Think identity theft won't happen to you? Consider this frightening statistic: And average 16 million people a year are victims. That's roughly one every three seconds.

With well-established sites getting hacked and retailers losing control of hundreds of millions of credit card numbers, it's easy to assume that there's nothing much you can do about ID theft. That isn't true. There's no way to absolutely guarantee your identity won't get stolen, any more than you can guarantee your computer won't be infected with a virus. But there are many things you can do to vastly reduce your chances of becoming a victim. Many require just a few minutes a week. Others take no time at all because they're a matter of not doing something (such as posting personal details to social media).

Here are 8 things everyone should do to protect their identity, recommended by Neal O'Farrell, founder of the Identity Theft Council, and an advisor to governments and businesses large and small. You can find a lot more information in the handbook Think Security First!, available free from the council in partnership with Credit Sesame.

1. Monitor your credit reports.

It should take you less than five minutes to order your credit report, available from Credit Sesame any time for $9 or from the government site AnnualCreditReport.com. By law, you're entitled to a free report once a year from each of the three major credit bureaus, so one strategy if you don't want to pay for a report is to get one report every four months. And if you ever get turned down for credit, you're automatically entitled to a credit report directly from the credit bureau involved.

Why is this so important? If someone is using your identity to open credit card accounts or take out loans, that activity will show up in your credit report when you may have no other way of knowing that it's happening.

You can take it a step further and freeze your credit report, meaning that no third party can have access, which will effectively prevent anyone from taking out any new credit in your name. The problem is that includes you and it may take a while to "thaw" your credit report again. So think carefully about your coming credit needs before you take this step.

2. Safeguard your personal information.

Any personally identifiable information, including bank account numbers, your Social Security number, store or utility account numbers, your birth date and so forth are all useful to identity thieves who will collect as many of these as they can and put them together to reconstruct your identity. Be careful who you share this information with, and don't send it over email or by other insecure means.

And thieves may be after much more than your financial information. According to O'Farrell, "Your medical identity is worth 30 times more than your financial identity on the black market."

3. Safeguard your identity physically as well as virtually.

Don't assume that identity thieves will be hackers gaining access to your information from afar. It's surprisingly common for identity theft to begin with someone who gains physical access to your information or your computer or other devices, either a burglar or another unknown person who gains access to your home.

Don't leave personal information--bills or other correspondence, for instance--lying around where anyone in your house could easily pick it up and read it. Shred any documents with financial or other sensitive information before you dispose of them. And your computer password should not be written in an easy-to-find place near your computer.

4. That includes your snail mail.

Some identity thieves say most of their crimes begin with stolen mail, O'Farrell reports. So don't make it easy for them. Avoid leaving important mail in the mailbox longer than necessary. Or consider using a post office box.

5. Watch what you say (and what your kids say) on social media.

Criminals often troll social media to see if they can glean personal information to help them put together a complete picture of someone's identity. It can be easier than you might think. A few years ago I joined a Facebook group made up of the many grandchildren of my mother's father. Anyone who knew I was a member of that group would also know my mother's maiden name, a key identifier used by financial institutions and many others.

6. Secure your computer.

Identity theft is just one of many unpleasant things that can happen if hackers gain access to your computer or it becomes infected with malware. So give yourself the best protection possible by following commonsense computer security practices. Every computer in your home and office should have antivirus and antispyware installed and kept up to date. Stay up to date with security patches for your operating system as well, along with any software you use. Protect your system from hackers with a firewall, and scan your system regularly for malware and spyware. (Most of these items run in the background while you're using your computer--or while you're asleep--so they don't take up any time, especially

7. Get serious about passwords.

Everyone hates multiple passwords, but the fact is if you're using easy-to-guess passwords, or using the same password for everything, you're leaving yourself more vulnerable than you should. Passwords should be long, complicated, and either random or unguessable, based on a favorite phrase perhaps. And every important site or service--especially any with access to your personal information--should have its own unique password. Consider using password software that generates a new random password for each site. And make sure to use two-factor authentication. It takes less than five minutes to set it up and less than 30 seconds to use.

8. Don't forget mobile devices.

You're just as vulnerable to identity theft or other security threats on your mobile device as you are on your desktop or laptop. So secure your phone and/or tablet with antivirus software (which, like computer antivirus software, runs automatically and takes up no time). Protect your lock screen with either a password, a gesture, facial recognition, or a fingerprint (or some combination of those). Mobile devices can be stolen or lost, so make sure you have the ability to remotely wipe your smartphone or tablet just in case.

Published on: Jan 12, 2015
Like this column? Sign up to subscribe to email alerts and you'll never miss a post.
The opinions expressed here by Inc.com columnists are their own, not those of Inc.com.