In Part 1 of this article, we covered a number of ways identity thieves and hackers are actively trying to obtain our personal information—whether by scams that target us individually or larger schemes that access our information via hacking government or big business databases. This week we want to educate people about how to protect your information and implement defensive practices to prevent costly identity theft and safeguard your financial assets.
In a perfect world, we would treat our personal information as if it were a closely guarded national secret. Unfortunately, most people hand over their personal information and documents to just about anyone who asks. This poses unnecessary risk for two reasons:
- By providing too much of your personal information—even to legitimate businesses and government agencies—you run the risk of your information getting compromised when those businesses or agencies are hacked. As we have seen in the news lately, the frequency of these attacks and the amount of personal data that is stolen is alarming.
- When you are in the habit of rattling off many of your personal details when asked, you may not be taking the time and care you should in demanding to know who is asking and why.
You should always know to whom you are providing your personal data, and once you have verified that the individual, business or agency requesting your personal information is legitimate, you should ask why they require it.
Does a retailer want your zip code to sell it to a direct marketer or help verify that your transaction is legitimate? Does your dentist need your social security number to clean your teeth? Or are they collecting this information out of habit or for internal filing practices?
You have both a right and an obligation to question why this data is being collected. If someone is requesting your Social Security number, ask for a written statement documenting why they believe they are legally entitled to obtain it. You will often find that if you refuse to provide your personal information, the business or agency will still provide the service you seek.
Your goal is to reduce the number of people, businesses and government agencies that have your personal information in order to reduce the odds of your information falling into the hands of an identity thief.
Now that you have changed your ways, here are some additional tools that you should be aware of:
➢ Opt out of pre-screened credit offers. The official Consumer Credit Reporting Industry web site that processes requests from consumers to opt in or out of credit card offers is www.optoutprescreen.com or you can call 888-567-8688.
➢ Thieves call trash day “cash day.” Every household should own a quality cross-cut shredder.
➢ Secure your mail:
o Use a PO Box if you are frequently out of town.
o Use direct deposit and on-line bill pay.
o Have banking, insurance and investment statements delivered electronically
o Deposit outgoing mail in secure Postal Service boxes (Remember outgoing mail is more valuable to a thief.)
➢ Secure your home. Personal information should be stored in a safe or safety deposit box. A substantial number of identity theft incidents are perpetrated by offenders the victim knows or by individuals who have been invited into the home to perform a service.
➢ Practice common Internet sense.
o Never trust and email you did not request that instructs you to provide information to obtain a benefit or secure/re-activate an account. If you do open an email requesting your personal information do not click on the link. No legitimate, reputable business will ever send and unsolicited email requesting this type of information from you.
o Become more diligent when you select a website from a Google/Yahoo/Bing search. Make sure that the website address is legitimate by verifying the URL address in the web address bar located at the top of the page. If something looks suspicious close the browser.
o Do not use a credit card on an unverified site. Make sure the lock emblem appears in the right hand corner of your web status bar.
➢ When traveling abroad (where skimming is prevalent), consider using a pre-paid credit card for purchases. The only liability is the amount on the card—not your identity.
➢ Few merchants ever verify credit cards with your photo ID these days, but writing CID in the signature box is still a good idea.
➢ RFID credit card sleeves and wallets There are literally thousands of these on the market and from my research, some seem to work and some don’t. A proper RFID blocker will utilize something called a “Faraday cage” and it should specify that it is “electromagnetically opaque.” By the end of 2015 most credit card companies plan to add a further layer of encryption that may render these wallets unnecessary.
➢ Of the credit cards on the market, American Express appears to have the most sophisticated algorithms in place to detect fraudulent purchases. Personally, my AMEX has been fraudulently used 4 times and AMEX has always caught the charge well before we would have detected it (or not) on a statement.
➢ The most important way to minimize damage from identity theft is regular credit monitoring. But with what frequency? Your credit can change daily and fraud can occur at any time. And are you really going to be as on top of it as you should be? There are companies who will monitor your credit for you, alert you if applications for credit are made in your name, provide SSN fraud detection, identity theft recovery protection, as well as a host of other helpful practices (they will also reduce pre-screen credit applications). ID Shield, LifeLock and the credit bureaus offer these services. Think of it as insurance. Take a moment to research the companies and compare their offers of protection.
Bottom line: Identity theft is costly and time consuming. Pay attention, stop giving your information to anyone who asks for it, and buy some insurance. Odds are that a company who has your information (health insurers, cable/internet/phone providers, major retailers) will be hacked at some point.