“It won’t happen to me!” is what many of us think and hope when we hear about other victims of crime. But when it comes to cyber crimes, it’s become a case of when rather than if. “The number of U.S. data breaches tracked in 2015 totaled 781, according to a recent report released by the Identity Theft Resource Center (ITRC). This represents the second highest year on record since the ITRC began tracking breaches in 2005.” Taking a few minutes to understand the signs of Identity Theft and the related actions to take can help you deal effectively with this growing type of crime. If you are lucky enough to have avoided it so far, keep reading anyway. These pointers may help you continue identity theft-free!
Credit card fraud is a common type of identity theft but in most situations, notifying your credit card company and canceling the card takes care of the problem. Victims are usually not held responsible for fraudulent charges and the credit card company will guide you through what needs to be done. While credit card fraud is inconvenient (my medical insurance was inadvertently canceled because I forgot to update my card on auto pay after I replaced the compromised card) it’s relatively straightforward to deal with so let’s move on to another type of identity theft, the type that involves compromise of your social security number.
Identity theft involving your social security number can be financially devastating and is challenging, inconvenient and time consuming to deal with. While not impossible, it is unlikely that you will successfully change your social security number therefore, once a victim of this type of identity theft, your social security number remains available for repeated use. Since you are in placed in a permanent position of compromise, you must remain permanently vigilant.
How do you know if you’re a victim of Identity Theft?
- You receive bills that are not yours for credit cards you don’t own or for purchases, services or rental agreements you did not make.
- You notice unauthorized charges on your credit card statement.
- Businesses will not accept your check or credit card payment for a purchase.
- You receive an IRS notice that more than one tax return was filed in your name.
- You receive IRS notification that you have income from an employer you have not worked for.
- You receive notice from a business or healthcare organization notifying you that your data has been compromised.
- You do not get timely bills or statements via mail or email.
- You don’t recognize some of the activity on your credit report.
- You are contacted by a collection agency for something you didn’t purchase.
- A district attorney or the police pay you a visit.
- You receive a notice (subpoena) to appear in court.
- You are denied credit when you apply for it.
- You run into unexpected problems with financing when you try to purchase a new home, vehicle etc.
- You are unable to set up new banking or brokerage accounts.
- You do not recognize withdrawals in one of your banking or brokerage accounts.
- A medical claim is rejected because you have maxed out your benefits.
- Your Social Security Statement is not what you expect it to be.
What do you do if you suspect you are a victim of identity theft?
- Cancel compromised credit cards.
- Suspend all activity on compromised financial accounts.
- Close compromised accounts and set up new ones as soon as possible.
- File a report with the FBI’s Internet Crime Complaint Center
- If money has been wired out, report it to the FBI immediately. If it’s been less than 24 hours, the FBI can likely get it back. (see direct link to contact FBI agent in article linked to above.)
- Contact your broker if an investment, retirement or brokerage account has been impacted.
- Obtain an annual free credit report. (Or get 3 free reports per year by requesting one from each credit bureau (TransUnion, Equifax, Experion) once a year. Stagger each request by 4 months and repeat every year.
- Request a free manual social security number search from the major credit bureaus to see if your number is being used with someone else’s name.
- Place a fraud alert or a credit freeze on your credit file.
- Review your credit report carefully for activity not belonging to you and if you find any, take appropriate actions.
- File a police report with your local police department.
- Sign up for credit monitoring with a reputable company – hopefully paid for by the business that compromised your information, if that applies. This is one of many suggested steps but on it’s own, it will not offer adequate protection.
- If you have a missing device with confidential information on it, (phone, tablet, computer), remotely wipe it clean yourself or ask your carrier for help with this if you can’t.
- Remove yourself from people directories to make your private online information difficult to locate. Basic information located online such as your birthday, mother’s maiden name, pet’s name and address can help a thief gain access your information by guessing your passwords and answers to security questions as they try to get into your accounts.
- Set up alerts on your financial accounts. (see examples under lifetime habits below)
It is important to recognize that once your social security number has been compromised, it will likely be compromised again and you unfortunately remain at risk permanently. As frustrating as this is, it’s not the end of the world. What it means is that you must develop good habits and always take steps to protect yourself.
What lifetime habits should you adopt to protect yourself?
- Set up security and daily alerts on all of your financial accounts that notify you of what’s going on in your accounts. For example, opt to receive an immediate text of any wire transfer out of your account. (See alert examples from a couple of banks below.)
- Include a quick review of all of your banking accounts as part of your daily routine to make sure there are no unauthorized transactions.
- Use unique, safe and secure passwords on every account you have – especially financial accounts and email accounts. Email accounts can be used to reset passwords and you don’t want to make it easy for someone to get into your accounts via your own email address.
- Use two-step authentication wherever and whenever it is possible. This is a system of using more than a user name and password to gain entry into an account. ie. In addition to standard log-in requirements, you must enter a code received via text before you can gain access. An example is Google’s 2-Step Verification for gmail or Apple’s 2-Step Authentication for an Apple ID. The second step may be a question, image or code. It can also be a physical token but these come with the risk of loss, misplacement or theft.
- Have good security questions that are hard to guess. No more using “Mother’s Maiden Name” as a key question.
- If you find it too inconvenient to have a credit freeze on your account (you have to pay a small fee each time you need to unfreeze it for your own transactions), keep a permanent fraud alert on your credit.
- Be diligent about matching transactions to statements for all financial accounts.
- Avoid unsecured WIFI.
- Use your own secured, malware-free and virus-free computer for financial and confidential transactions.
Identity theft can be devastating. As daunting as they seem, these steps are manageable and they form a list of good habits to follow whether you’ve ever been a victim of identity theft or not. Anyone who’s had to deal with the painful headache and financial or personal damages related to identity theft will agree that prevention is way better than cure!
Until next time,…Stay Cyber Safe.