The Federal Trade Commission reported that about 10 million Americans, or 5% of all adults, fall prey to identity theft each year, with an average loss of $4,800.

The economics of cybercrime are simple, says Jay Foley, co-executive director at the Identity Theft Resource Center: The risks are low and the rewards high.

Few law enforcement officers specialize in identity theft crimes, and jurisdictional questions make tracking down and charging the criminals difficult. The Internet provides cover for the bad guys.

As Foley put it: "Criminals are now asking themselves, 'Why should I rob someone, get maybe $200, and face 7 to 10 years in jail if I am convicted when I could commit identity theft, make $100,000 or more, and face at most one year in jail?' "

That means the rest of us need to be more vigilant. Security experts suggest a number of steps that, while not foolproof, can reduce your chances of becoming a victim.

Don't post personal info
Social networking sites such as MySpace.com have given Web users an easy way to share information about themselves to the world — maybe too much information.

You shouldn't post anything that could be used as a password or as a "secret question" other sites use to verify your ID: your birth date, pet's name, mother's maiden name or schools.

Thieves troll different sites and use automated programs that dig up such information.

They also spend a lot of time at sites, such as Monster.com, (MNST) where job searchers often post a lot of personal data.The Privacy Rights Clearinghouse recommends that job applicants omit personal information, such as their Social Security number, physical address, and phone number from online resumes.

Pick strong passwords
This is always tricky; people need to select something easy to remember but hard to guess.

Don't use something obvious — such as a birth date, phone numbers, or last four digits of your Social Security number — that can be gleaned from other sources.

The Privacy Rights Clearinghouse recommends picking the first or last letters in a favorite line of poetry and intermingling them with numbers and punctuation marks.

"Mary had a little lamb," for example, becomes "m*ha2ll" or "y!dae5b," a password almost impossible to guess. (A lot of people read IBD, so don't use these exact phrases — or for that matter, "Mary had a little lamb" as your starting point.)

Give less info to merchants
While most require some personal info to identify you, don't be afraid to ask why they need it and how it will be used. If you're not comfortable with the answers you get, don't be afraid to say no.

You shouldn't have to hand over Social Security or credit card numbers for stores' customer loyalty programs, says Bob Hardekopf, CEO of Lowcards.com, which offers credit card advice and services.

And there's no reason why you have to give your phone number to a retail store cashier.

Don't be a phish
If an e-mail ever asks you to "verify" password or account info for your bank or other financial firm, it's almost always a type of fraud known as phishing.

Don't be reeled in.

The con tricks people into handing over financial info with professional-looking e-mail and Web sites. The e-mail will ask you to provide account numbers, credit card security codes and password — often as a "security precaution."

Instead, your info falls into the hands of crooks.

If you're not sure that an e-mail is legitimate, call the business — with a phone number you're sure is valid.

Encrypt sensitive data
When typing in credit card info for online purchases, look for a lock icon and a Web address that begins with "https://" — (the s is for secure). This means the data is almost impossible to intercept, unlike the easy-to-eavesdrop "http://" connection used for basic Web activity.

Wireless connections are another potential break-in spot for criminals. If you use a wireless router, be sure to use its "WPA" (Wi-Fi Protected Access) encryption option to scramble any data sent, so no one else can intercept it.

That goes for removable storage and laptop hard drives, too.

"If individuals carry personal information to a remote location by using a laptop or a USB disk drive, they need to make sure that the data is encrypted, so criminals can't access it if the device is lost or stolen," said Paul Stephens, policy analyst and consumer advocate with the Privacy Rights Clearinghouse, a nonprofit consumer information and advocacy program.

The newest versions of the Windows and Mac OS X operating systems make this easy.

Watch your kid's Web activity
While many young people are tech-savvy, they can also be naive about devious adults online.

"Parents should never allow their children to take their credit card and then buy any items on the Internet, without supervising them" said Identity Theft Resource Center's Foley.

Monitor your credit
Criminals will sometimes rack up small charges over time, hoping the victim isn't paying attention. These charges can go on for months and even years, says Lowcards.com's Hardekopf.

If you see mistakes on your monthly — or even better, online — statements, report them immediately.

Also, be sure to request a free annual credit report. By law, you're entitled to a free report each year from each of the big three major reporting agencies (Equifax, Experian, and TransUnion). Stagger your requests, and you can get one every four months.

The reports will show any unusual activity, such as mysterious credit cards or loans in your name.

Beware of another trap: It's not always easy to find the agencies' free-report sign-up sites. Many companies offer "free" reports as part of pricey credit-monitoring services.

None of these tips guarantee that you'll never fall prey to fraud; criminals are tricky and highly motivated. But with a little vigilance, you can make their job a lot tougher.

News from: Investors.com