With Americans having lost $10 billion to scams last year, the personal-finance website WalletHub today released its report on the States Most Vulnerable to Identity Theft & Fraud, along with expert commentary, to identify where people are most at risk of financial harm.

WalletHub compared the 50 states and the District of Columbia across 14 key metrics. The data set ranges from identity theft complaints per capita to the average loss due to fraud.

New York’s Vulnerability to Identity Theft & Fraud (1=Most Vulnerable; 25=Avg.):

• Overall rank for New York: 24^th
• 18^th – Identity-Theft Complaints per Capita
• 20^th – Avg. Loss Amount Due to Online Identity Theft
• 19^th – Fraud & Other Complaints per Capita
• 11^th – Median Loss Amount Due to Fraud
• 18^th – State Security-Freeze Laws for Minors’ Credit Reports
• 1^st – Identity-Theft Passport Program
• 41^st – Persons Arrested for Fraud per Capita

Expert Commentary
 
What can individuals do to guard against identity theft?

“The most effective way to protect your identity is to freeze your credit with all three major credit bureaus: Experian, TransUnion, and Equifax. This can be done easily and for free. I have taken this step for myself and recommend doing the same for your spouse and all children.”
Ryan T. Wright, MBA, Ph.D. – Senior Associate Dean for Faculty and Research; Professor University of Virginia
 
“First, be vigilant. Check your bank and credit card statements as soon as you get them and notify your financial institution if you see anything funny. Second, be discerning. We sometimes slip into an unthinking haze when we spend time online, but don’t click on anything you are even a tiny bit suspicious about. Third and finally, don’t forget about sensitive information on paper. If there’s a danger of identity thieves accessing your mail or garbage, take steps like obtaining a lockable mailbox or shredding sensitive documents before putting them in the trash.”
Mark Bartholomew – Professor of Law and Vice Dean for Research and Faculty Development, University at Buffalo School of Law, The State University of New York 
 
 
What are some common scams and fraud attempts people should be vigilant about?

“I've heard about common fraud schemes where scammers pose as authorities, like the police or IRS, often using personal information stolen from data breaches. These scams can be very convincing, featuring seemingly legitimate phone numbers and emails. Even smart people have fallen for them. If you receive a suspicious call or email, hang up or don’t respond; instead, contact your local police or the IRS directly to verify the information.”
Ryan T. Wright, MBA, Ph.D. – Senior Associate Dean for Faculty and Research; Professor University of Virginia
 
“Text-based scams are quite common: for example, you receive a text asking to make a vet appointment for a dog and when you respond that you are not a vet, they engage you in a back and forth conversation in which the scammer tries to learn more information about you and eventually tries to have you buy something for them (crypto currency, gift cards, etc.). We are also seeing an increased use of deepfakes in scams, such as a faked video or even video call of a family member, co-worker, or your boss. Generally, when something feels strange and you are being rushed to do something, take a breath, step back and confirm through other channels that you are dealing with the real person and not a scammer.”
Florian Schaub – Associate Professor, University of Michigan
 

Should the Federal government intervene to establish a clear process for victims of identity theft looking to clear their name?

“Yes, identity theft is so rampant that many Americans are struggling to regain their credit and good names. There needs to be a process that may include issuing a new Social Security number, as well as a way to hold credit companies accountable for the data they steward.”
Ryan T. Wright, MBA, Ph.D. – Senior Associate Dean for Faculty and Research; Professor University of Virginia
 
“Right now, the onus is on victims to go through a lengthy decentralized process to clear their names and fix their credit. Ways to better alert federal agencies to misuses of someone’s personal data are needed. Lawmakers might also consider enacting greater legal penalties for businesses that fail to adequately safeguard personal data. As it stands now, these penalties are usually minimal and determined according to a patchwork of different state-by-state laws.”
Mark Bartholomew – Professor of Law and Vice Dean for Research and Faculty Development, University at Buffalo School of Law, The State University of New York