Fraud Prevention Checklist

Fraud is an unfortunate reality in today’s digital-first world. From phishing emails to stolen personal records, criminals are constantly looking for new ways to trick people into sharing sensitive information or giving access to accounts. While no prevention strategy is foolproof, taking steps to protect yourself makes it significantly harder for criminals to succeed.

This fraud prevention checklist is designed to give you clear, practical actions you can take to reduce your risk. These measures won’t guarantee that you’ll never experience identity theft or fraud, but they will help you build stronger defenses against the most common threats.

Freeze Your Credit

One of the most powerful tools for preventing fraud is a credit freeze. When your credit is frozen, no one can open new credit accounts in your name—not even you—until the freeze is lifted. This means criminals cannot take out loans or credit cards using your identity, even if they’ve managed to steal your Social Security number and other personal details.

Placing a freeze is free and can be done with all three major credit bureaus: Equifax, Experian and TransUnion. You can lift or “thaw” the freeze temporarily whenever you need to apply for legitimate credit. Unlike credit monitoring, which simply alerts you after activity occurs, a credit freeze prevents the fraudulent account from being opened in the first place.

Strengthen Passwords and Embrace Passkeys

Passwords remain one of the weakest links in personal security. Too many people still use short, simple or recycled passwords across multiple accounts, giving criminals an easy entry point if even one website suffers a data breach.

To reduce this risk:

• Create longer passphrases that are easier for you to remember but harder for criminals to guess. For example, a sentence with spaces or symbols is stronger than a single word with numbers.
• Do not use the same password on more than one site.
• Where available, opt for passkeys, which are a newer and more secure login method that eliminates the need for passwords entirely. Passkeys are tied to your device and verified with biometrics or a PIN, making them extremely difficult to steal or replicate.

Using a reputable password manager can also help you generate and store unique credentials without needing to memorize them all.

Use Multifactor Authentication (MFA)

Even the strongest password can be stolen, which is why multifactor authentication (MFA) is essential. MFA adds a second layer of protection by requiring you to prove your identity in more than one way before logging in.

Whenever possible, use an authenticator app rather than text message codes. Authenticator apps are tied to your device and generate time-sensitive codes that scammers cannot intercept through SIM swapping or phishing. Some services now allow push notifications that require you to approve a login attempt directly on your phone, further enhancing security.

Secure Physical and Digital Documents

Fraud prevention is not just about digital security. Paper documents and physical devices often contain sensitive personal information that criminals can exploit.

• Store important papers, such as tax records, birth certificates or Social Security cards, in a fireproof safe or locked filing cabinet.
• Shred documents before discarding them rather than throwing them in the trash.
• Avoid carrying unnecessary documents with you. For example, leave your Social Security card or passport at home unless you absolutely need them.
• If you store sensitive files on a computer or external device, ensure they are encrypted and protected with a strong password.

These steps help reduce the risk of theft from both physical and digital environments.

Lock Devices With Biometrics

Phones, tablets and laptops are gateways to personal information. If not properly secured, a lost or stolen device can provide criminals with access to emails, financial accounts, and stored documents.

Whenever possible, enable biometric locks such as fingerprint readers or facial recognition. These methods are faster and often more secure than PINs or patterns, though they should be paired with a strong backup passcode.

Device security is about preventing theft and protecting your privacy from anyone who might borrow or temporarily handle your phone or computer.

Limit Your Social Media Exposure

Social media can be a goldmine for criminals. Public profiles often reveal details like your birthday, address, phone number or even answers to common security questions (“What was your first pet’s name?”).

To reduce the risk:

• Set your accounts to private so only approved friends or followers can see your content.
• Avoid oversharing details that could be used to guess passwords or impersonate you.
• Periodically review your account settings to ensure privacy controls are still in place.

Criminals often use social media to piece together enough information to launch phishing attacks, steal identities or guess login credentials. Keeping your accounts private makes their job much harder.

Verify Suspicious Calls, Emails and Texts

Phishing and imposter scams remain some of the most common ways criminals trick people into giving away personal information. Older adults, professionals and even highly tech-savvy individuals fall victim to these scams every day because they can be incredibly convincing.

The golden rule: Never provide personal or financial information in response to an unexpected request.

If you receive a call, email or text message claiming to be from a bank, government agency or company you do business with:

• Do not reply directly, click on links or provide details.
• Instead, hang up or delete the message.
• Independently verify by calling the company or agency using a phone number from an official statement or the organization’s legitimate website.

Criminals rely on urgency and fear to push victims into quick action. Slowing down and verifying before responding can save you from costly fraud.

Keep Software Up to Date

Software updates may seem like minor inconveniences, but they play a major role in security. Criminals often exploit known vulnerabilities in outdated systems to install malware or gain unauthorized access.

Make it a habit to:

• Regularly update your phone, computer and applications.
• Enable automatic updates whenever possible.
• Remove unused apps and programs that no longer receive updates.

By staying current, you minimize the number of potential “open doors” available to criminals.

Monitor Account Access

Most people have multiple devices logged into their social media, email or financial accounts. Over time, you may forget just how many devices have access.

Regularly check your account settings to see which devices are logged in. If you see something unfamiliar, remove it immediately. This is especially important if you’ve ever logged in on a shared or public computer.

Many platforms now notify you of new logins or allow you to log out remotely, giving you better control over your digital footprint.

Prevention Has Limits

It’s important to remember that while these measures make fraud more difficult, no prevention strategy is absolute. Even the most vigilant individuals can fall victim if their information is stolen through a large-scale data breach or if criminals find new ways to exploit systems.

The goal is not perfection but resilience. By following this checklist, you significantly raise the barriers for criminals, reduce your exposure and increase the likelihood of detecting fraud quickly if it does occur.

When to Contact the ITRC

If you suspect you’ve become a victim of fraud or identity theft, don’t navigate the recovery process alone. The Identity Theft Resource Center (ITRC) is a nonprofit organization that provides free, confidential assistance to victims of identity crimes and scams.

The ITRC can:

• Walk you through the steps needed to contain the damage.
• Help you report incidents to the appropriate agencies and institutions.
• Provide tailored advice for recovery and long-term prevention.

Their team of expert advisors understands that fraud can be overwhelming and stressful. By reaching out, you gain a trusted partner to help guide you through every step of the process.

Prevent Fraud with the ITRC

Fraud prevention is about building layers of protection—freezing your credit, strengthening logins, securing documents, limiting social media exposure, staying alert to scams and keeping devices up to date. Each action makes it harder for criminals to succeed, even if none can eliminate risk entirely.

Fraud may be an unfortunate part of the modern world, but you are not powerless. With the right precautions, you can dramatically reduce your risk and respond effectively if something does happen.

If you ever become a victim of identity theft or fraud, remember that support is available. Contact the Identity Theft Resource Center to get free, expert assistance.