HOW TO MANAGE IDENTITY THEFT AFTER THE SWEEPING EQUIFAX HACK

By Julianne F. Andrews, MBA, CFP®, AIF®

Would you be surprised to learn that identity theft is the fastest growing crime in America?1 In 2014, the year for which the latest figures are available, 17 million Americans had their identities stolen. With an average loss to the affected victim estimated at $2,000, that’s $25 billion in financial losses in the U.S. alone.

In September, Equifax, one of the country’s three largest credit bureaus, announced that the personal financial information of 143 million Americans had been hacked from its computers. This most recent hack has been called one of the worst in history because of its size and the types of sensitive information compromised, such as credit card numbers, name, Social Security number, birth date and addresses.

If you are one of the 143 million Americans whose personal financial information was compromised in the recent hack of Equifax, there are steps you should take to shut down unauthorized access to and use of your personal, financial data. To protect yourself, you may want to take one of more of these steps:

  • Place a fraud report with each of the three major credit agencies.
    • TransUnion: 1-800-680-7289;
    • Equifax: 1-800-525-6285;
    • Experian: 1-888-EXPERIAN (397-3742);
  • Set up credit monitoring with one of the credit bureaus so that you will be notified of any changes to your credit or attempts to obtain credit in your name.
  • Freeze your credit with each of the three major credit agencies, which will prevent unauthorized persons from opening new accounts in your name or requesting higher limits on existing accounts. Each of the credit bureaus has their own process for freezing your credit. You will need to call each to begin this process. A credit freeze is more robust than a credit lock which can be done quickly online with each of the credit bureaus. The issue with a credit lock is that anyone with your user name and password can easily unlock your credit. A credit freeze can only be undone by you contacting the credit bureau and working through their process to unfreeze your credit.
  • Close any accounts you believe were used without your authorization or opened fraudulently.
  • If you believe your personal financial information was used to obtain credit, file a police report to provide law enforcement with the specific details of the crime and begin the resolution process with financial services companies.

For more suggestions on preventing identity theft, visit the U.S. Federal Trade Commission’s (FTC) website at www.consumer.gov/idtheft for valuable guidance and resources.

What Makes You Attractive to Identity Thieves

Certain types of Americans are more at risk to have their identities stolen simply because of their demographics:

  • Individuals under the age of 19 are 51 times more likely than adults to become victims of identity theft.2 It isn’t until it’s time to apply to colleges, that most parents think to check their children’s credit reports.
  • Senior citizens’ large nest eggs, and relatively low levels of debt, make them particularly attractive targets.3
  • Residents of Nevada, California, Florida and Washington, D.C. are more susceptible as well because of their demographics (age and income levels).4

If you fit those profiles, think about freezing your credit even if you were not one of the unlucky 143 million. Taking this action will make you less attractive to the hackers seeking “alternative funding.” However, if you are currently in the process of establishing credit (refinancing a mortgage, obtaining an auto loan, etc.) you may need to wait until your credit activities are complete before instituting a freeze.

8 Ways to Limit the Risk of Identity Theft Immediately

Regardless of your age or home base, there are several important steps you can take now to lower your risk of identity theft:

  1. Read your financial statements thoroughly – as soon as they come in. Each month, check for unauthorized withdrawals or suspicious account activity. In order to qualify for fraud protection, you must report fraudulent activity quickly.
  2. Opt-out of pre-approved credit card and insurance offers. Visit the official consumer credit reporting industry website, www.optoutprescreen.com, to do this.
  3. Enroll your home and mobile phones in the Do Not Call registry. Visit the national registry site first, https://www.donotcall.gov/register/reg.aspx, and then check to see if your state has its own registry as well.
  4. Request your free credit report, which is available once a year. The Fair and Accurate Credit Transactions Act requires the three major credit monitoring agencies (Equifax, Experian, and TransUnion) to offer consumers a free report once per year. Request your report by going online at www.annualcreditreport.com or calling toll-free 877-322-8228. We recommend checking your credit a minimum of three times a year. You can do this by rotating through the three agencies each year.
  5. Purchase a shredder. Use it to securely dispose of old billing and account statements, as well as other financial documents you no longer need. The Better Business Bureau estimates that only 12% of identity theft occurs online; most ID theft happens via the trash. For more information on when to shred documents, go to www.bbb.org/.
  6. Rethink how you use credit cards. Don’t sign the backs of your credit cards. Instead, write “Check Photo ID” to prevent unauthorized use. Also, ask that your credit cards have chips, in addition to magnetic strips.
  7. Exercise “smart checking” to minimize fraud risk. For example, use your initials and last name when ordering printed checks. A check forger won’t know how you sign your checks, but your bank will. In addition, do not have your home address and phone number or Social Security number printed on your checks. List a post office box or your work address with your work phone number. Order new checks from your bank and pick them up at the bank, rather than having them sent to your home mailbox.
  8. Safeguard your personal financial information. Photocopy both sides of your driver’s license, credit cards and other important contents of your wallet. Keep the list in a safe place in your home. In the event your wallet is stolen, you’ll know exactly what is missing and who to call.

Preventing Identity Theft: Why You Can’t be Too Careful

In addition to implementing those eight recommended strategies to make yourself less of an identity theft target, there are other steps you can take to minimize risk as well. While no one can guarantee you won’t be the victim of identity theft, there are ways to protect yourself throughout your day. Be vigilant to:

  • Spot impersonators. Don’t give out personal information over the phone unless you initiate the contact or are absolutely certain with whom you are speaking. If a caller requests personal information, feel free to hang up, look up the phone number of the business the caller claims to represent, and call the number back from your phone to verify the caller’s identity.
  • Safely dispose of personal information on your devices. Before you dispose of a computer or mobile device, use a software program to overwrite the entire hard drive, eliminating access to your personal information. Exercise additional caution by removing the hard drive and having it securely destroyed. When disposing of a mobile device, permanently wipe the device’s records, and remove the memory and SIM card before recycling, selling or giving it away.
  • Encrypt your data. In addition to installing encryption software to protect your laptop in case it’s lost or stolen, keep your browser secure by checking that a lock symbol appears in the address bar each time you are sending financial information. That symbol indicates that your information is being securely transmitted. In addition, always use only secure sites, which begin with HTTPS and never make credit card purchases on unsecured websites whose addresses are HTTP, without the “S.”
  • Keep passwords private. Use strong passwords—at least eight characters long with combinations of upper and lowercase letters, numerals and symbols. Use a different password for each account. Don’t use personal information or words found in the dictionary, and consider using a password manager to auto generate and store your passwords.
  • Avoid oversharing on social media. The more personal information you post about yourself and your family, the easier it is for criminals to potentially guess your security questions. They may even be able to figure out where you live and when you are home. In addition to using your account settings to limit who can view your posts and photos, never accept requests from people you haven’t met or don’t know personally. Also, never post your full name, address, Social Security number, account numbers, names of your children and/or addresses on public websites.
  • Read privacy policies. These policies tell you how the site or company you’re doing business with maintains the information you share and what is collected and stored. The policies also explain how the company uses the information, who accesses stored information, and whether it is provided to third parties. If you don’t see or understand a site’s privacy policy, consider doing business elsewhere.
  • Secure your SSN. Before sharing your SSN, ask questions about why a vendor or organization needs it, how it will be used, how it is protected and what happens if you decline to share it. If you believe your Social Security number has been compromised, contact the Social Security Administration fraud line, 800-269-0271.
  • Obtain credit monitoring for yourself and your family. There are numerous companies that will monitor your credit, your accounts, Internet usage and social media for suspicious or criminal activity. These companies will alert you about changes to your credit—one of the first signs of identity theft. For additional fees, they will also monitor your children’s SSNs.

Identity Theft Applies to Email, Too

If you think identity theft just happens via online shopping and nefarious hacking, think again. Your email can offer identity thieves just what they are looking for – banking information, communications with credit card issuers, a list of charities you support and more. In addition, email is where hackers can find full names, birthdays, account numbers, receipts and medical correspondence—all neatly stored in e-mail folders.

To help protect your sensitive personal information from cyber threat, consider these important dos and don’ts.

Do:

  • Use only a private, secure network to access, send, or read e-mail messages that contain sensitive information.
  • Use multifactor authentication to add another layer of verification to mask your online activity. When you log in, after entering your username and password, a code will be sent to your smartphone. You will need to provide that code before you can access your account. Even if your username and password are compromised, unless a hacker has your phone, he or she wouldn’t readily be able to get into your e-mail account if you use multifactor authentication.
  • Audit your messages. Retain as little information about yourself as possible in your account so that a potential hacker couldn’t obtain enough personal data to con you (or those you know) or to steal your identity. Regularly discard messages from your inbox, which is particularly important if you use paperless billing and receive e-statements from your financial institutions. A best practice is to delete the pertinent e-mails once you complete online financial business. Regularly delete items in your Trash, Sent and Spam folders as well.

Don’t:

  • Check your e-mail on a public Wi-Fi network. Hackers can easily “sniff” your activity on public networks – reading your e-mails, looking around in your online accounts account and capturing keystrokes to mimic your log-in credentials.
  • Use the same password for different accounts. When you open an online account with a company, the company will likely use your e-mail address as your username for the account. Because so many organizations follow this practice, if a cybercriminal obtains your personal e-mail address, he or she could be a giant step closer to accessing your entire digital “world.” He or she might then attempt to crack your password and break into your various online accounts. Be safe and create a different password for each online account you open.

Taking these recommended precautions online and in the real world will help you protect yourself and your family from identity thieves who want to use your personal information for their gain. If you would like additional information about any of the strategies and steps outlined in this article, contact Atlanta Financial Associates at (770) 261-5380 or visit www.atlantafinancial.com.


1Identity Theft: How to Protect Yourself Against the Fastest Growing Crime in America. CEO Advisor Institute. Oppenheimer Funds.
2CyLab Report. Carnegie Mellon University.
3Identity Theft: How to Protect Yourself Against the Fastest Growing Crime in America. CEO Advisor Institute. Oppenheimer Funds.
4These States are More Vulnerable to Identity Theft and Fraud. Money Magazine.

Hear how Atlanta Financial makes life’s journey richer.

Atlanta Financial TV is home to a variety of videos that allow clients and associates to share our knowledge, insight and experience. Tune in to learn more about our approach to comprehensive wealth management.

WATCH AFA TV