A 2017 study on identity fraud revealed many disturbing statistics about identity theft and why consumers can no longer afford to ignore this threat. In 2016 alone, it affected 15.4 million U.S. consumers, with losses totaling over $16 billion.

Despite ongoing efforts to ramp up protection and enforcement, identity theft rises annually. In 2016, two million more victims, or 6.15% of consumers, felt the effects of identity fraud compared to the previous year. The most significant increases were in fraudulent e-commerce and mobile transactions, which rose by 40%. Account takeovers also rose 31%. Incidents in which fraudsters open up accounts using a stolen identity continue to be a problem, too.

In light of this, identity theft protection is no longer an option – it's a necessity. Here are the best ways you can protect your identity, online and offline.

Offline Identity Theft Protection

People who have little online presence do have less risk exposure than digitally connected consumers, but they're not immune. No matter how few transactions they make using their laptops or smartphones, they still need to protect their personal data. Here are a few suggestions for limiting your risks offline.

Lock It Up

Keep your financial records protected at home, and lock up your purse or wallet at your place of work. Many incidents of identity theft involve people the victims know, not strangers (for advice on keeping your home and belongings safe, see How Smart Devices Can Protect Your Home and Help You Save on Insurance).

Carry Less

Don’t carry your Social Security card with you. And make a copy of your Medicare card. Black out the numbers except for the last four digits.

Don’t carry every credit card you own, either. Just take the ones you need.

Shred Documents

Shred any non-essential documents before you throw them away. Statements, envelopes, receipts, labels, credit applications, and other documents may include sensitive data.

Tend to Your Mail

Don’t leave mail sitting in your mailbox. If you’ll be away and can't pick it up yourself, have someone else collect it for you or put a hold on it through the post office. New credit cards or checks are the perfect "in" for fraudsters, so make sure they don't have access to them.

You can take this protection one step further. Opt out of pre-screened offers for insurance or credit by visiting OptOutPrescreen.com or look for similar services if you live outside the United States.

Ask Why They Need It

If someone wants your personal data, ask why they need it. You may not need to share it. And if you do, find out how they protect it first.

Online Identity Theft Protection

Online identity theft continues to rise, but that doesn't mean we have to stop using the internet. Here are a few ways you can avoid fraud and strengthen your online security.

Be Password Smart

Passwords are a necessary inconvenience. Even though most of us know we shouldn't use the same password on many accounts or choose easy passwords, many still do. In fact, according to SplashData, ‘123456’ and ‘password’ are still common choices.

A 2017 Credential Spill Report by Shape Security shows using an easy or identical password for many online accounts is very dangerous. Essentially, it acts like a master key. The hacker can use "credential stuffing" to rapidly test your password against every account and take them over.

Choose unique passwords and always log out of each site after you're done navigating it. Don't store passwords on your devices, either.

Look for the Green Padlock

When you visit a website, the green padlock in the address bar shows you are actually on the site shown there. Check to make sure the address isn't a fake – you wouldn't want to enter your credit card info into Amaz0n.com instead of Amazon.com. If you’re on the right site, it will encrypt your credit card data and any passwords you enter so no one else can see them.

Watch Out for Phishing Scams

Phishing is fraud using phone calls, email, instant messaging, and similar methods. The fraudster sends a message or calls hoping to get your personal information – much like casting a line to try to get a fish to nibble at the bait.

Telephone scammers can be very aggressive. It's not uncommon for them to claim you could face litigation if you do not deal with them immediately. They may even give you a phone number and name to call them back. Instead of calling them directly, dial the customer support number of the company they claim to be representing and check the legitimacy of the claim.

Phishing emails often convincingly mimic the legitimate company’s look. These emails will typically claim you have a problem with your account and ask you to verify your login credentials. Reputable companies never ask you to do this, so if you receive an e-mail of this nature, you can confidently send it to the trash folder or report it. If you're not entirely sure whether or not the email is legitimate, go to the company's website and contact their support staff.

Use Antivirus & Antimalware Software

The recent Petya ransomware problem shows that any computer can be attacked. But antivirus and antimalware software certainly reduces your risks. Many free and paid options help you protect your personal data, but be sure to update your devices regularly to get the full benefits of the software. Don’t forget to protect your mobile devices, since they're often the most susceptible.

Use Mobile Wisely

If you’re on a secure wireless network through your provider, your data is encrypted and protected. However, using public Wi-Fi networks increases your risk. Don’t log into your online banking accounts or other financial websites on these Wi-Fi networks.

Keep Your Social Media Info Private

Some social media sites require personal information to set up an account, but they also have privacy settings. Facebook, for instance, allows you to set viewing to “only me,” and other sites have similar safeguards. Don’t add private information to public posts that everyone can see.

Wipe Devices Clean

When you buy a new computer, tablet, or phone, transfer your data to your new device or back it up. Then, wipe the hard drive of the old device clean. Remove the SIM card from your phone, too.

Set Fraud and Security Alerts

Most banks and credit card companies offer fraud alerts, often for free. If they detect any suspicious activity, you’ll be notified automatically.

Get a free copy of your credit files, too, and check them annually. The three major credit bureaus also offer a security freeze if you suspect you’re at risk. This freeze limits access to your credit file, except for existing creditors. The credit bureaus do charge a small fee, but it is well worth the cost to protect yourself if you’ve lost a device or someone steals your information.

Check Financial Accounts Often

Missing money from your bank account is often a sign of identity theft, but detecting issues quickly is the best way to limit your problems. Online banking makes it very easy to check financial activity. Act quickly if you see that something’s amiss.

Consider Identity Insurance

Many insurance companies offer consumers cyber protection. Coverage varies between companies but can include removing malware, reprogramming and restoring devices, professional assistance for ransomware attacks, coverage for identity theft losses, and legal and forensic assistance for data breaches. If someone gains access to your personal data, cyber identity insurance can lighten the impact and help get things back to normal more quickly (learn more in Identity Theft Insurance: Is It Worth the Price?).

Know What to Do Next

If you suspect you've been the victim of identity theft, act immediately. Contact your creditors and financial institutions, set security freezes on your credit reports, and ask for a copy of your report. Also contact your local police department and IdentityTheft.gov to establish a recovery plan.