How Identity Thieves Use Your Mail to Profit
Identity theft often occurs when a person gains access to sensitive personal information from printed records you get in the mail that reveal your full name, address, phone number, or Social Security number—enough to open a new account or take over an existing one.
When a high-level criminal hacker is cracking databases and stealing millions of electronic records each year, someone else is on the streets using a low-tech version of stealing identities.
What an Identity Thief Likes to Find
These are types of postal mail identity thieves look for:
- Bank statements
- Financial statements
- Credit card offers
- Benefit statements
- Income statements
- Tax information
- Employment papers
Though the issuers omit some data from these statements intentionally, there is often enough information remaining for a thief to fill in the missing pieces and take over an account or open a new one in your name with all information sent to a different address. Banks and other companies increasingly require photo identification and a PIN to verify identity but don't rely on this. Thieves also have ways to obtain a counterfeit photo ID if they know enough about you.
Remember, the information a thief can get from your mailbox is also available in dumpsters behind the bank, utility company, your doctor’s office, and elsewhere. A 3-minute research project in a dumpster behind a bank uncovered legible records with account numbers, Social Security numbers, check photocopies with names, and more. It was enough information to access accounts and steal identities.
You can take steps to protect yourself and your information from mailbox raiding:
- Stop getting paper statements. Electronic statements sent via email are safer and eco-friendly.
- Get a locking mailbox. The carrier does not require a key because there is a slot to place the mail.
- Consider a post office box for sensitive mail.
- Monitor your mail volume. If you get less mail for a week, report it to the post office as someone may be stealing it.
- Pay attention to the dates of delivery. This helps you determine if bills and statements were delivered on time, or possibly taken and returned by a thief.
- Eliminate unwanted solicitation. Request the removal of your information from marketing lists, a service of the Data & Marketing Association (DMA).
- Choose to opt-out of any pre-approved credit card offers.
Dumpster Diving Precaution
Be wary of the mail you throw out. It should not contain:
- Your full name
- Your address
- Your Social Security number
- Your birthday
- An account number
- A password
- Financial information
- Family member data
Make sure to shred it with a shredder with a crosscut before getting rid of it. Crumpling up the paper or cutting a card in half does not protect the information from thieves. Keep the crosscut shredder where you open your mail to ensure extra convenience. Develop the habit of immediately shredding anything containing personal information that you want to discard. Know that there are thieves who specialize in reassembling shredded documents.
Even if you are cautious and responsibly shred items that contain personal information, your mortgage broker, bank, or accountant may not be. So you still may want to purchase identity theft protection to limit potential losses.
You really cannot be too neurotic about shredding sensitive documents. Some people really make a career out of digging through the trash in search of items such as credit card pre-approvals, bank account info, mortgage statements, and medical bills. Even an empty envelope with a return address can tell an identity thief something about you. It's another puzzle piece.
Dumpster diving is legal if the dumpster is in a public location, including the large bins at apartment complexes. If you'd like extra security, consider storing shredded documents in a cardboard box and occasionally burning the contents in a place that is not a threat to others. Do it when it's time to burn leaves or at your next bonfire.
Other Items to Destroy Before Discard
Identity theft is not limited to printed materials you get in the mail. Also, remember:
- Prescription bottles
- Old tax documents
- ATM receipts
- Electronic devices
- Hard drives
- SIM cards
- Mobile phones
- Thumb drives
Any financial record should be kept for two years, but if you can access it online, you don't need it. So shred it. Banks and neighborhood organizations sponsor occasional shred-a-thons, where you can bring boxes of documents and watch them get safely shredded in front of you. Given the easy access to electronic statements, seriously consider stopping paper statements.