January 21, 2026, 1:52 pm | Read time: 5 minutes

Anyone who navigates online is always at risk of sensitive data falling into the hands of criminals. This risk can never be completely eliminated, but it can at least be minimized. Some basic rules are as simple as they are obvious, and most are not even particularly time-consuming. To prevent misuse such as identity theft, the European Consumer Center offers seven tips.

What is Identity Theft?

Even though the name is quite telling, it’s important to understand what “identity theft” encompasses. It generally refers to the illegal use of personal information by another person. This can include conducting financial transactions, signing contracts, or initiating various other actions in the victim’s name.

This often involves collecting sensitive information such as name, address, date of birth, and credit card number. There are various ways fraudsters can obtain this data. A particularly common method is phishing, where victims’ data is captured through fake messages and websites. Personal data is also frequently at risk through hacking.

Once fraudsters have access to this information, they can use it for various illegal activities. This includes seemingly harmless actions like creating fake profiles with your data, which can then be used for further scams. In serious cases, criminals can also gain access to bank accounts.

Maintain Password Hygiene

As a general rule, you should always disclose as little data as possible. However, data that is not necessarily required for using a service is often requested. Be suspicious and restrictive in sharing your data. This also applies to enticing offers such as loyalty programs. Even though these providers are usually reputable, they are criticized by consumer advocates for their handling of personal data. Additionally, no company is truly safe from a hacker attack, where sensitive customer data can be stolen. If you are affected by such a data breach, change the respective passwords as quickly as possible.

Basic online security also includes giving each online service and account an individual and as secure a password as possible. While this may not always be convenient, it pays off in the long run. These many passwords can be most easily secured and organized with a password manager. Wherever possible, you should also activate two-factor authentication (2FA). Additionally, passkeys are gaining popularity and spreading as a secure password alternative.

Phishing is Becoming More Creative

Phishing emails and smishing messages (via SMS) are still popular among cybercriminals. Therefore, always be suspicious if a message tries to pressure you with threats of blocking or urgent deadlines. Such messages aim to lure you to a fake website where you are supposed to enter sensitive data like contact, bank, or login information. The fraudsters can record these entries and gain access to your accounts.

Therefore, do not click on links in emails that you do not expect or that seem suspicious. Instead, try to verify the matter through another contact method not listed in the fake email. Log into your customer account and check your inbox for any notifications. Alternatively, you can contact the respective customer service by phone or in writing. Be cautious: You could also receive phishing requests via WhatsApp and other messenger and social media services.

Fraudsters repeatedly hack users’ social media accounts to contact the victim’s contacts in the style of the grandparent scam. The often sad or terrible stories that the fraudsters then send in the victim’s name are linked with an urgent request for money. In such a case, you should not click on anything or transfer any money. Contact the supposed sender through another communication channel, preferably by phone or in person, to clarify the situation. This also gives the affected person the opportunity to respond to the identity theft.

More on the topic

Quishing Fake QR Codes on Parking Meters! Police Warn of Scam

Consumer Advocates Warn Beware! Fraudulent Bank Calls Are on the Rise–What Customers Can Do

Pay Attention to Your Identification Documents

Particularly risky for identity theft is the sharing of copies, photos, or scans of identification documents. These can serve as templates for forgeries for identity thieves. Always weigh whether sharing such documents is safe and appropriate in the given context. Be generally suspicious when strangers ask for certain data and documents. If you do need to provide a copy of your ID, for example, to register with Airbnb, carefully black out all irrelevant information. This includes the ID number and signature, among others.

For an image file, you should also insert a watermark if possible. With a free image editing program like Gimp, you can place a text band on the document to mark the copy as such. The text band should include information about the recipient and the current date.

Lastly, you should always keep your operating systems, programs, and apps up to date. Providers of such applications do not offer regular updates for nothing. Often enough, these updates also close one or another security gap. Therefore, it is important not to delay updates but to install them promptly.

Measures for Acute Identity Theft

If suspicious account activity and identity misuse are noticed, it is important to act quickly and limit the damage. You should definitely file a report with the police, which is also possible via an online form. Also, inform your bank to stop any pending debits and retrieve unauthorized debits that have already been made. If necessary, block your affected bank cards. With some banks, blocking is very easy in your online banking; otherwise, there is also the central contact point for blocking electronic authorizations. The emergency blocking number is 116 116.

In the case of large-scale identity theft, you can also apply for a new ID. Additionally, you should inform credit agencies like Schufa about possible identity misuse.

With material from dpa.