Donald Chan / Reuters
A tiger somewhere wishes he had monitored his credit report.
The most common misstep most of us make when trying to protect our financial and personal information online isn't inadequate passwords. It's not filling out suspicious forms, or even opening sketchy emails.
It's that we hardly try to protect ourselves at all.
Neal O'Farrell, executive director of nonprofit victim support network The Identity Theft Council and 30-year veteran of the cybercrime and identity theft field, explains that most of us are guilty of refusing even the most basic responsibility for our own protection.
"Consumers can't stop most identity thefts," says O'Farrell. "But they can minimize their exposure and any harm done. Most consumers are still not doing even the basics, like checking their credit reports, protecting their mail, or changing their passwords."
According to O'Farrell, those of us burying our heads in the sand may be in for a rude awakening.
"Cybercrime and identity theft is utterly changing America," O'Farrell says. "It's been the number one consumer worry for more than a decade. It's constantly eroding consumer and business trust and confidence, and it's only going to get worse."
There are an average of over 11 million identity theft victims a year in the U.S., with an average of over $4,000 lost per incident. That money adds up: In 2013 alone, $24.7 billion was lost to identity thieves.
O'Farrell points out that from the other side, identity theft is "almost the perfect crime." It's rare that thieves are arrested or prosecuted, the payoff can be enormous, and it's easy for them to work in groups and share their knowledge.
Plus, he says, the infrastructure "protecting" our most valuable information is extremely vulnerable. "Everything's broken: consumer security, law enforcement, banking, the IRS, the Social Security Administration. It's easy for crooks to exploit security gaps because there are so many of them."
If you find yourself a victim of the perfect crime, O'Farrell recommends getting a police report — which you're entitled to by federal law — as your "claim of innocence." If you have an identity protection or credit monitoring service, call them, but if not, he says to reach out to a free, nonprofit, expert support organization like Identity Theft Resource Center or the Identity Theft Council.
And going forward, it's up to you to be more proactive.
Remember that you can view your credit report from each of the three credit bureaus for free once a year, but only from annualcreditreport.com. Although they might vary slightly, you can stagger your checks to pull one once every four months. Credit Sesame , the credit service O'Farrell is now working with, will monitor your credit, provide identity theft insurance, and provide victim support and restoration for free.
When it comes to changing your passwords, once every three to six months should do it, although Lifehacker points out that if you part ways with a family member or significant other with whom you used to share a computer, you should change every password you have. Note that it's more beneficial to change the password on social, rather than financial, accounts, like your Facebook and email. The logic is that if someone has the password to your bank account, they probably won't wait to act; if they have your email password, they could monitor your communications for months.
Protecting your mail is as simple as picking it up soon after dropoff, notifying the post office to hold off on delivery when you'll be out of town, and keeping a sharp eye out for particularly sensitive mailings, like checks or new credit cards.
The protective measures O'Farrell suggests aren't exactly revolutionary, or even particularly difficult. If a two-minute password change or regular stop at the mailbox could lessen our chances of identity theft ... why not?
More From Business Insider