>
ADVERTORIAL

7 tricks to avoid identity theft

25 Jun 2026 · 2 min read · Comments

This article contains affiliate links. If you buy through them, we may earn a commission — at no extra cost to you.

Identity theft cost Americans $12.7 billion in 2024. One in three US adults has been affected. These seven steps — most taking under ten minutes — close the main pathways that account for the majority of cases.

1. Check if your email is already in a breach
Visit haveibeenpwned.com: free, instant, no account needed. Most people who check find at least one breach they weren't aware of. Takes 30 seconds. Do this first.
2. Use unique passwords everywhere
Credential stuffing — trying breached passwords against other accounts — is responsible for the majority of account compromises. A password manager (NordPass, Bitwarden) generates and stores unique passwords automatically.
3. Enable two-factor authentication on your email
Your email account is the master key to everything else. Enable 2FA there first. Use an authenticator app (Google Authenticator, Authy) rather than SMS — SMS codes can be intercepted via SIM swap attacks.
4. Remove yourself from data broker databases
Data brokers aggregate your name, address, phone, relatives, and more — and sell it. This enables targeted social engineering attacks. Incogni sends opt-out requests to hundreds of brokers automatically and monitors for re-addition.
5. Freeze your credit
A credit freeze prevents anyone — including identity thieves — from opening new credit accounts in your name. Free at all three bureaus (Equifax, Experian, TransUnion). Can be temporarily lifted when you need to apply for credit. Takes about 15 minutes total.
6. Don't overshare on social media
Your mother's maiden name, where you went to school, your first pet — these are security question answers that social media makes publicly available. Criminals use them for account recovery fraud. Check your public profile settings.
7. Set up breach monitoring
Even after doing the above, new breaches happen constantly. Have I Been Pwned offers free monitoring — it emails you when your address appears in any new breach added to its database. Know immediately rather than months later.

You don't have to do all seven today. Start with the breach check and the credit freeze — those two alone close two of the biggest pathways. The rest can follow over the next week.

Frequently asked questions

What is a data broker and why does it matter for identity theft?+

Data brokers legally aggregate and sell personal information — your name, address, phone, relatives, and more. This data is the raw material for social engineering attacks and targeted phishing, which are primary pathways to identity theft.

How do I remove myself from data broker databases?+

You can manually opt out of each broker individually, which takes many hours and requires re-submission as brokers re-add your data. Services like Incogni automate this process — sending removal requests to hundreds of brokers and monitoring for re-addition.

How common is identity theft in the US?+

Approximately 33% of US adults have experienced identity theft, per research from IPX1031 and Demandsage. The FTC received over 1.13 million identity theft reports in 2024. Losses totalled $12.7 billion that year, according to Experian.

Automate step 4 — remove yourself from data brokers
Incogni sends removal requests to hundreds of data brokers, monitors for re-addition, and handles it automatically. One-time setup, ongoing protection.
⭐ 4.6/5 · trusted by millions
Try Incogni →

Sam Feldman
Sam Feldman
"A good banner has no fixed form and has no inherent meaning."
Austin, TX · https://sams.blog/weekly
RELATED READING
Americans fear identity theft more than burglary
Identity theft is the #1 financial worry in the US
33% of US adults have experienced identity theft
You’re About to Get the Exact Security Setup I Built for My Own Parents — the One That Actually Works

Most people have one layer of protection. They’re missing three.

  • The 3-layer setup I’d never skip — stripped to what matters.
  • Who’s really watching you — your browser, your provider, and the “free” tools selling your data. How to shut them out.
  • A 30-second leak check — most people’s passwords are already out there. See if yours are, and what to do.
  • Pull your info back, data brokers are selling your address and number right now. Here’s how to get removed.

20 minutes, start to finish — then it runs in the background. Enter your email and I’ll send it over.

Something went wrong — please try again.
You're in — check your inbox shortly.
100% confidential. Unsubscribe anytime.