When Sheila Gordon's electricity was unexpectedly shut off a decade ago, it opened her eyes to a crime that's growing across the nation: identity theft. Several months before, someone got hold of her Social Security number and used her name to have utilities turned on at another residence. The identity thief never paid the bills, and Sheila, then a recently divorced new mother, paid the price. Though it took only a couple of days for her utilities to be turned back on, it took more than a month for Sheila to remove the blemish on her record. "Time is so valuable when we have children and we're working," says Sheila, who is now director of the victim assistance center for the San Diego, CA-based Identity Theft Resource Center. On average, it takes nearly an entire workweek—30 hours of phone calls, letters and legal wrangling—to clear up a case of identity theft, according to the Federal Trade Commission (FTC). "Trust me," says Sheila, "you don't want that burden in your life."

Wanted or not, that burden falls on about ten million consumers each year. ID thieves cost us $50 billion a year in their use of fraudulent accounts, and experts have characterized this as one of the fastest-growing crimes. "It's a huge problem," says Betsy Broder,of the FTC's Division of Privacy and Identity Protection, "because of the money it costs, but also because of how it makes us feel about doing business." It's hard not to feel vulnerable when simply buying a pair of pumps can open you up to a world of worry. Late last year, shoe discounter DSW Inc. settled a case in which the FTC charged the retailer with failing to take security steps, allowing hackers to gain access to credit card, debit card and checking account information. The breach affected more than 1.4 million customers. But unlike banks and credit card companies, these businesses are not required by law to safeguard your information. The FTC, which has been prosecuting lapses like DSW's under a statute that covers unfair and deceptive acts and practices, has asked Congress to consider new laws that will address this issue. Meanwhile, hackers are getting increasingly sophisticated, and they're not just targeting large databases—they are literally hitting home. "It's almost as if the front door is no longer the most vulnerable part of your house. It's now your computer," says Lawrence Phipps, director of marketing for Sereniti, which provides home networking and safeguarding services.

Cybercriminals' new tricks

When it comes to high-tech thieves, the new weapons of choice are spyware, pharming and phishing, experts say. The Trojan horse of ID theft, spyware is installed in the guise of some other software and allows hackers to monitor your computer activity and gather passwords, credit card numbers and other financial information. ID thieves craftily target children online, luring them to download spyware onto their family computer by convincing them that they're getting a computer game.

In pharming, consumers are redirected from legitimate websites without their knowledge. Information you enter on these imposter sites is harvested by hackers, who can then go to a legitimate site using your personal information and falsifying transactions. Similarly, thieves can coax information out of you and your children through email requests, a tactic called phishing. Though it seems simple enough not to provide information to a stranger who solicits you, thieves often pose as legitimate businesses, such as PayPal. More recently, a method called spear phishing has emerged, in which hackers find  out more detailed information about you and then attempt to convince you that you already have an established relationship with the sender. ID theft awareness has increased in the decade since Sheila became a victim, but consumers still often believe they are safer than they are, according to a 2004 survey by America Online and the National Cyber Security Alliance. Of the 329 people surveyed, for example, only 53 percent believed they had spyware or adware (which can collect information and send pop-up ads) on their computers. A scan revealed, however, that these programs were in fact on 80 percent of the participants' computers. "These threats are constantly evolving and changing," Phipps says. "I don't think we're on top of it." Outside the home, ID thieves have been using standalone ATMs, the kind often found in small convenience stores and gas stations, to collect information from debit and credit card stripes, including passwords. The method gives hackers all the information they need to create fake debit and credit cards. More rarely, hackers have also attached false fronts to ATMs at more established institutions to gather financial information.

The next targets?

Hackers are starting to zero in on mobile gadgets, such as BlackBerrys and cell phones. And instant messaging is becoming a hot mark. "It's an obvious area of focus for the hacking mentality," Phipps says.

With potential scammers stalking everything from databases to Dumpsters, it's more important than ever to protect your privacy. Knowledge is power—and also your best offense. See "Fighting Back" for antitheft strategies, and protect your bank account and your good name.

$ Saver Tip

Before you spend a dime on software to protect your identity, visit www.onguard online.gov and search the GetNetWise software tools database. You may find some software you need for free.