How to Help Protect Yourself Against Identity Theft
By John Mason, Technology Manager
Large-scale computer hacks and data breaches are now common occurrences — an unfortunate consequence of living in a digital world. Once identity thieves have your information, they can use it to gain access to your bank and credit card accounts, make unauthorized transactions in your name, and subsequently ruin your credit.
Now more than ever, it’s essential to safeguard yourself against identity theft. Here are some steps to protect your personal and financial information.
Review Your Credit Reports
It is important to review your credit report at least once a year and ensure your information is correct. Every consumer is entitled to a free credit report every 12 months from each of the three reporting agencies: Equifax, Experian, and TransUnion. Besides the annual report, you may be entitled to an additional free report under certain circumstances. Visit Annual Credit Report.com for more information.
If you find an error in your credit report, contact the appropriate credit reporting agency to let it know that you are disputing information on your report. The agency usually must investigate the dispute within 30 days of receiving it. Once the investigation is complete, the agency must provide you with a written result of its investigation and remove/correct any errors. You can generally file your dispute online or by mail with the agency. However, it may be more helpful to dispute the error in writing with supportive documents, preferably by certified mail. That way, you’ll have a paper trail to rely on if the investigation does not resolve the disputed error. If you believe the error results from identity theft, you can also file a complaint with the Federal Trade Commission at identitytheft.gov.
In addition to checking out your credit report, you should regularly review your bank and debit/credit card accounts for suspicious charges or account activity. If you discover signs of unauthorized transactions, contact the appropriate financial institution as soon as possible — early notification not only can stop the identity thief but may limit your financial liability.
As you monitor your credit report and financial accounts, keep an eye out for the following possible signs of identity theft:
- Incorrect personal and account information on your credit report, including suspicious credit inquiries
- Money that is missing from your bank account, no matter how small the amount
- Missing bills or other mail from financial institutions and credit card companies
Fixing a credit report error can be time-consuming and emotionally draining because of the paperwork and steps involved. If you believe your credit reporting rights have been violated, you can file a complaint with the Consumer Financial Protection Bureau (CFPB) at consumerfinance.gov.
Fraud Alerts and Security Freezes
If you discover that your personal and financial information has been exposed to identity theft, you should consider placing a fraud alert and security freeze on your credit report.
A fraud alert requires creditors to take extra steps to verify your identity before extending any existing credit or issuing new credit in your name. To request a fraud alert, you only have to contact one of the three major credit reporting agencies, and the information will be passed along to the other two. A security freeze prevents new credit and accounts from being opened in your name. Once you obtain a security freeze, creditors won’t be allowed to access your credit report and, therefore, cannot offer new credit. This helps prevent identity thieves from applying for credit or opening fraudulent accounts in your name. Remember that if you want to apply for credit with a new financial institution in the future, open a new bank account, and even apply for a job or rent an apartment, you will need to “unlock” or “thaw” the security freeze. In addition, you must contact each credit reporting agency separately to place a security freeze on your credit report.
Use Strong Passwords
Most of us have a large amount of personal and financial information readily accessible through the Internet, in most cases protected by a username and password.
A strong password should be at least eight characters long, combining lower-case letters, upper-case letters, numbers, symbols, or a random phrase. Avoid dictionary words and personal information such as your name and address. Also, create a separate and unique password for each account or website you use, and try to change passwords frequently.
If you have trouble keeping track of your password information or want extra password protection, consider using password management software. Password manager programs generate strong, unique passwords you control through a single master password.
Use a Password Manager
Password managers (also known as password vaults) are applications that store usernames and passwords for internet sites. In addition, they can recommend and generate passwords for internet sites. Later, when you log in to a site, the password manager fills in your login name and password. Some password managers will also fill in your name, address, and credit card number on web forms to save you time when making a purchase online. Some well-rated password managers include Dashlane, Bitwarden, and Keeper.
Use 4 Email Accounts
While having four email accounts may seem extreme, it can separate the different uses you might have for correspondence and sensitive online authentication to help protect your privacy. Be sure to use a unique password for each of your accounts.
- Sensitive information – For banking or financial applications related to authentication and dedicated only for that access.
- Personal correspondence – For communicating with family and friends.
- Shopping and junk email – For applications and websites that send coupons, event notifications, or sales promotions.
- Employment and government – For communicating with your employer or other government entities about healthcare, taxes, utility bills, or additional official information.
Be Vigilant
Remember that the IRS will never contact you by email to request personal or financial information. This includes electronic communication, such as text messages and social media. If you get an email claiming to be from the IRS, wait to respond or click any links; instead, forward it to phishing@irs.gov.
The best way to avoid becoming the victim of identity theft is to stay one step ahead of the identity thieves. Here are some extra precautions you can take to help protect your sensitive data.
- Consider using two-step authentication.Two-step authentication, which involves using a text or email code and your password, provides another layer of protection for your information.
- Think twice before clicking. Beware of emails containing links or asking for personal information. Only click on a link in an email or text if you know the sender and know where the link will take you.
- Search with purpose. Typing one word into a search engine to reach a particular website is easy, but more is needed to get the site you seek. Scam websites may look nearly identical to the one you are searching for. Pay attention to the URL, which will be intentionally misspelled or shortened to trick you.
- Be careful when you shop. When shopping online, look for the secure lock symbol in the address bar and the letters https: (as opposed to http:) in the URL. Avoid using public Wi-Fi networks for shopping, as they lack secure connections.
- Beware of robocalls. Criminals often use robocalls to collect consumers’ personal information and conduct various scams. Newer “spoofing” technology displays fake numbers to make it look as though calls are local rather than coming from overseas. Only answer calls when you recognize the phone number. If you mistakenly pick up an unwanted robocall, hang up.
- Be on the lookout for tax-related identity theft. Tax-related identity theft occurs when someone uses your Social Security number to claim a fraudulent tax refund. You may not even realize you’ve been the victim of identity theft until you file your tax return and discover that a return has already been filed using your Social Security number or the IRS sends you a letter indicating it has identified a suspicious return using your Social Security number. If you believe you are the victim of tax-related identity theft, contact the Internal Revenue Service at gov.
No one or their technology can ever be totally secure. Hackers with patience, money, and skill can break into even the most protected systems. But by taking these steps, you can make it less likely that you’ll fall victim to a cyber-attack and, in the process, help raise your overall security to help ensure your private data stays private.
John Mason is the Technology Manager at Versant Capital Management, providing IT support and investment technology solutions. He’s a recipient of a Community Hero Award from the Phoenix Business Journal for his contributions to the Arizona technology community.