As you may have read in the news, cyber criminals have stolen 143 million credit records in a recent hacking incident at credit bureau Equifax.
From what we have read, when personal information is stolen, the likeliest way that cyber thieves will use this information is by sending you emails or calling you and using that information to trick you. You need to watch out for the following things:
- “Phishing” emails that claim to be from Equifax
- “Phishing” emails that claim there is a problem with a credit card, your credit record, or other personal financial information
- Calls from scammers who claim they are from your bank or credit union
- Fraudulent charges on any credit card because your identity was stolen
Here are some things you can do, in light of this hack, to prevent identity theft:
- Use different, complex passwords for each of your accounts. (This may require buying a password-management program like LastPass or Dashlane.)
- Enable “two-factor authentication” on all of your accounts that offer it – bank / financial accounts and social media accounts in particular. With two-factor authentication, a random code is sent to your smartphone whenever you attempt to log into a site. This prevents someone with only your username and password from gaining access, since the additional code needs to be entered, and that code only goes to you.
- Take caution with emails that appear to be from legitimate financial institutions. When in doubt, call the provider directly or log onto their website (avoid public Wi-Fi when doing so!) to check your accounts.
- Take the credit monitoring offered by Equifax. Visit EquifaxSecurity2017.com to begin the enrollment process.
- Check bank and credit card statements frequently for any unauthorized activity. Also check medical bills and explanation-of-benefits forms for charges you don’t recognize from your health insurer.
- Check your credit report, available for free annually via annualcreditreport.com. Be on the lookout for accounts you don’t recognize.
Beyond these steps, there are two additional actions that you can take.
- Place a fraud alert on your credit reports. If you are concerned about identity theft but haven’t yet become a victim, an initial fraud alert can protect your credit from unverified access for at least 90 days. Fraud alerts are free – simply contact any one of the three credit bureaus (Experian, TransUnion, or Equifax). The one you call must tell the other two, and they in turn will place a fraud alert on their version of your credit report.
- For even stronger protection, consider a credit freeze, also called a security freeze. A credit freeze restricts access to your credit report, which means accounts which require access to your credit report cannot be opened in your name. A credit freeze costs $5 to $10, and you must contact each of the three credit bureaus to freeze credit. If you need credit in the future, you will need to call and have the credit freeze temporarily lifted, which can take up to three business days. The cost to lift the freeze varies by state (in California, it costs $10 to lift a freeze if you are under 65, or $5 if you are 65 or older).
You will need to weigh the cost and inconvenience of the credit freeze, which gets you stronger protection compared to the fraud alert, in order to decide which of those you would prefer. Click here for a very helpful information sheet outlining the pros and cons of Fraud Alerts vs. Credit Freezes.
If you are the victim of identity theft, you can contact the Identity Theft Resource Center at 888-400-5530 (or visit www.idtheftcenter.org) for assistance in resolving identity-theft issues.
With any luck, you will get ahead of the cyber thieves with these steps.
Questions or comments? Contact me on Twitter @juanros or LinkedIn.
Sources of information cited here:
Federal Trade Commission:
Wall Street Journal:
Identity Theft Resource Center:
California Attorney General: