also advise that a lack of information on a credit report (i.e. no report for your child) at one moment in time doesn’t mean that no activity is going on — so finding out if your child has a credit report is not a guarantee their identity hasn’t been stolen.

In any case, here are the numbers and web addresses for each of the 3 major credit reporting bureaus:

When you call each credit bureau, they may ask for copies of your child’s birth or adoption record, their Social Security card, your government-issued ID or other documentation proving you’re the child’s parent, and proof of address.

Restoration

If you find that your child has a credit report in their name or social security number, it’s time to get started on restoration. Here’s how:

  1. Report the crime by visiting IdentityTheft.gov or by calling 877-ID-THEFT and file an Identity Theft Report. If you’ve determined that someone has filed for taxes using your child’s SSN, report that crime separately using the IRS Identity Theft Affidavit form.
  2. Contact the companies where the fraud occurred. Speak to their fraud department, ask them to close the account, and explain that someone opened the fraudulent account using your child’s identity. The Identity Theft Report your filed will help you here. Also ask each creditor to send you a letter confirming that your child isn’t liable for the debts.
  3. Clean up your child’s credit report. Contact each bureau and ask them to remove the fraudulent accounts from your child’s credit report. Each agency will have a different process, so follow their instructions. Tell them that your child is a minor who can’t enter into any contracts; as the previous time, you may need to send them a birth certificate for your child.
  4. That done, consider a credit freeze. With everything cleaned up, consider applying a credit freeze to your child’s credit. Doing so severely restricts access to your child’s credit file, making it nearly impossible for identity thieves to open new accounts in their name. As a parent or guardian, you can apply a credit freeze for free if your child is under 16; if they’re 16 or 17 years old, your child can freeze it themself.

Wrapping up

Being worried about your own identity being stolen is plenty of stress — you don’t want to be concerned about the more terrifying option: your children’s identity being taken. Luckily, the steps for protecting your children from identity theft are simple — they require a little effort at the outset, but the rewards are as much peace of mind as can be gained, and safety for your children’s future.

Are you taking any of these steps already? Which ones? Was any information new to you? Have you or someone you know experienced child identity theft? Tell us your story in the comments section below.

Read How to Protect Children from Identity Theft by Matt Seiltz on AddictiveTips – Tech tips to make you smarter

How to Freeze Your Credit in 3 Easy Steps

If you’ve never done a credit freeze, it can be hard to know where to start. In today’s guide, however, we’ll show you how to freeze your credit, explain just what a credit freeze is, cover the pros and cons of doing so, plus touch on some other factors to consider before you begin.

Freezing your credit is one of the most — if not the most — concrete and effective ways you can protect your credit history. By doing so, you can stop criminals from being able to open new, fraudulent accounts in your name. When you freeze your credit, you put a “lock” on your credit report that only you (and a few pre-existing entities) can access, which means criminals are stopped cold as soon as they try applying for new credit.

Data breaches are common news nowadays, so it’s smart to want to protect yourself and freezing your credit is the best way to do that. Few other methods can claim the same — so dive in and learn how to freeze your credit.

What’s a credit freeze?

You know it’s important to protect your identity, especially in modern times. But before we dive into how to do so by freezing your credit, it’s important to understand what exactly a credit freeze is, anyway — so here’s the basics. A credit freeze, also known as a “security” freeze, stops potential lenders — and criminals — from accessing your credit report by locking it down. Normally, when you apply for a new credit account, the lender or creditor has to request your credit report to determine your history and eligibility, but when you apply a credit freeze, this check is no longer possible.

So anybody who tries to open a new account in your name is stopped because the potential lender can’t pull your report — even if the would-be thief has your personal information. And the only way around this is to lift the freeze, or “unthaw” it, using a unique PIN that you receive when you enact the freeze. No PIN means the account stays frozen, which means no access for new lenders. So if you leave your report frozen, this stops any new accounts from being opened by anyone other than yourself.

That said, there are some exceptions to who can access your credit report once it’s been frozen. Pre-existing creditors and lenders can still access your credit report and score without needing you to unlock it; some law enforcement agencies and government entities can also do so if they find it necessary.

Pros and cons of freezing your credit

As with anything there are good things and bad about freezing your credit. Here they are in pros vs. cons format:

Pros

  • Potential new lenders can’t access your report, so it helps reduce your risk of identity theft.
  • Credit freezes are free to place and lift (“thaw”) as of September 21st, 2018, under the Economic Growth, Regulatory Relief, and Consumer Protection Act.
  • You can lift the freeze permanently or temporarily at any time.
  • You can freeze your child’s credit for free under the same law

Cons

  • If you want to apply for credit in any form — card, mortgage, car loan, etc. — you’ll need to contact the bureaus(s) where you’ve placed the freeze to have it lifted.
  • It can delay the process for job applications, cell phone service, etc. — anything that requires a credit check — because you need to lift the freeze each time. This can be a delay of a few days while waiting for your credit to thaw.
  • If a criminal has already accessed your accounts, a credit freeze won’t protect you — it only protects against new accounts.

Credit freeze vs. fraud alert

You may have heard of another type of credit protection called a  “fraud alert.” What’s the difference between that and a credit freeze? It’s simple: a credit freeze locks down your credit report from being accessed and needs to be unthawed for anyone to access your credit report. A fraud alert , or “initial security alert”, still allows potential lenders and creditors to access your report, but applies a note to it. When a lender checks it, they’re notified that you may be a victim of identity theft and that they should take extra steps to verify your identity before granting credit.

For example, if you provide a phone number or email address, they’ll call or email you to validate that it’s really you. There are 3 types, and applying a fraud alert to just 1 credit bureau automatically applies it to the other 2:

  • Fraud alert
    This basic type was extended by the same law mentioned earlier from being on your file for 90 days to 12 months.
  • Extended fraud alert
    The extended fraud alert can be applied if you provide a police report or other valid identity theft report. It extends the time of the alert on your file to 7 years.
  • Active duty military alert
    If you’re in the military and are deployed, you can apply this type of fraud alert. It initially lasts for 1 year, but can then be extended to the length of your deployment. It also removes from the marketing lists that prescreen credit card offers for 2 years.

How to freeze your credit

Step 1 — Collect your personal info

Before you contact any bureaus (that’s next), make sure you have all your documents lined up. You’ll need to provide each bureau that you’re going to freeze your report at with your name, address, birth date, and SSN.

Step 2 — Contact the bureaus

Next, you’ll need to contact each of the 3 major credit bureaus individually: Equifax, Experian, and TransUnion. Once you’re on the phone (or website), you’ll be asked some questions to verify your identity, then receive a PIN for freezing and unfreezing your report. Rinse and repeat for each bureau, and you’ve successfully applied a credit freeze to your reports.

Each credit agency makes it simple to do and allow you to freeze your credit online or by phone:

  • Equifax: website, or by phone line (automated): 1-800-685-1111 (1-800-349-9960 if New York resident).
  • Experian: website, or by phone line: 1-888-EXPERIAN (1-888-397-3742).
  • TransUnion: website, or by phone line (automated): 1-888-909-8872.

Step 3 — Thawing your credit freeze

If at any point you need to lift your credit freeze, all you need to do is contact the bureau where you want it lifted. If you request to have the freeze thawed by phone or online, it must be lifted within 1 hour. If you send your request by mail, it has to be lifted no later than 3 business days after the bureau has received your request. If you only need a temporary lift, as in the case of a job or credit application, ask what bureau will be checked. Then you can save some time and request a lift only at that specific bureau. If you’re unable to find out that info, you’ll have to request a lift from each of the 3 major agencies.

When should you get a credit freeze?

Now that you know what a credit freeze is, the pros and cons of them, and how to apply a freeze to 1 or all of your credit reports, a question remains: when should you freeze your credit? The most obvious, and primary reason, is if you are or have been a victim of identity theft. But there are a few other cases where you may want to consider it:

  • You have been receiving bills or collection notices under your name or another name listed at your address;
  • You know your credit card number has been stolen;
  • Your mail looks tampered with or has been stolen;
  • You’re receiving new inquiries on your credit report from businesses that you didn’t give permission to;
  • Your bank notifies you of a fraud incident with one of your accounts;
  • There are unexplained transactions or withdrawals from your bank account(s);
  • You’ve fallen or suspect you may have fallen for an IRS tax return scam in the past;
  • You’ve received a notification that you are or could be a victim in a data breach.

If any or all of these things happen, it’s a good indicator that you may be at risk of identity theft. In that case, it’s a good plan to get a credit freeze to protect yourself.

What about a fraud alert?

But what about a fraud alert? If you’re just concerned, but not sure that you’re a victim, do you need to go all the way to a credit freeze? When should you opt for a fraud alert instead? The reasons to get a fraud alert are essentially the same as listed for a credit freeze. Taking that into account, the main question to remember when deciding between the two is, do you want to still be able to access your credit reports?

If you are planning on applying for credit — especially large loans, like a home mortgage or car — in the near future, a fraud alert may be the better option. Since a fraud alert still allows businesses to pull your credit report, there is 1 less step for you take to allow that to happen. But, you still get protection in that the potential lenders/creditors checking your report must contact you in some fashion to validate your identity before providing or extending credit.

Another thing to keep in mind is that fraud alerts last just 1 year. If you discover that you are a victim of identity theft and are able to provide a police or other identity theft report, you can apply for an extended fraud alert; but if not, the fraud alert will be removed after 12 months.

Credit freeze tips & FAQs

A freeze doesn’t make you invincible

An important thing to note is that as good as a credit freeze is at protecting your identity, it’s not completely foolproof. It will not make you invincible. If a thief steals your credit card — whether out of your wallet or in a data breach — the freeze won’t help. Any existing credit accounts can still be used and a freeze will not prevent the loss of money in those cases.

Expect credit to take longer

Because you need to unthaw your report each time you want to apply for a loan, credit card, or even a job, it can cause delays. Most companies won’t give you credit until they have checked at least 1 of your 3 credit files, and although your report is supposed to be unthawed within 1 hour of your request (online or by phone), it still takes extra time for the credit check to go through. If you’re going to need credit quickly in any cases like those above, a fraud alert may better suit your needs.

Stay alert

Even though you’re credit is frozen, that doesn’t let you off the hook from regular security measures. Check your bank, loan, and credit card statements regularly for discrepancies. If you may have been exposed in a data breach, update all passwords and follow any other security-related steps that the breached company relays to you in their notification.

Does a credit freeze affect your credit score?

No, it does not. A credit freeze also does not stop you from getting your free annual report that’s guaranteed to you by federal law from each of the 3 major credit reporting agencies.

Does a credit freeze stop prescreened credit card offers?

No, a credit freeze does not stop you from being sent prescreened credit offers. If you’d like to stop receiving those, call 888-5OPTOUT (888-567-8688) or visit optoutprescreen.com.You’ll have the option to opt out of these offers for 5 years or permanently. But keep in mind this may not stop all offers, as some companies send credit offers that are not based on prescreenings.

Can anyone still see your frozen credit report?

Although a credit freeze stops unauthorized individuals from applying for new credit accounts in your name, there is a relatively extensive list of people and reasons your report can still be pulled, even when frozen and without being unthawed:

  • If you want to view your own report (free annual report)
  • Creditors who you have a relationship with prior to the credit freeze
  • Background screens by landlords or rental agencies
  • Phone and utility companies
  • Debt collection agencies wanting payment
  • Child support agencies determining child support
  • Underwriting insurance for yourself
  • Prescreening credit offers
  • Employment/potential employers who you grant permission to
  • Government agencies acting in response to a court or administrative order, subpoena, or search warrant

Conclusion

Freezing your credit isn’t a complicated process — just a slightly tedious one. But now, you have the knowledge and tools at your fingertips to be able to freeze it at any time. So now we toss the ball back to you: what will you do with the information you now have? Will you freeze your credit, or forgo it in favor of a fraud alert?

Was this information helpful? What things are making you concerned about your credit reports? Share your thoughts and experiences in the comments below.

Read How to Freeze Your Credit in 3 Easy Steps by Matt Seiltz on AddictiveTips – Tech tips to make you smarter

What is a credit monitoring service?

Today, we’ll walk you through the basics, highlight the differences between credit monitoring and identity theft protection (two terms often used interchangeably), then wrap up with some general tips anyone can use to secure their credit accounts and online identity.

What is a credit monitoring service

In an age where data breaches are commonplace, you may ask “what is a credit monitoring service, and how can it help me?” In the year of 2019, the threats facing your personal information are greater than ever before — data breaches are up by as much as 500% from a decade ago. In fact, the 2018 Consumer Cybersecurity Study found that 34% of U.S. consumers had their personal data exposed last year — so clearly it can happen to anyone.

But the good news is that our defenses have improved, too. There are many tools available to help you stay “in the know” about your credit and other personal data — like a credit monitoring service, for example. But what is a credit monitoring service? Is it different from an identity theft protection service? Do you need one or the other? When might you need credit monitoring — and when might you need something more? Read on for answers to these questions and more!

The basics of credit monitoring services

The short answer to the question that brought you here is a simple one: credit monitoring is a service that alerts you whenever there’s a change made to your credit reports. They can be free or paid and as a consumer, you can use them to protect yourself against identity theft, because any credit activity — like the establishment of a new account or a hard credit inquiry — will show up, and if it looks suspicious you’ll be alerted to it by your credit monitoring service. Many services also keep track of your credit scores, helping you stay up-to-date on the quality of your credit.

Essentially, it provides you a way to be notified of any behavior that could potentially be fraud, so you can act quickly and take the necessary steps to reduce any damage to your credit and identity.

Credit ‘monitoring’ vs. ‘identity theft protection’

Although you may hear the terms used interchangeably, “credit monitoring service” and “identity theft protection service” are technically two different things, although one that falls under the latter may call itself the former. To clarify, let’s dig in further:

Credit monitoring

As we said, a credit monitoring service will alert you if there are any changes made to your credit reports, especially if it looks like someone is attempting to apply for an account in your name. Credit monitoring can be especially helpful if you have lower credit scores and are working to improve them, as you can observe the effects your efforts have on your scores.

But that being said, credit monitoring has some limitations. Most primarily monitor only your credit file activity at 1-3 credit reporting agencies, alongside your credit score. Some will report potentially fraudulent credit card charges in addition to hard credit inquiries, but not all. And that’s just the start of what credit monitoring cannot do:

  • Can’t prevent identity theft
  • Can’t stop phishing emails, or you from opening them
  • Can’t keep someone from applying for credit in your name
  • Won’t correct errors on your credit report
  • Won’t stop taxpayer identity theft

These limitations don’t make credit monitoring bad, per se — credit monitoring is just that: monitoring of your credit reports and scores.

Identity theft protection

Identity theft protection services often include credit monitoring as a service, but generally, provide much more. While a credit monitoring service may simply watch your credit report and notify you if there are any suspicious activity that appears there, identity theft protection services do much more: they watch for fraudulent activity in your bank accounts, credit cards, in criminal databases, and any other places where your Social Security number is used. Many provide you with assistance to help fix the problem if one occurs (“Restoration” services), alongside other services:

  • Credit activity on 1-3 credit reporting agencies
  • Credit score
  • Change in mailing address requests
  • Court/arrest records
  • Payday loan applications
  • Check-cashing requests
  • Monitoring of the Dark web and other sites where personal information is sold or traded
  • Orders for new utility, cable, and wireless services
  • Social media monitoring
  • And more

Some banks or insurance companies provide identity theft protection services for an additional fee, or you can use an independent company, like LifeLock.

Do you need credit monitoring, or can you do it yourself?

Given the data we mentioned earlier, it’s a smart idea for everyone to keep an eye on their credit. So the real question is, how far do you take it? Can you do it yourself? Do you need a credit monitoring service? First, let’s look at what you can do yourself.

Being your own credit monitor

You can monitor your credit yourself. If you’re a U.S. citizen, you’re entitled by law to 1 free credit report from each of the 3 major credit reporting agencies — Equifax, Experian, and TransUnion — every 12 months. If you space the requests out, you could have a free credit report every 4 months — 1 from each agency. If you find any errors, dispute them.

You can also get free credit score reporting by signing up for services like Credit Karma, NerdWallet, and many others that are available. Finally, the best way to reduce your risk of a criminal accessing your credit is to apply a credit freeze by contacting one of the 3 major bureaus.

Getting a credit monitoring service

Being that you can technically monitor your own credit — using the information in the last section — the primary reason to use a credit monitoring service is for more frequent reporting. If you are trying to improve your credit score, have many credit cards, or want to keep an eye out for unusual credit activity under your name, a credit monitoring service could be a good investment to make. Keep a few things in mind in your research if you decide to investigate this avenue further:

  • Does the company you’re looking at provide reports from all 3 major credit bureaus?
  • Does the service report on fraudulent credit card activity?
  • Breached companies (like Equifax) often provide credit monitoring for free, for a specified duration of time.

When to get identity theft protection

Again, there are limitations to credit monitoring — both DIY and from companies offering the service. So when do you need something more than just monitoring? The biggest reason to go beyond credit monitoring and subscribe to an identity theft protection service is if you have been the victim of identity theft in the past. The second-biggest reason is if you’re concerned about yourself, your significant other, your children or other loved one’s identity being stolen due to a specific incident or series of risky behaviors.

It can take months or years to unravel the mess caused by a stolen identity. There are many important steps to take, like filing a police report and placing initial fraud alert on your credit — just to start. Having identity theft protection — whether before or after it happens — can help guide you through the process of restoration of your identity.

Credit monitoring tips

While credit monitoring services give you timely information, it’s up to you to act on that information. Ideally, credit monitoring is just one “cog” in your protection plan (see identity theft protection”). Regardless, to maximize the effectiveness of your credit monitoring, follow these tips:

1. Don’t do free trials

If you’re going the “free” route avoid companies that offer free trials. Many automatically enroll you in a monthly subscription that charges you once the free trial ends. While this makes sense from a business standpoint, many are difficult to cancel. It’s better to go completely free, or with the mindset of paying for the service (regardless of whether they offer a free trial).

2. Tailor your notifications

For your credit monitoring to be effective, it needs to fit your life and preferences. If you’re more likely to check text messages than email, sign up for service that offers text alerts. Likewise, the opposite is true: if you prefer email, setup your alerts to send you an email instead.

3. Act on suspicious activity

You have credit monitoring for a reason — so act on it. If you receive an alert, act on it. Make a habit out of dealing with it immediately. If it turns out to be a fraudulent charge, the sooner you begin taking steps, the better.

4. Apply a credit freeze

As mentioned briefly, the 3 major credit bureaus (Equifax, Experian, and TransUnion) allow you to “freeze” your credit report. In exchange for freezing your report, you get a PIN which must be given in order for your credit report to be released. No unauthorized person can access it, making it impossible for fraudulent people to open new accounts using your identity. If you’ve been a victim of identity theft, you can freeze your reports for free; otherwise, it’s just $10 at most per freeze, although that varies depending on your age, military affiliation, state, and other variables.

5. Place a fraud alert

You can also place a “fraud alert” on your credit reports through the major credit agencies. It lasts for 90 days, can be renewed automatically or manually, and prevents any new credit accounts from being opened without your permission. It also gives you an additional free credit report from that bureau that doesn’t count against your free yearly.

Conclusion

Given the prevalence of identity theft and fraud, it’s essential that you keep an eye on your credit activity. Understanding what a credit monitoring service is can help you decide if you want to accept or invest in one — and if a company offers your free credit monitoring, it doesn’t hurt to take advantage of it and may actually help you out. In this post, we explained just what credit monitoring is, what it covers — and doesn’t — and when you should use a service.

Have you used a credit monitoring service in the past? Did it help? Was it worth it? Share your experience in the comments below.

Read What is a credit monitoring service? by Matt Seiltz on AddictiveTips – Tech tips to make you smarter

How to Avoid Common Identity Theft Scams

While there are many things that can expose your personal information (like data breaches), there are precautions you can take to prevent others that are more in your control. But how do you avoid the common identity theft scams that are out there? Today, we’ll be showing you what to look out for, and how to protect yourself.

A 2018 study by Javelin Strategy and Research found that there were 16.7 million reported victims of identity fraud in 2017 – that’s a record high from the previous year – and all things point to a continued trend upward. That same year, the American public was defrauded as much as $16.8 billion dollars. Criminals are engaging in complex identity fraud schemes, leaving trails of victims in their wake. That means that now, more than ever before, you need to be keeping an eye out for scams that would steal your personal information. Read on to learn how.

Common identity theft scams

Since scams are a more-or-less avoidable source of identity theft, you can put a stop to many of them more easily – if you know what to watch for. That said, scams take many forms, and some are more common. From Phishing, hacking over public Wi-Fi, and skimming at gas pumps, to fake phone calls and job scams – there are many. Let’s take a closer look at each.

1. Credit/debit card skimming

“Skimmers” are devices that thieves add to machines that you swipe your credit or debit card through – ATMs, gas pumps, and even fast food payment stations. Each time a card is swiped through, its information is stolen from its magnet strip and stored away for the criminal to create a cloned card later. Some even add a camera to the machine to see watch you enter your PIN – that way, they’ve got both your card numbers and your PIN number and can completely drain your account.

2. Public Wi-Fi

Public Wi-Fi, like found at an airport for example, tends to be unsecured. That means that when you connect to it, any activities you perform can be watched by the network’s owner, and hackers. That means any sensitive accounts you visit – like your bank account – can give hackers your username and password with relative ease.

3. Phishing

Phishing schemes are the most common computer-based identity theft schemes. They occur through many different mediums, like text messages, emails, phone calls, and social media – but they all have the same goal: to get you to disclose your personal identifying information. Each of these has a different name, so we’ll break each one down separately:

4. Pharming

This happens when a hacker tamper with a website’s host file or domain name, so that when you click on the site or type in the URL and hit “enter”, you’re rerouted to a fake “spoof” website that looks exactly like the one you wanted to visit. Then, when you input your personally identifying information — credit card numbers, SSN, addresses, etc. — you’ve willingly given away your identity to the hacker to use as he or she sees fit.

5. Vishing

This is a clever play on the words “voice phishing.” A thief contacts you by phone, pretending to be an individual working at a legitimate organization, like the IRS or another government agency, a financial institution, payment services organization, or other well-known company. Another method of vishing are robo-calls, which are prerecorded messages that urge you to call the contact number, citing an emergency that requires you provide personal information or credit card numbers.

Some more examples of companies and lines they might use:

  • Tech support companies calling about a problem with your computer/tablet/etc.
  • That you owe money to the IRS
  • You won a prize, but need to pay fees to get it
  • A friend is in trouble and needs your help
  • A utility company
  • Charities asking for donations
  • “We just need to confirm” your personal information

6. Search engine phishing

In this type of phishing, thieves create websites that have “too good to be true” offers on them. They get these sites ranked in Google so that users will find them in the course of their normal internet searches. Once on the site, you become susceptible to losing your personal information if you try to take advantage of their offers.

For example, a tech store might be advertising a 55” 4K TV for $429.99, and you find a site that advertises the same TV for $99.99.

7. SMiShing

This type of phishing poses as a text message that appears to be from a financial institution or other legitimate organization. It will look urgent and try to scare you into thinking you’ll suffer financial damage or other fees if you don’t reply. There’s usually a link included to click on, and in that link you’ll be asked for personally identifying information.

8. Malware-based phishing

Phishing through malware occurs when a thief attaches a harmful computer program onto emails, websites, or electronic documents that otherwise appear helpful and harmless. Once you’ve opened the attachment, however, the malware uses key logger and screen loggers to track and record everything you do on your computer or device – from keyboard strokes to website visits and everything in between. The malware then sends this information to the thief, who can watch your every move in real-time and take usernames and passwords from it.

One serious example is an email that appears to come from Norton Anti-Virus, the internet security company. You’re prompted to install an updated web browser – but in reality, if you click the link and download the updated browser, you’re just downloading malware.

9. Spam-based phishing

Everyone has gotten spam at some point. If you have an email account, you’ve gotten spam, whether you realize it or not. In this scheme, you’re sent repeated spam emails offering opportunities for scholarships, business partnerships, free products, “matches” from supposed dating websites, and more. They may pretend to be an organization you belong to. Again, as always, the goal is to prompt you to provide your personal identifying information.

10. Spear phishing

Spear phishing is like email or spam phishing, with a notable difference: they target businesses. Each email is sent to just about every employee in an organization and written to look like it comes from a division within the organization, like IT or HR. It may request that every employee send their username and password in reply for “verification purposes.”

11. Man-in-the-middle attacks

This type of scam involves intercepting the communication between you and another party without either party knowing. The thief records the information and uses it to access your accounts. One common example is accessing an online website, like your bank or credit account. When you click on the link, you’re taken to the website – except not really: the website is actually redirecting you to another website that looks just like the one you’re trying to visit. If you were to look at the URL, it would say something like:

http://www.attacker.com/http://www.server.com

Any information (username, password, verifying information) that you enter on this website is rerouted to the financial institution’s website, and the information from the financial institution’s website is rerouted back to you.

As you go about your business as normal, the thief is quietly watching and obtaining your personal identifying information from the “man-in-the-middle” website they slipped between you and the legitimate site you’re visiting. It’s similar to pharming, except that information actually passes between you and the website you intended to visit.

How to avoid these scams

Avoiding these scams really isn’t complicated, once you know what to look for. Avoid giving out personal information online, by phone, or otherwise unless you can verify that they’re legitimate. But it’s in that part – the verifying – that takes some practice and a little advice on what to check for. But before we get into that, a piece of general advice: even if you follow the suggestions in this section, check your credit reports regularly. That way, you can see if there’s any wrongful activity on them and take action fast. Each of the 3 major credit bureaus (Experian, TransUnion, and Equifax) offer one free annual credit report. Space them out across the year and you can get a free report every 4 months.

That said, let’s dive into how to avoid each of the above scams.

Skimming

The most obvious way to avoid credit and debit card skimming is to just not use your credit or debit card. Instead, use cash or prepaid cards. But we recognize that that’s just not always practical. So, keep an eye out for a few things: if any part of the machine looks different in color or material than the other parts, it may be a skimmer. If it looks looser or poorly tacked-on, it may be a skimmer. Some gas stations even include a sticker that crosses a seam near the card reader. They might advise that if that sticker is broken, to report it, as there may be a skimmer. To see some examples, check out this gallery. Oh, and cover up the keypad – if there are any cameras, you’ll obstruct their view of your PIN.

Public Wi-Fi

If you can’t avoid using public Wi-Fi, when you do, don’t share personal information or visit sites that contain important information – like your bank or credit accounts. Make sure you have good anti-virus and anti-malware software on your device, and consider investing in a good VPN. It’ll encrypt your information and help you stay safe and secure from potential identity thieves.

Phishing

For preventing phishing scams, there are 2 general threads you may have picked up on: pay attention to your URL, and never give your personal information without having verification of the entity contacting you. Alongside that, here are specific tips for each phishing scheme:

  • Pharming
    Check for the “padlock” symbol in the right-hand bottom of the website scroll bar if it’s a merchant website. This indicates that it’s secure and not fake. If you’re visiting an organization or affiliation, contact the website’s administrator by phone or email to check that such info is actually needed.
  • Vishing
    Always be suspicious of any unsolicited phone calls. Use their call-back number through your caller-ID to do a reverse phone search (you can that here). Once you’ve found the company that called you, call back from the number you found online, not the number that called you. This way, you bypass the potential scammer and speak to someone at the legitimate company. Ask the company if the request was legitimate.
    You can also register with the “Do Not Call Registry”, which can help reduce the number of calls you receive.
  • Search engine phishing
    Before providing any information or downloading anything from the site, research the company. If you’ve never heard of them before, consider contacting competitors to question the legitimacy of the offers being made. Again, if you’re considering purchasing something, check for the padlock symbol at the bottom right corner of the scrollbar. You can also use org to verify if a website is legitimate.
  • SMiShing
    First, do not dial back. This just provides the scammer with more information for the future. Instead, follow the same steps for “vishing.”
  • Malware-based phishing
    Use caution before downloading or installing any programs from the web. Consider contacting the company or organization through normal means. If you received the offer by email, do not reply; again, you’re giving more information to the attacker.
  • Spam-based phishing
    Google search the opportunity or offer advertised, or contact the company to verify. You can also check out org and spamhaus.org to see if a website is suspected of sending phishing offers.
  • Spear phishing
    Do not reply; contact your network administrator or the individual supposedly sending the email. Also notify the head of your division and other colleagues.
  • Man-in-the-middle attacks
    This one’s fairly simple: verify the URL of the website you’re on. If it looks suspicious, close the browser immediately.

How to tell if you’ve been scammed

There are some easy-to-watch-for things that indicate that you’ve fallen victim to an identity theft scam:

  • There are unexpected popups on your device asking if you want to allow software to run;
  • You are unable to log into your social media, email, or other accounts, or your profile has been logged into from an unusual location;
  • Money disappears form your bank account randomly;
  • You receive charges on your credit cards that you didn’t purchase;
  • You’re refused a financial service or loan application, or your credit card is declined;
  • You receive bills, invoices, receipts, or other pieces of mail for products or services you didn’t
  • You’re receiving new inquiries on your credit report from businesses that you didn’t give permission to.

What to do if you’ve been scammed

If you think you’ve given out your account details or any personal identifying information to a scammer, or you notice some of the warning signs in the previous section you should act fast. Contact any relevant agencies immediately – i.e. your bank, the financial institution, and any other agencies who can be accessed by the information you gave out. Another thing you can do is contact iDcare. They’re a government-funded service that work with you to form a plan of attack specific to your situation and provide support. You can visit their website or call them by phone at 1300 IDCARE (432273).

Conclusion

Unfortunately, scams are everywhere. Stories abound of people falling for seemingly legitimate offers and having their personal information stolen as a result. Luckily, there are some fairly simple methods that can help you to avoid the many types of common scams that are out there. Don’t be a part of the nearly $17 billion identity theft industry – keep an eye out for the scams we discussed here and stay safe.

Have you or someone you know been a victim of one of these identity theft scams? Which one? What happened? Share you experiences with us in the comments section.

Read How to Avoid Common Identity Theft Scams by Matt Seiltz on AddictiveTips – Tech tips to make you smarter

How ExpressVPN Still Works in China in 2019

Today we’re going to show you as much as possible how ExpressVPN does it – and how you can use them when you’re in China. We’ll discuss ExpressVPN, online censorship in China and some tips for operating ExpressVPN while you’re there.

In 2018, China did what they said they would – crack down on VPN use. While still not explicitly illegal (at least not to private citizens), a lot of VPN providers got hit hard. Even ExpressVPN users were shaken in October when they lost the ability to get through the Great Firewall for a bit. But while other providers haven’t recovered, ExpressVPN did – so how do they do it? How does ExpressVPN still work in China when so many other providers have fallen away?

ExpressVPN still works in China

First, let’s do a quick review of some of our favorite features of ExpressVPN. With over 2,000 servers in 94 countries, ExpressVPN has a big, established network. Despite being located in the British Virgin Islands, they’re firmly outside of U.K. jurisdiction, and therefore exempt from the major surveillance agreements between countries – so no worries about anyone coming knocking for your information. And even if they could request anything from ExpressVPN, there’d be nothing to show that can trace back to you – the provider doesn’t keep any logs on traffic, DNS requests, IP addresses, or browsing history.

ExpressVPN is also one of the fastest providers on the market, giving you buffer-free streaming, fast download times, and seamless browsing. And they manage to do this – and remain lightweight — in spite of military-grade, 256-bit AES encryption that keeps your data secure and private. ExpressVPN has proven itself time and again as one of the few VPNs that can reliably punch through China’s Great Firewall – and even when they’ve been knocked down, have quickly overcome the problem and returned service to their many customers.

Learn more about the best VPN for China in our full ExpressVPN review.

Pros

  • Unblocks US Netflix
  • 94 countries, 3,000+ servers
  • OpenVPN, IPSec & IKEv2 Encryption
  • Keeps no logs of personal data
  • 24/7 Live Chat.
Cons

  • Slightly more expensive than some other options.
BEST FOR CHINA: Get the power to break the through the Great Firewall with ExpressVPN’s blazing fast network. Our readers get 49% off the yearly plan, plus 3 extra months free.

VPN blocking in China

As you probably already know, China has a long history of VPN-blocking. While internet censorship is nothing new – most countries block access to illegal content, for instance – China’s restrictions are on another scale. As many as 10,000 or more sites have been reported as blocked, including social media sites and messaging apps like Facebook, Twitter, Instagram, and WhatsApp. This makes it hard for farflung family members and friends to keep in touch; plus, with dissenting opinions quickly crushed, and most western sites blocked, very little unbiased news of the outside world reaches China’s interior.

Accordingly, many individuals turned to VPNs – even corporations. In the latter case, it’s a necessity, so the Chinese government allows certain VPN services to operate within its borders – but these are controlled by the government, who can see any and all information that passes through. Off-shore VPNs (like ExpressVPN, NordVPN, and others) are not illegal for use by citizens (yet), but few are capable of getting through China’s sophisticated firewall.

RELATED: Does ExpressVPN Work with Torrents? Tested and Reviewed for 2019

How does ExpressVPN do it?

We’re not going to sit here and claim that ExpressVPN is perfect and works in China 100% of the time. In fact, in October of 2018, a big attack was launched against VPNs that knocked out many of the few services capable of operating to begin with – including ExpressVPN. Many providers might have done nothing and waited it out; ExpressVPN, however quickly acknowledged what had happened. They sent an email out to their users mentioning the disruption and including a link to download the latest software updates. With those updates, released shortly after the disruption, many users were able to quickly use ExpressVPN in China once more.

One reason ExpressVPN is able to consistently unblock the internet for Chinese users is just that – rapid acknowledgment, followed by quickly getting to work on updates that will resolve the issue. Another reason is that ExpressVPN doesn’t have any servers in mainland China. This means it doesn’t fall under any Chinese data retention legislation – so China isn’t privy to ExpressVPN’s (nonexistent) user logs. That also makes it harder for their hardware to contain any bugs from Chinese-government operatives.

How to use ExpressVPN in China

One of the great things about ExpressVPN is that there are no additional steps or hoops to jump through for connecting in China. All you need to do is pick your preferred server – like normal – and you should soon be browsing the web freely. That said, some servers work better than others. As some general guidelines, stick with servers that are in nearby cities and countries, like Hong Kong, Japan, Vietnam, Taiwan, Thailand, and South Korea. More specifically, these servers are proving (at the time of writing) to be the better choices as of writing:

  • Hong Kong – 4
  • Taiwan – 1
  • Singapore – Jurong
  • Japan – Tokyo
  • USA – Los Angeles – 3
  • USA – San Francisco
  • USA – Seattle
  • UK – East London

But it’s also a good idea to register, download, and install ExpressVPN before you enter China. There are mirror sites and other ways you can get around this if you’re already located within China, but the easiest method is to do so ahead of time. To do that:

  1. Visit ExpressVPN’s website through our special link. Then, click the banner at the top advertising the discount. You’ll be taken to the “plans” page. Select a plan, then provide the requested information. Once you’ve filled everything out and completed sign-up, you’ll receive an email from ExpressVPN.
  2. Go to the email you provided. The email from ExpressVPN will be entitled “Welcome Email.” Inside, there will be a link to download the application. Click through the link to be automatically logged in, then download and install the ExpressVPN app.
  3. Once you’ve successfully downloaded and installed the app, launch it. You’ll be automatically logged in and the app will connect you to the fastest available server. If you need or want to change that, just open the server list, search for, and select your preferred server.

Last steps

Because China monitors its residents’ online activity closely, when you connect with ExpressVPN for the first time in China, we suggest you take some additional steps. First, make sure that ExpressVPN automatically connects your device whenever it’s turned on. It’s easy to do this: visit the main page, then click the menu icon (3 lines) in the top left, and choose “Options.” Select the “General” tab and enable the first 2 options you see. These ensure you’re never browsing without protection. If you’re on a desktop version of the app, you can also enable the kill switch – this will disconnect you instantly in the case of an accidental VPN-connection drop.

This done, move over to the “Advanced” tab and click the boxes for IPv6 protection and DNS protection, then click “OK.” These will ensure that you don’t have any leaks of your real IP address or DNS address. That done, you’re good to go.

What to do if/when ExpressVPN doesn’t work

As we mentioned earlier, ExpressVPN has been blocked by the Chinese government before. They’re good at getting up-and-running again, but even so, there are things you can try out before giving up:

Change servers

This is the simplest and most instinctive reaction – just try changing servers. Something could’ve changed and your usual server may have been detected and blocked. Try a different one, then another one. ExpressVPN offers over 2,000 options, so a little persistence can go a long way.

Change protocols

ExpressVPN offers multiple encryption protocols. UDP via OpenVPN is the default option, but it can be detected by packet inspection. The SSTP protocol uses port 433 by default, so it’s great for beating hardcore blocks like China’s. Blocking port 433 would disrupt the entire internet, rendering every website that uses HTTPS inaccessible – so it’s unlikely China would block all traffic there. You can also try L2TP/IPSec, which can work at times.

Contact support

If you try these things and they don’t work, chances are you’ll soon get an email from ExpressVPN mentioning a blanket disruption. But in the meantime, give their support team a call/email/chat. They may have ideas for you, or at the very least, more information on when you can expect to have service again.

RELATED: China Extends Messaging App Block To WhatsApp

Why is the internet so heavily censored in China?

Diving deeper into our earlier point, why does China censor their internet so heavily? Political opinions aside, China’s restrictions are supposed to protect its citizens from content that could corrupt, divide, or incite hatred – in theory. The thing is, all content on the web is open to interpretation – and in China, only the government gets to decide what content falls under which category. So, political opponents, people with differing opinions, western media – all wind up being silenced.

Going with this, it doesn’t help that legislation – the Computer Information Network and Internet Security, Protection, and Management Regulations of 1977 – is worded so vaguely as to essentially give the government unlimited methods to censor content. Anything that could be critical of the government or an important personage – even an unbiased article – could easily be found guilty of numerous offenses, not least of which include “inciting division”, “injuring the reputation of state organs”, “activities against the constitution”, etc. Even discussing celebrity news can be considered a crime.

As such, many services – especially western sites and apps – have been blocked. Just a few:

  • Social media – Twitter, Facebook, Instagram, etc.
  • Messaging – WhatsApp, Gmail, Slack, Telegram
  • Search engines – Google, Yahoo, more
  • News Sites – The Guardian, BBC, NYTimes
  • VPN and proxy-related sites – tutorials and configuration guides
  • Information sites – Wikipedia, Quora

Wrapping up

While in other countries, logging into Facebook, Gmail, or your Twitter account may just be a regular part of your day – not so in China. And although VPNs are excellent tools for bypassing censorships and geoblocks, most do not work on the other side of the Great Firewall. ExpressVPN however, has proven itself time and again as being able to punch through. Despite brief outages in service in China, ExpressVPN does still work in China, and they do it through a combination of tenacity and vigorous, continual efforts to keep the internet wide open.

Have you used ExpressVPN in China? Did it work for you? Did you have to take any special measures? Tell us your story in the comments section below.

Read How ExpressVPN Still Works in China in 2019 by Matt Seiltz on AddictiveTips – Tech tips to make you smarter