5 Things You Probably Didn't Know About Identity Theft

In 2012, 16.6 million people fell victim, amounting to financial losses of $24.7 billion.

Identity theft composite
By + More

Search engine poisoning is more popular than ever. "Identity thieves are increasingly using a technique known as search engine poisoning to manipulate the results that show up and bend reality," says Hugh Thompson, a Columbia University computer science professor and the program committee chair of RSA Conference, an annual information security conference.

Thompson says identity thieves, hackers and attackers can manipulate search engines so that their fake websites "appear higher in the search results than the real thing."

Then, if it works, you've just been phished. Fortunately, there are ways you can spot a fake, and some of them are pretty obvious. If there are a lot of grammatical errors on the site, for example, that may be a danger sign. Many of the rules in the next section can help you realize you're about to be had.

Criminals like to put fake Wi-Fi hotspots up at public Wi-Fi hotspots. If you go to a hotel or airport and log onto the official Wi-Fi hotspot, generally speaking, you're perfectly safe. The problem is that you may wind up logging onto a fake Wi-Fi hotspot that simply looks like it belongs to your hotel or the airport, says Thomas Way, associate professor of computing sciences at Villanova University in Villanova, Pa.

He says there's no sure-fire way to identify a criminal's hotspot, but there are red flags to look for. First, look for the SSID (service set identification), the "name you see in the list of hotspots, and see if it is the one that the hotel, airport, et cetera, has told you to use," Way says. "Second, when you get the typical approval page, where you usually click on a button or checkbox to agree to the terms of use, you should never have to enter identifying information, only, at most, a hotel room number and last name. If it asks for more, don't do it."

[See: 10 Ways to Avoid Online Scams.]

Way adds that just to be safe, look at the URL of the first page. "It should match whatever the page claims to be," he says. "If it is a hotspot provided by the hotel, it should either be the hotel Web address or it should match the company that is providing the hotspot. If it is a spoof page, it'll be noticeably different."

Despite all the talk about online identity theft, you still need to watch your wallet. According to Phrantceena Halres, CEO of Total Protection Services Global, a Charlotte, N.C.-based security services company, only a fraction of identity theft cases are related to online fraud. "The majority is made up of stolen credit cards, checkbooks and wallets," she says.

That's because plenty of criminals aren't computer geniuses. Most of them are hoping you've been careless enough to leave your wallet, filled with cash and credit cards, lying on the passenger seat of your unlocked car.