Written by Dr. Barbara O’Neill (Rutgers Cooperative Extension). Shared on iGrow by Lorna Saboe-Wounded Head.
Ever since the Equifax hack was announced on September 7, 2017, the phrase “be vigilant” has been used with little or no explanation about how to actually do this. According to online dictionaries, vigilant means “being on the lookout for danger” or “being keenly watchful and ever alert.” That sounds fine, but the reality is personal identification information (PII) of 143 million people is now “out there” forever.
What to do? Convert vague advice into concrete action steps that can be practiced for the remainder of your life. Why? Hacked data can remain dormant for years before it is actually misused. In addition, people can only take action to stop new credit account fraud. Other frauds, unfortunately, can only be detected after they happen. Proactive measures such as fraud alerts on credit cards and credit freezes will also not deter non-credit related frauds such as tax refund identity theft and health insurance fraud.
25 Tips to Stay Vigilant
Below are 25 vigilant practices to help protect your personal information:
- Carefully Review Credit Card Statements.
Look for unauthorized charges and/or unknown merchants. Especially beware of small charges (e.g., $1) that fraudsters may make in anticipation of larger charges later and suspicious recurring charges for products or services that were not purchased.
- Carefully Review Bank Account Statements.
Look for unauthorized withdrawals and account transfers.
- Reconcile Your Checkbook Monthly.
Look for unauthorized transactions and checks with changed payees.
- Secure Your Debit Cards.
Know that it can take weeks to recover funds that are stolen from a bank account.
- Use Credit Cards Instead of Debit Cards.
Do this for better fraud protection and to postpone payment for a purchase.
- Secure Your Checkbook.
Keep it out of plain sight at home and immediately report missing checks to your bank.
- Consider a Credit Freeze.
Prevent lenders from reviewing your credit to head off new fraudulent accounts being opened in your name.
- Use Strong Computer Passwords.
Don’t use your birth date because this information has now been exposed.
- Shred Personal Documents.
Use a crosscut shredder to destroy old credit card, bank, and brokerage firm statements.
- Check Your Credit Report.
Request one credit report every four months on a rotating basis from the “Big Three” credit bureaus (Experian, Equifax, and TransUnion) on the Annual Credit Report website.
- Monitor Your Credit Score.
Look for a sharp drop in your credit score, which could indicate fraudulent activity.
- Never Let Your Cards Out of Sight.
Use credit and debit cards for payment only where you can swipe them yourself. For gasoline and restaurant meals, pay at a cash register or keep attendants and servers in sight.
- Secure Electronic Devices.
Put passwords on laptops, tablets, and phones if used for financial transactions.
- Practice Digital Security.
Guard passwords, PINs, security questions, and other account login information.
- Secure Sensitive Data at Home.
Do this especially when contractors, caregivers, and others have unsupervised access.
- Smash Old PC Hard Drives and Cell Phones.
Do this to assure that sensitive saved data cannot be misused.
- Beware of Phishing Frauds.
Delete suspicious e-mails and text messages that request PII and/or payment. Remember that future phishing schemes may be more personalized as a result of PII stolen in the Equifax hack.
- Avoid Remote ATMs.
Do not use ATMs far from bank cameras that may have skimming devices attached to steal PII.
- Beware Public Wi-Fi Connections.
Don’t use unprotected Wi-Fi for purchases or banking transactions.
- Take Advantage of Free Credit Monitoring.
Sign up for post-hack credit monitoring, when offered. It doesn’t cost you anything and will save on regular costs that typically range around $120 to $150 per year.
- File Your Income Taxes Early.
Beat fraudsters to your tax refund They now have the name, address, and Social Security number of 143 million Americans, which is everything needed to file a fraudulent tax return.
- Avoid Over-Withholding.
Adjust your tax withholding at work, using a new W-4 form, to get a smaller refund or no refund. If self-employed, adjust estimated tax payments. By doing this, you’ll have little or no money stolen if someone uses your PII to claim a fraudulent tax refund
- Look for Suspicious Activity.
Beware of “red flags” for tax ID theft such as a tax notice from an unknown employer. If you receive such a notice, contact the employer to explain that someone stole your identity.
- Beware of Phony IRS Pretexting.
Remember that the IRS rarely contacts taxpayers by phone and never by e-mail. Remember, the Equifax frausters have lots of information to sound convincing so delete or hang up.
- Review Medical Bills and Explanation of Benefits (EOB) Statements.
Scrutinize bills and EOBs to look for medical services that were not received by you. Medical identity theft is very serious and can potentially lead to death if a fraudster’s medical history (e.g., blood type and allergies) is co-mingled with a victim’s.
Many of the above actions can become personal habits or “decision rules” that you simply adopt as a matter of practice (e.g., checking credit reports and bank statements). Others can be implemented on an “as needed” basis (e.g., smashing hard drives). The next time someone says “be vigilant” about protecting your identity, don’t brush it off. Take positive action to protect yourself against future frauds and to detect possible fraud from your data that was stolen from Equifax.
Additional Resource: Data Breaches, Credit Freezes, and Vigilance