In an episode of “Seinfeld,” Jerry's neurotic friend George Costanza has so much stuff jam-packed into his wallet that it’s ridiculed as a “filing cabinet.” The wallet bulges with everything from Irish currency to a coupon redeemable at Orlando, Florida-area Exxons to filched packets of Sweet’N Low. Walking down the street, Costanza the pack rat tries to stuff one more thing inside and the billfold explodes, scattering its contents to the wind.
Jon Clay, vice president of threat intelligence for Trend Micro, a global cybersecurity firm, mentions the episode when talking about what consumers should not carry in their wallets lest they lose the valuable information. In an era in which identity theft is epidemic, the lessons of the old sitcom remain timely.
Join today and get instant access to discounts, programs, services, and the information you need to benefit every area of your life.
Pickpockets — and ne’er-do-wells who say “finders keepers” when they stumble on a lost wallet — aren’t after just your cash. When it comes to personally identifiable information, it may be that the original crook profits by reselling it, Clay says.
Worse, the crook may bring in accomplices and share the loot. After a lost wallet was pocketed in June at a casino in Davenport, Iowa, the thief kept the $800 inside and an ID card. Later, the rightful owner’s name and personal information was exploited to set up an online bank account to obtain a debit card and checks, and with accomplices, the first crook and his cohorts went on a spending spree at a half dozen merchants, later peddling some of their $5,600 in purchases on Facebook Marketplace, authorities said.
“We all think we are being careful, but it takes one second for a criminal to steal our wallet or purse,” says AARP’s Amy Nofziger, who oversees its Fraud Watch Network helpline, 877-908-3360.
“Limit what you carry to ensure you don’t put yourself at a greater risk,” she says. “Even though we hear about online crime every day, there are still many criminals waiting to get ahold of your personal belongings. They look for your wallet and purses at gyms, grocery stores and your car.”
How to keep your wallet safe
Since many merchants accept digital wallets, Clay says he’s apt to carry just a single credit card because he’s only encountered some gas stations that won’t let you pay with a digital wallet. These contain digital versions of your credit and debit cards, and you pay with a smartphone. Examples include Apple Pay, Samsung Pay and Google Pay.
A resident of Colorado, Clay also relies on the myColorado mobile app to store his driver’s license, vaccination record, vehicle registration and proof of auto insurance. So unless he’s traveling out of state, he avoids carrying those.
Even if you’re not as tech-savvy as Clay, your wallet can be leaner, and with respect to cybercrooks, meaner. Take some time to declutter and potentially spare yourself from some time and trouble cancelling accounts and obtaining new cards. First, consumer advocates say, make photocopies (or take smartphone photos) of the front and back of all your cards, so you know whom to contact if they go missing.
Here are the 10 things that he suggests you remove from your wallet and store in a safe place, such as a fireproof lock box or a safe deposit box depending on how often you need to access them:
- Social Security card.
- COVID-19 vaccination record card, which carries your date of birth and hints at where you live.
- Multiple credit cards and credit-card receipts.
- Checkbook, or even one blank check.
- Work ID card.
- Passport or passport card.
- List of your passwords.
- Gift card not fully redeemed.
- Birth certificate.
- Library card. It sounds benign, but a crook can always check out lots of books and sell them for a buck or two apiece, Clay warns.
Advice for Medicare beneficiaries
To help protect your identity, your Medicare card no longer carries your Social Security number. Your Medicare number — unique to you — should be closely guarded and never shared with anyone who contacts you out of the blue by phone, email, text or in person, unless you contacted them first and gave them permission to contact you.
If someone calls and asks for your information or money or threatens to cancel your benefits, report it immediately to 800-633-4227 (800-MEDICARE).
The Centers for Medicare & Medicaid Services says you’ll need the information on your Medicare card to join a Medicare health or drug plan or buy Medicare Supplement Insurance (Medigap), so keep your Medicare card in a safe place.
If you have original Medicare:
Carry your Medicare card with you when you’re away from home. Show your Medicare card to your doctor, hospital or other health care provider when you get services. If you have a Medicare drug plan or supplemental coverage, carry that plan card with you, too.
If you join a Medicare Advantage Plan or other Medicare health plan:
You’ll use your plan’s card to get services, not your Medicare card. Therefore, keep your Medicare card in a safe place in case you switch plans or later go back to original Medicare.
Synthetic Identities: A Growing Threat
Less is more when it comes to what’s in your wallet because criminals have begun creating synthetic identities, a fast-growing form of fraud, says Eric Leiserson, vice president of research & marketing at IDology, a tech firm that specializes in identity verification and fraud deterrence.
Here’s how they operate:
- Any information that a criminal finds or steals from a wallet can be used to create synthetic identities. The crooks exploit personally identifiable information, such as a Social Security number — often from children or seniors — as well as an address or phone number of one or more people.
- Over time, they combine this information with fake information to build a completely new identity, making synthetic identity fraud difficult to detect.
- Criminals will often “incubate” identity information and upload and sell it on the dark web, hard-to-access portions of the Internet where illicit transactions can occur. Then it can be used by another criminal to perpetuate fraud.
- Once a synthetic identity is in place, fraudsters can create new accounts in your name.
- It could be a year or more before a fraudulent new account is created and longer before the fraudster “busts out” with stolen funds, catching victims off guard and wondering when and where their information was compromised.
“We know statistically, seniors are less likely to take counter-fraud measures like enabling two-factor authentication or putting in place alerts with their financial institution,” Leiserson says, so when it comes to carrying identity data in your wallet, “less is significantly safer.”
Katherine Skiba covers scams and fraud for AARP. Previously she was a reporter with the Chicago Tribune, U.S. News & World Report, and the Milwaukee Journal Sentinel. She was a recipient of Harvard University's Nieman Fellowship and is the author of the book, Sister in the Band of Brothers: Embedded with the 101st Airborne in Iraq.