If some of the numbers being cited about identity theft are to be believed, it’s just a matter of time before some unseen cyberhustler steals your name, empties your bank account and wrecks your financial reputation. You can almost hear the maniacal laughter.

By some measures, one in five Americans has been hit. Another common statistic is that 10 million people fall victim every year.

Making matters even scarier, new laws in California and other states have forced companies to essentially tell all U.S. consumers when their personal data have been compromised — even if the files have not actually been maliciously used.

In response, Congress is considering bills to restrict the flow of personal information. And identity theft monitoring services have sprung up that can cost consumers well over $100 a year.

But while it’s certainly important to be vigilant against this potentially devastating crime, it also appears identity theft is too broadly defined and often misunderstood.

As a result, some experts say, lawmakers and companies might be misdirecting their anti-fraud energies. Overly fearful consumers could be unecessarily avoiding doing business on the Web.

Too often overlooked, many analysts argue, are savvy “synthetic” fraud schemes that frequently don’t directly victimize individual consumers. In such schemes, criminals invent fictitious identities and use them to ring up phony charges. By some estimates, this accounts for three-quarters of the money stolen by identity crooks.

“There’s a lot of fraud that is not being identified as fraud, not being measured accurately,” said Anne Wallace, executive director of the Identity Theft Assistance Center, an industry-funded group that helps victims resolve fraud problems for free. “It’s written off as bad debt. It’s bad debt because the guy didn’t exist.”

To understand the risks we really face, it’s worth analyzing the statistics.

Multiple surveys have found that around 20 percent of Americans say they have been beset by identity theft. But what exactly is identity theft?

The Identity Theft and Assumption Deterrence Act of 1998 defines it as the illegal use of someone’s “means of identification” — including a credit card. So if you lose your card and someone else uses it to buy a candy bar, technically you have been the victim of identity theft.

Of course misuse of lost, stolen or surreptitiously copied credit cards is a serious matter. But it shouldn’t force anyone to hide in a cave.

Federal law caps our personal liability at $50, and even that amount is often waived. That’s why surveys have found that about two-thirds of people classified as identity theft victims end up paying nothing out of their own pockets.

The more pernicious versions of identity theft, in which fraudsters use someone else’s name to open lines of credit or obtain government documents, are much rarer.

More here.