Seven Tips for Preventing Online Identity Theft

Not only is identity theft costly, cleaning up afterward and safeguarding your information can be complicated. It is better to prevent instances of identity theft instead of relying on post-incident fixes.

The Federal Trade Commission's (FTC) 2018 Consumer Sentinel Network Data Book (PDF) indicated that there were almost 450,000 reports of identity theft. Most were financially motivated, leading to serious losses by those affected.

If you’re worried, you should be. Not only is identity theft costly, cleaning up afterward and safeguarding your information can be complicated. It is better to prevent instances of identity theft instead of relying on post-incident fixes. To that end, the following sections will cover seven ways you can prevent online identity theft.

  1. Don’t Reuse Passwords

  2. The downside to a secure, yet complex password is that it’s difficult to remember. This causes many people to use weak passwords.

    If you do this, you set yourself up to be hacked; many attackers use scripts that carry out what are called brute-force attacks. The attacker has your email address or user ID, and with the script, they can make guesses until they successfully land on your password.

    Many people do create a strong password, but then use it on multiple sites. But if there is ever a data breach (which may not be your fault since entire sites and databases get hacked), you will be exposed on all the other accounts where you use the same password.

    One way to reduce the temptation to do either of these things is to use a password manager. The password manager helps you create secure passwords and store them so that you can auto-populate login boxes with the appropriate credentials. It provides three benefits:

    • Provides strong passwords everywhere.
    • Provides different passwords everywhere.
    • Requires that you only remember one password.
  3. Enable Two-Factor Authentication

  4. Accounts that are secured with just one type of credentials (eg, username and password) are inherently less secure than those that ask users for two types of credentials.

    If your account offers you two-factor authentication (2FA), we strongly recommend enabling and using it. With 2FA, you’ll typically be asked to provide your username and password plus an additional factor: a code received via email or text message or biometric identification like your fingerprint.

    It is very difficult for attackers to fake both factors, which makes it hard for them to access your account. For example, if you use text messages for the second factor, they would not only need to learn your username and password but also have access to your phone.

  5. Secure Your Devices

  6. Make it difficult for others to access your devices without authorization. First, secure your computers and mobile devices using either a difficult-to-guess passcode or swipe combination or biometric technique.

    Next, keep your devices up-to-date when it comes to operating system software and security patches so that people cannot access your data via malicious software. If you’re on a mobile device, remove apps that you no longer use to minimize the number of access opportunities for hackers.

    Finally, make sure you have anti-malware and anti-virus solutions, as well as a firewall installed. These apps will assist you in keeping hackers out of your computer and let you know if anyone’s successfully installed malware onto your machine.

  7. Learn How to Identify Scams

  8. Protecting your identity requires more than just enabling the appropriate “physical” safeguards. One of the biggest things you can do is to identify scams that trick you into providing your information to hackers. Some scams, such as those involving Nigerian princes, are easy to spot, but others are not so easy. For example, some hackers have created phishing emails and websites that are extremely realistic and convincing.

    There’s no simple checklist that you can follow to identify scams, but the best prevention against identity theft is to double-check the information you see. If it’s an email requesting information, and you aren’t expecting the email, reach out to the sender (At their official address or telephone number!) to make sure they’re the ones who actually sent it. If it’s a website you’re looking at, see if the site is secured (your web browser has an icon indicating whether it is in the URL bar), and check that the URL itself is correct.

    Also, those who own websites should make it easy for people to recognize that their website is legitimate. Make sure that your hosting provider supports secured transactions involving SSL certificates and data transfer using HTTPS (and if not, find a new host).

  9. Shop from Reputable Stores

  10. With the sheer number of data breaches, even with national and international brands, it may seem like it doesn’t matter who you shop with. But reputable brands have more at stake if they accidentally compromise your information. So they invest heavily in e-commerce security and are quick to respond to problems.

    So, when you shop, purchasing from a company that is well-known can provide peace-of-mind that they are operating a secure website featuring the use of HTTPS and no expired SSL certificates (check the browser’s URL bar to verify these).

  11. Use a VPN

  12. A virtual private network (VPN) encrypts your connections to the internet as well as increasing your privacy online. It makes it much harder for prying eyes to read your transmissions. For added privacy and security online, consider using VeePN's servers, as they offer fast speeds, strong security, and a wide range of features. Check out their servers at this link to learn more about their services.

  13. Avoid Using Public WiFi for Sensitive Transactions

Public WiFi networks are ubiquitous and very convenient which makes it unrealistic to avoid them altogether. Nevertheless, public networks can be a goldmine for those looking to steal personal information using techniques like packet sniffing, which is the process of intercepting and reading the data packets that flow through.

To that end, there are things you can do to protect yourself, including using a VPN as discussed above. If, however, you don't want to mess with setting up and using a VPN, you can stay safe by not performing sensitive tasks, like checking your bank accounts on public WiFis.


Identity theft is a common occurrence, but it still causes major problems for those who are affected. The best thing to do is to minimize the likelihood of having your information compromised. In this article, we covered seven ways to protect your information and keep it from getting into the hands of malicious parties. If you want to stay safe, you should do all, or at least most of them.

About the author

Toni Allen is the general manager and editor of Quality Nonsense. She has over two decades of experience in web development and online marketing.