Social engineering and other forms of fraud can trick you into sharing personally identifiable information (PII), such as your Social Security Number or credit card information. With this information, fraudsters can attempt to access online services and benefits, such as those provided by a bank or state workforce agency. The following sections offer general tips to help keep your information safe.
Protect your privacy
Keep your private information, such as your home address and Social Security Number, private. Only share them in trusted places, such as when you’re entering your information for an identity verification requested by an ID.me partner. Visit Why does ID.me ask for my Social Security Number? for more information.
Know who you are communicating with
Fraudsters may pose as ID.me employees and ask you for information to "help verify your identity." ID.me employees will never ask for any type of sensitive information outside of official ID.me support channels, such as during a verification video call or an email from ID.me. Be suspicious of new social media contacts. Legitimate support through social media will only come from official ID.me pages:
- Our authorized Twitter accounts are @IDme, @IDmeSupport and @Blake_Hall.
- You can find us on Reddit in r/IDmeSupport with our verified account u/IDmeOfficial.
Beware of job scams
Scammers may offer you a false job opportunity, then convince you to complete ID.me's identity process for "employment verification." The scammer can then use your cooperation to acquire your personal information. There are similar scams involving dating sites, sweepstakes, or other types of fraud.
Always be on the lookout for suspicious-looking links, odd-looking content (with typos), unsolicited contact from people you don't know (e.g. on dating sites), etc.
Other tips
Use long and strong passwords
Protect your account with a robust password that has a combination of upper & lower case letters, numerals, even special characters. If you have trouble keeping track of all your passwords, consider using a "password locker" or other software to manage them.
Use multi-factor authentication
Multi-factor authentication (MFA) combines things you know (like a password) with things you have (like a smartphone). It's another layer of protection for your account. We recommend you set up at least one MFA method, even if it’s not required. We recommend you set up at least one MFA method, even if it’s not required. For additional security, you can set up more than one MFA method and a recovery code.
Don't "overshare" on social media
Not everyone online is who they say they are! Never share personally identifiable information (PII)—like your date of birth, Social Security Number, or credit card information—in a public place, like Facebook or Twitter.
Click only on trusted links
Be cautious when opening links. Always consider the source.