Protect Against Identity Theft – A Comprehensive Guide

11 Steps to Protect Against Identity Theft (Plus a bonus)

What do Equifax, Target, and Verizon all have in common?

Their customers’ personal information has been exposed to criminals. This might include you.

Data breaches seem to occur with so much frequency it’s almost expected.

The frequency of data breaches has distilled the perceived impact it can have on you. The fact is … you need to take action to protect yourself from cybercriminals. Your time and money are at risk.

I created this guide to save you time, money, and stress.

What is Identity Theft?

Identity theft is when somebody uses your identity without your knowledge. This can be a stranger or a family member.

These criminals can use your name, date-of-birth, social security number, or credit card number. These personal identifiers will allow criminals to open new credit, purchase cell-phones, or any other goods without your permission.

Ultimately, identity theft could be any of the following:

  • Character Identity Theft
  • Theft of your Social Security Number
  • Medical Identity Theft
  • Driver’s License Identity Theft
  • Credit Identity Theft

In 1998, Congress passed the Identity Theft and Assumption Deterrence Act (18 U.S.C 1028) to make identity theft a federal felony.

Federal punishment is great, but it can’t return the time you lose from identity theft.

What should you do to protect yourself against identity theft?

Listed below are 11 strategies that will protect you from losing your identity. Losing your time. Losing your money. Implementing these strategies does not guarantee you are protected. These strategies guarantee you are a smarter, more prepared consumer. You will not stand by, passively waiting to see if you get dinged by the next data breach. These tools will make you a difficult target for identity theft crime.

Common Sense Approach

Never give out your Social Security or other personal information to strangers who call, text, or email you no matter how legitimate it seems.

Keep your physical items like a wallet or purse near you. Your Social Security number should never be carried with you daily. Same for your rarely used credit cards, written password list, or other personal identification numbers.

On the back of credit cards, instead of your signature write, “Check photo ID.” This will ensure that only the person with your ID can do the transaction.

Shred financial account statements, medical records, and tax filings when it’s no longer needed. While you need it, store it somewhere safe.

Be skeptical and stay alert.

Check Your FREE Annual Credit Report

If you watch TV or flip through magazines you will see advertisements promising to show you your free credit score. While this is not fake news, it is not something you should pursue.

First, your credit score isn’t what’s important in protecting your identity. Your credit report is what is important. Your credit report tracks your credit history. If a criminal opened a fictitious account under your identity, you will find it on your credit report.

There is only one true way to receive your free credit report: AnnualCreditReport.com

Everything else is a waste of your time and money. AnnualCreditReport.com allows you access to a free credit report from all three major reporting companies.

It will take around 30 minutes to access and scan through your credit reports.

Make it an annual occurrence to review your report. For example, after you gather your tax documents go out and review your credit reports.

Consider a Credit Freeze

If you are not seeking new credit then consider a credit freeze. When you use a credit freeze, a new line of credit can only be opened when your account is thawed.

Victims of identity theft can thaw and freeze their credit for free anywhere in the United States. Non-victims might have to pay $10 per credit reporting agency ($30 total) to freeze their credit.

This step takes 15-30 minutes to do.

The downside of a credit freeze is that it takes time to thaw your account. You will need to be proactive in your pursuit for new credit. New credit includes purchasing a new cell phone, obtaining new employment, signing up for Social Security, and many other changes. To thaw your credit you will need to provide your unique PIN that was assigned to you when you froze your account.

Yes, this is a hurdle, but the outcome to focus on is protecting your identity. It’s also an awesome way to prevent you from applying for spur-of-the-moment store credit card offers!

Here are links to each reporting agencies online credit freeze application:

BONUS TIP: Your kids can be victims of identity theft. Worse yet… you may not find out until you are applying for student loans. During the application process, you could discover that your application is rejected because your kid is a 35-year-old with 15 credit cards and thousands of debt. Not cool!
Your kid is a perfect candidate for a credit freeze. They don’t need credit until they are near 18, so the freeze and thaw process shouldn’t be a concern.
On the flip side, consider your elderly parents or grandparents for a credit freeze. At some point in life, the need for debt might go away completely. Cognitive decline or not, financial elder abuse is an easy target for criminals.
Turn on Free Fraud Alerts

Your credit card company probably offers free credit monitoring or fraud alerts. Sign-up for it!

My first job out of college required me to travel for work. I ate lunch at a small diner in a small town. A few days later I was back at my desk and my credit card company called me. The call was to confirm where I was currently located. After confirming my location they stated that a $400 fraudulent transaction occurred. Hooray for fraud alerts!

It didn’t cost me a penny and didn’t take any additional time. The credit card company took care of everything. It was great.

You can also turn on fraud alerts for TransUnion, Equifax, and Experian. These only last 90 days unless you are a victim of fraud or on active duty. It’s a less restrictive option than the credit freeze. If you are in the process of obtaining loans then this is a method of protection you should consider.

Avoid Paid Credit Monitoring Services

The alternative to a credit freeze and fraud alerts is credit monitoring. Credit monitoring is a paid service that is a duplication of the cheaper alternatives.

Credit monitoring services are $120 – $300 a year. A credit freeze is up to $30 per freeze. Fraud alerts from your credit card company are free. You could thaw and freeze 4 times during the year to break-even on this transaction.

Only use a credit monitoring system if you refuse to complete any other steps recommended in this guide. While it’s better than nothing, you can do better yourself.

Passwords, Passwords, Passwords!

Our lives have moved to the cloud. It’s nearly impossible not to have some presence online.

The swath of online accounts we have, means we have to keep track of a whole bunch of passwords. In fact, different websites have different password requirements. This makes using the same password for multiple accounts very unlikely.

To manage your passwords safely and effectively there are two recommended paths:

  1. Use a fixed password with a special identifier for each website
  2. Use a password keeper

Technology consultant and contributor to the Journal of Accountancy, J. Carlton Collins, inspires Path 1. In his words here is his strategy:

All of my passwords start with the same lengthy prefix, such as a childhood telephone number, for example, 9126364242 (this is not the actual prefix I use). Next, my passwords all include the name of the account, such as Delta, Amazon, or AICPA. Finally, each of my passwords ends with a four-digit personal identification number (PIN). The results are strong lengthy passwords that I have a good chance of remembering, such as the examples shown below (which are not my actual passwords):

Delta account password: 9126364242delta7543

Amazon account password: 9126364242amazon9312

AICPA account password: 9126364242aicpa2209

Using this approach, the bold PINs are all I need to remember, and because hackers don’t know the actual lengthy prefix I use, these passwords are very strong. With 263 active passwords on my list, this structured approach gives me a fighting chance of remembering many of them. Because uppercase and special characters are more difficult characters to type (especially on a smartphone device), I avoid these types of characters unless they are required.

Path 2 requires you to only remember one password through the use of a password keeper.

The use of a password keeper means that you will only need to remember one password. The password to your password keeper. Once you gain access to your password keeper you make a few clicks and you can log into any of your favorite websites.

Here are a few suggestions to get you started:

Protecting your password is really important. These are two really easy systems you can implement to protect yourself now.

Don’t forget to secure your cell phone. This is a device you take with you everywhere. It’s also likely you don’t log out of your accounts. This means anybody could pick up your phone and have access to your accounts!

Opt-out of Unsolicited Credit-Card Offers

Are you sick of the endless amount of credit card offers in your mailbox? I was too.

There is a way to get out of that mess by visiting OptOutPrescreen.com or calling 888-567-8688. It will take a few weeks for the mailers to stop. Once your request is recorded you will be shocked at how much less mail you receive.

Opting out of unsolicited credit card offers not only reduces your chance for identity theft… it simplifies your mailbox. There will be much less paper coming your way, which makes this an eco-friendly strategy as well.

Monitor Your Accounts

The best single piece of advice for managing personal finances is to monitor your accounts. Create awareness of where your money is going and what you’re buying.

This awareness is also an awesome strategy to protecting yourself from identity theft. It even worked for me!

During my normal Sunday evening cruise through my accounts, I noticed a $350 and $450 purchase from Best Buy. Sitting on the other end of the couch I asked my wife… what did you buy for $800 at Best Buy!?

Of course, she didn’t buy anything… a criminal made a purchase with my credit card! If you remember back to my story earlier, the credit card company caught the fraudulent purchase on my account and gave me a call. This was easy for them to notice because that purchase occurred in a state I wasn’t in.

In this situation, the purchase was at my local Best Buy. If I wasn’t monitoring my account I could have bought that criminal an expensive cell phone. Not my idea of how I want to spend my money! Boo to fraud alerts!

Thankfully the credit card company took care of the situation with no harm to my wallet.

Monitor your account!

React Immediately

After realizing fraudulent purchases were made on my account, I immediately called my credit card company’s fraud services team. They were very helpful during the process and grateful for my quick response.

Within a few days, I had my accounts frozen with Transunion, Equifax, and Experian. Fraud alerts were turned on for all of my accounts allowing it. Additionally, I filed a report with my local police department and FTC.

These steps increased the chances of resolving the fraud quickly at no monetary cost. It also reduced the risk that any long-term identity theft would occur.

Don’t hesitate if you see something suspicious. It’s better to act immediately and be wrong then to stand by and wish you had acted sooner.

File your Taxes Early

Tax refund fraud is a huge problem for the IRS and taxpayers. Billions of dollars in refunds are at risk every year.

The criminals file for refunds under your name and social security number very early into filing season. To avoid being a statistic do your best to file early during the season. The earlier you file, the more likely you are to protect yourself from becoming a victim.

Tax refund fraud isn’t recognized until you go to file your tax return. Your tax preparer will go to file your tax return electronically and BAM it’s rejected. At that point, you need to take the appropriate steps to clean up your identity theft and file your tax return by paper.

In my experience, the IRS has been great at issuing refunds to you, although not in an efficient manner. I’m aware of one victim who waited 13 months to receive his refund!

One tool the IRS uses to protect against identity theft is the Identity Protection PIN. As of 2017, this isn’t open to everybody. First, you have to be a victim of identity theft with the IRS (i.e. tax refund fraud) or live in Florida, Georgia, or District of Columbia.

Once you have an IP PIN your tax return is only allowed to be filed with that included on the electronic tax return.

Don’t use your debit card

A common piece of advice is that you should not have credit cards. You should only use a debit card or cash. This advice is great for budget reasons. It is horrible for protecting your identity.

Why? When a fraudulent transaction occurs on your credit card you will not receive an immediate financial hit. Your credit card company will sort things out, and you won’t need to hand over any cash. On a debit card, the transaction occurs immediately causing cash to leave your account.

Debit cards also leave your entire bank account balance exposed. This could be catastrophic to your financial situation.

If you are lucky enough to report the fraud within two business days, you won’t be responsible for more than $50 of an unauthorized transaction. Yet, it could take more time to get the money back into your account, which could delay your ability to pay important bills.

BONUS SECTION: Calling all business owners!

Running a business adds a new layer of transactions and exposure. A normal consumer might make a few dozen transactions every month. A normal consumer who runs a business may double or triple the usual number of transactions.

On top of the number of transactions, business owners work with online and offline vendors. If big companies like Target, Verizon, or Equifax aren’t exempt from data breaches, how safe are your local vendors?

Does ABC, LLC have a cyber-security plan in place? They aren’t as big of a target as a company like Target. Yet, they are a target. Amateur hackers could test out their skills against your local vendor. Any information you have at that business could be exposed.

Do business with your EIN

Now that you know there is a risk when doing business with a local vendor… apply for an Employer Identification Number (EIN).

An EIN is a free identification number provided by the IRS.

** Don’t overlook the fact that’s free! If you search “IRS EIN” you will find websites that charge you to apply for the EIN. Don’t pay them anything! If you’re not comfortable applying for one, then pay a respected CPA, EA, CFP, or Attorney for their time to help you obtain one.**

Whenever you communicate with a vendor use the EIN, not your Social Security Number.

At a minimum, you may need to provide a 1099-MISC to an independent contractor, which requires an identification number. Why list your Social Security Number when you could list a free EIN?

Keep up-to-date records

Staying up to date with your accounting records is important in business management and protecting against fraud. Running a business is no different than your personal finances in this regard.

A healthy bottom line requires good financial management. It also requires avoiding costly fraudulent transactions.

Monthly bank reconciliations and constant reviews of your accounts will help this. Your life is too busy to find time to combat fraudulent charges.

Perform a Cyber-Security Risk Assessment

It takes years to build a reputation. It takes a second to shatter a reputation.

A successful business owner relies on the trust of customers. Once that trust is broken, the success of your business could follow the same fate.

Target, Verizon, and Equifax are large companies whose customers lack real alternatives to replace them. Is your business alternative proof? If not, then consider a cyber-security risk assessment to learn how much of your customer’s data is at risk, then implement the needed safeguards.

Stay safe out there!

___________________________________________________________________________________________

Do you want to understand how to make your money work for you and keep more of what you have earned? 

Reach out to me at nbyers@jbcwealthadvisors.com or schedule a free consultation.

___________________________________________________________________________________________

Disclaimer: This article is provided for general information and illustration purposes only. Nothing contained in the material constitutes tax advice, a recommendation for purchase or sale of any security, or investment advisory services. I encourage you to consult a financial planner, accountant, and/or legal counsel for advice specific to your situation. Reproduction of this material is prohibited without written permission from Nate Byers a Madison, WI CPA Financial Advisor,  and all rights are reserved. Read the full Disclaimer in the footer below.