Several weeks ago, I became a victim of identity fraud. Luckily, it wasn’t a big deal.

Of course, I didn’t think that at the time. I had logged into my bank account and saw a pending charge on my debit card for $470.25. It was from a website I’d never heard of – DHGate.com. As near as I can tell, it’s a Chinese version of eBay. The platform is legitimate. But obviously, not all of its users are.

There was also a $3.76 fee labeled as an “international service charge.”

I drove straight to the bank (thankfully only a few blocks away) and explained the situation: I’ve never heard of this company, I’ve never bought anything from this company, I’ve had my debit card with me at all times, and I haven’t noticed any suspicious activity – until now.

The bank rep listened politely and asked me a few questions: Are you sure you didn’t misplace your debit card even temporarily? Can you verify some of your other transactions to make sure they’re correct?

Then she told me I couldn’t dispute these charges unless they actually went through – this one was still “pending” as of that moment. She tapped at her computer and said she’d note all of this on my account. She assured me that this charge would probably never go through, but if it did, I should come back.

She was wrong, and a day later, I was back. I had to fill out a simple one-page dispute form, swearing I didn’t make a purchase. Then the woman shredded my debit card and issued me a new one on the spot. The same day, I got a “provisional credit” for the amount I was disputing, at least while they investigated. A few weeks later, I received a letter concluding that it was indeed a “fraudulent charge” and I didn’t owe a thing.

Anticlimactic, I know – although I still have no idea how somebody in China got my debit card number. But many people aren’t so lucky. Their stories are dramatic and even tragic.

Trends in identity theft

According to Javelin Research’s 2012 Identity Fraud Report, 11.6 million Americans lost $18 billion to identity theft last year, and “the growth in the fraud rate is being primarily generated by the increased incidence of existing card account fraud and not new account fraud.”

This can be taken as good news, though. It sounds like new account fraud is getting harder to pull off, and existing account fraud is easier to catch. The shift from new account fraud to existing account fraud is one of the key contributors to recent improvements in fraud resolution. That’s because existing account fraud – specifically, existing card fraud – is generally much simpler to resolve, both in time and cost.

This has happened at the same time the cost of fraud has dropped, according to the survey. While the total amount of fraud was up 12.6 percent in 2011 compared to 2010, the total cost was down $2 billion. Even better news: 91 percent of fraud cases were resolved last year, while only 82 percent were back in 2008.

This certainly doesn’t mean the problem is going away. Data breaches (like the one that happened when the PlayStation Network was hacked last year) were up 67 percent in 2011, and the report concludes that victims of those breaches are nearly 10 times more likely to become fraud victims.

The report found only “54 percent of victims were notified they had been a victim of identity theft by their financial institution, law enforcement, etc.” Many people are left to discover the crime on their own – like I did.

And people with smartphones and those who use social media are more at risk by exposing their personal information and installing a variety of apps. No matter how careful you are, it’s hard to account for what other people do, as a waitress caught skimming customer credit cards shows.

[adbar]

Protecting yourself

While nobody can cover all their bases, that’s no reason to give criminals an easy home run. Some simple steps to guard your data and finances…

1. Police your accounts. Keep an eye on your bank balances. You don’t need expensive protection software. Just log in and check regularly – that’s how I spotted the fraud on my account. Crooks are like cancer: Early detection lessens the damage. Change your passwords every so often, don’t reuse the same one across important accounts, and make sure they’re strong.
2. Use protected Wi-Fi. When you use a wireless connection, your data – possibly including logins you type into websites – is literally floating around in the air, and thieves know how to eavesdrop on your computer or smartphone. When you have access to a secure network (one with a lock icon, meaning it requires a passcode) choose those over public ones. Learn how to secure your network at home too.
3. Use secure browsing. If you’re not on a secure network (which encrypts everything you do), only access or share personal information on secure sites (which at least encrypt what you do there). You can tell if a site is secure if the Web address starts with “https” instead of “http.” But make sure every page of the site has it – some sites only secure the login. You can learn more at OnGuardOnline.gov. Social networks like Facebook and Twitter offer secured versions, but you may have to enable them yourself. (Check the links for instructions.)
4. Update regularly. Hackers hunt for security loopholes. Software updates plug them. It’s a constant war between good and evil, so maintain the latest version of your programs and apps, and be cautious when trying anything new – especially if it’s obscure, unexpectedly free, or doesn’t have any positive user reviews.

We’ve got plenty more advice in other identity theft stories we’ve done. Check out these:

• Free Identity Theft Protection with These 10 Tips
• 3 Tips to Prevent Identity Theft on Social Networks
• 4 Ways to Protect Against Old-School Identity Theft
• 6 Steps to Prevent Identity Theft of the Dead
• 7 Ways to Prevent Identity Theft and 7 Steps to Recover