Identity theft is the number one complaint filed with the Federal Trade Commission, which saw an increase of almost 17 percent in the New York metro region between 2007 and 2008.

Todd Feinman, the Chief Executive Officer of Identity Finder, says part of the reason for the uptick is that the Internet has created many new forms of identity that can be stolen, well beyond one's Social Security number.

"Today, people have multiple bank accounts, multiple credit card numbers and they access those with passwords," says Feinman. "So your password for example to log into PayPal is a form of your identity, because it can be used to steal all of the money that you have in the bank accounts linked to it."

Feinman advises that passwords should contain letters, numbers, and even symbols and never involve one's birthday.

Yet thieves do not need to guess at passwords, if they can trick Internet users to hand them over by means of "phishing." Scammers will send an email that looks like it's from a credit card company that asks for a password.

Feinman says people should never click the links provided in phishing emails.

"A lot of times the link might have underlying information in it like code that takes you to a different site that looks like the one you are going to but really isn't," he says.

Sometimes, phishing emails are heard to tell apart from genuine companies' emails.

"They 'spoof' is the word that we use - it looks very real, very much like an American Express email or an AOL email," says Leonard Gordon, the director of the Northeast Federal Office of the FTC. "And they ask for sensitive information - your bank account information, your credit card information and once they get it, they run with it."

Gordon says even those who do their banking with old-fashioned paper receipts have to protect themselves from people "phishing" through the trash.

"Shred, shred, shred. When you get your credit card statement, check it to make sure there aren't any unauthorized charges to correct, then shred it," says Gordon. "If you don't have a shredder, tear it up and throw it out with the smelliest, worst garbage that you can get out of your fridge."

He also advises consumers to be diligent about checking their credit report, which is available for free once a year. He says a few hours spent combing the reports is far better than the amount of time it takes to correct a subsequent problem.

"You have to do everything in writing, you have to send certified letters to your credit card companies," says Gordon. "It takes about 50 hours of your time and can cost upwards of $500 in fees, copies, lost work time, travel time, all kinds of incidental expenses.

In order to help identity theft victims navigate the process, the FTC has linked various forms and sample letters to their website, at ftc.gov/idtheft.