In times when cybercriminals are mining for personal data of all types, losing your wallet or purse can make their job easier.
So, experts say, leave at home documents and information that could make you a target for identity theft or worse. “If you don’t need it, don’t keep it in your wallet,” says Charity Lacey, vice president, communications for the Identity Theft Resource Center. Carrying unnecessary items, such as your Social Security card, “gives someone access to who you are,” Lacey says, and among the biggest risks is identity theft. Whether your wallet or purse is lost or stolen, the person who ends up with it “can create a whole identity around what is in it,” she says.
The way to stop identity fraud, according to Javelin Strategy & Research, experts in digital financial analysis, is to prevent unauthorized access to and use of private data. Leave items such as passports or Medicare cards at home, locked in a file cabinet or safe. One single item lost or stolen doesn’t necessarily lead to identity theft, but a combination of these items increases the risk.
1. Social Security Card
Avoid carrying your own, your child’s or other dependent’s card. “Don’t carry anyone’s Social Security card,” Lacey says. Social Security numbers and other pieces of personal data can be used “to create a fraudulent persona,” she says, or for an “identity takeover” by a criminal who uses it to open new lines of credit or to put money into your Social Security account, aiming to later collect your retirement benefits. If you’re carrying your child’s Social Security card, new accounts can be opened with that number as well, or it could be used to create a “synthetic identity” using the child’s Social Security number and personal data from others. If you suspect your Social Security number is being used, report it to the Social Security Administration Fraud Hotline, 800-269-0271.
2. Birth Certificate
It’s a critical piece of personal data that can be used to obtain a replacement Social Security card, a passport, or a driver’s license. In short, you don’t want to lose it, misplace it or have it stolen. Once it gets into a thief’s hands, there is little you can do, according to the Identity Theft Resource Center. In the U.S. state governments issue birth certificates, which include date and place of birth. They serve as proof of age, citizenship and identity, according to the American Bar Association.
3. Medicare and Health Insurance Cards
Criminals can use your cards to access your account numbers, and obtain medical care that will be charged to your account or to send fake bills to your health insurer on your record.
“There’s no need to bring your card to every appointment,” Lacey says, once your physicians and other medical practitioners have you Medicare or other insurance information. In an emergency, the hospital staff can confirm your coverage with the insurance company or the Medicare provider line.
It’s best not to carry your passport with you, but to make a copy of it and leave it in a hotel safe while traveling.
A passport gives criminals access to your personal data, information that can be used to steal your identity. To report your passport lost or stolen as quickly as possible, contact the U.S. Department of State at 877-487-2778. Once it’s reported by phone, the passport becomes immediately invalid, and cannot be used for travel.
5. Checkbook or Blank Checks
Stop carrying a blank check in your wallet or your checkbook in your purse. One blank check with your account number and bank routing number printed on it gives criminals access to every cent in that account. “The checkbook or blank check has the information to get (a thief) into the entirety of your account,” Lacey says. Once you lose your wallet containing a check, you’ll likely have to close the account and open a new one. Unless you’re checking your balance on a regular basis, you may not even be aware that money has been taken out of your account.
6. Password Cheat Sheet
While this might seem innocent enough, it actually presents a major risk. It “might just be the worst thing to lose,” says Drew Paik, business development director for Authentic8, an internet software company focused on security in Mountain View, California. “Passwords can be used to access your accounts, which can result in immediate losses and long-term damage to your reputation and credit report.” For example, he says, someone could log into your social media accounts and post as you, then tweet or post something that could make you look bad.
Some passwords may seem unimportant, he says, like the one for your Gmail account. That email and password can be used to reset passwords on other sites, including your bank accounts. If you’re using the same password on multiple sites, it can give a criminal access to every site you have that uses that same password, including your Facebook account. Alternates are to use a password manager or a mnemonic — a pattern of letters, ideas or associations that helps you remember something — with a different code for each website. You’ll have a unique password for each site.
7. Work Identification Badge
An employee identification badge can include encoded information about an individual by using barcodes, magnetic stripes, radio-frequency identification (RFID) tags, and smart chips. Some companies use first name only to protect the employee. However, thieves use the badge to obtain more information from individuals, says cybersecurity expert John Sileo. Once they have information such as an employee identification number, they are able to obtain other data from that individual. Report a lost or stolen identification badge to your employer as soon as possible.
Editor’s note: This article was originally published on August 13, 2019. It has been updated with the AARP Top Tips video.
AARP’s Fraud Watch Network can help you spot and avoid scams. Sign up for free “watchdog alerts,” review our scam-tracking map, or call our toll-free fraud helpline at 877-908-3360 if you or a loved one suspect you’ve been a victim.