About 7 percent of Americans had their identity stolen last year – and most don't know how a stranger got their personal information.
In a report released Sunday, the Bureau of Justice Statistics said about 17,576,200 people (ages 16 or older) were victims of identity theft in 2014.
That's about one in every 14 people, and close to the same rate as 2010 (the last time the bureau looked at the numbers).
About 14 percent of them actually experienced an out-of-pocket loss of $1 or more – and half of those people took losses of more than $100.
Here's a breakdown that includes age, sex, income and race.
There are a lot of interesting nuggets in the report: For example, two-thirds of victims don't know how a thief got their information. Read the summary here.
"These folks are crafty, and good at what they do," Dan Hendrickson, spokesperson for the Better Business Bureau of Minnesota and North Dakota, told BringMeTheNews. "It’s really important for people to know that they are, largely, their own best ally against identity theft."
One note: Of all the victims, 45 percent found out what happened when their financial institution notified them.
According to Hendrickson, the only way to notice earlier is "vigilance."
Check your accounts every few days, and consider signing up with a credit monitoring company.
One trick fraudsters use is to charge a very small amount to a card, a couple bucks, to see how closely it's being watched, Hendrickson says. And if it goes through, they'll consider coming back for a bigger bite.
The BBB has more tips for safety, plus background information on what's targeted by thieves (mainly Social Security cards, IDs or diver's licenses, bank cards and forms, wallets or purses, and even junk mail).
Dangers of coffee shop Wi-Fi
One big factor (which many people don't realize) is public Wi-Fi, Hendrickson says – "people not realizing that they can be hacked at their local coffee shop."
The reason is lack of digital protection; no encryption is required for the data traveling back and forth, ABC News said.
Hackers can create a Wi-Fi hotspot with a nearly identical name to the one you're trying to connect to, or can use your computer's own info to create a stronger network your device will automatically go toward, NBC News reported.
Last year, Medium brought a hacker (and a small black device) to a cafe with free Wi-Fi and within 20 minutes had learned where people were born, where they went to school, their hobbies and interests, and more. He also showed the writer how easy it is to steal passwords or redirect people to fake bank sites that look real – then take the log-in information from it.
To stay safe, TheNextWeb suggests using two-step authentication for all your accounts, encrypting your own data (which they walk you through how to do), and make sure to only log on to sites that start with "https:" not just "http:" – those contain a layer of built-in security.
Hendrickson says to avoid accessing financial info when you're on public Wi-Fi as well.