Identity theft. Stolen credit card numbers. Hacks. Fraud.
If you’ve been watching the news lately, you probably already know that monitoring your information and accounts is more important than ever.
Recently, we’ve seen an unprecedented number of headlines about data theft. 2016 was a record year for data breaches, with a 40% increase from the year before. In a world where our information is increasingly digital, and potentially accessible by the “bad guys,” do you know how to take control of your information and identity?
Well, there’s good news and bad news. Starting with the bad, there’s no way to completely prevent identity theft (short of living in the woods and burying your money in a hole). The good news is that there are a few quick steps you can take now, to help protect yourself and keep tabs on your data.
1. Monitor Your Credit
It goes without saying that staying on top of your credit is key. You should know if someone tries to open a new loan account in your name or worse, has used your information to default on a loan.
Once a year, you can get a free copy of your credit report from the three major bureaus (Experian®, Equifax®, TransUnion®) at annualcreditreport.com. It’s important to review all three reports—some lenders don’t report to every bureau, so they may have different information. Read through each report carefully and make sure you recognize the accounts. If something strange turns up, start by contacting the lender to investigate. For more info, take a look at this article on checking your credit report.
It’s also helpful to enroll in a free credit monitoring service, like CreditWise® from Capital One. You don’t need to be a Capital One customer to enroll—and CreditWise gives you free access to your credit score and your TransUnion credit report, both of which are updated weekly. There are several credit monitoring services out there and most will alert you if a new account is opened in your name, or if something meaningful changes on your credit report. And if you catch something that looks like an error or fraud, they may be able to help you figure out what to do about it.
2. Put Fraud Alerts on Your Credit Report or Freeze Your Credit
What do you do if you think there’s fraud on your accounts? Rather than punching a wall or yelling incessantly, you have more constructive options. If you are (or think you might be) the victim of identity theft, you can put a fraud alert on your credit reports to let potential creditors or lenders know what’s going on. Once they know, they may be able to help protect you by taking extra steps to verify your identity before issuing credit in your name.
You only need to notify one of the three credit reporting companies to put a fraud alert on your credit report and they’re required to tell the other two companies. Make sure you keep copies of all letters and renew the alert every 90 days until the issue is resolved. You can also check out the Federal Trade Commission’s website for more information.
And, if you think you could be the victim of identity theft, consider a credit freeze. This is a tool that lets you restrict access to your credit report. And since most creditors need to see your credit report before they’ll let someone open a new account, this could make it harder for potential thieves to apply for credit or open accounts in your name. You can find out more about credit freezes here.
3. Sign Up for Purchase Notifications
Many banks and credit card companies let you to sign up for instant push notifications that’ll let you know when your credit card is used to make a purchase. This might sound annoying, but try it—you’ll be glad you did.
You can see immediately when your card is used. If you made the purchase, great—you can make sure the merchant charged you the right amount. If you didn’t, then you can quickly take steps to shut down the card and get a new one. And while most major credit card companies don’t hold you liable for the losses if the fraud happened on a credit card and you report it quickly, it’s nice to put a stop to it after a single questionable transaction instead of finding thirty of them on your monthly statement.
Also, some credit card companies allow you to lock and unlock your credit card through their mobile apps. This is a super-cool feature. When you can’t find your card, or see an unexpected transaction, you can lock down the card right away. And if your card was hiding in yesterday’s pants or the weird transaction was just something that slipped your mind, it’s easy to reverse.
4. Use A Different Password for Every Account
I know this sounds painful, but it doesn’t have to be. It’s hard to remember multiple passwords, and super frustrating when you mix them all up, but there are ways around it. And it’s better than the alternative.
- Use a password manager. Password managers can generate complex, encrypted passwords for each site you visit. You only need to know a single master password to access all of your passwords through the software and it can autofill your login credentials to save time.
- Tie something from each site to that account’s password. For example, once you build a strong password, you could also add the first 3 characters of each website to your password for that site. If you did this for every account, you’d still be able to remember your password, but help ensure that no 2 are identical. (Of course, there would be the few sites that start with the same 3 letters, but you get what I’m going for). At the very least, this is better than using the same password or forgetting your password all the time.
5. Be Suspicious of Emails or Phone Calls Asking for Your Information
Phishing is when a fraudster tries to contact you while claiming to be your bank, electric company, or anyone else you might trust enough to share your personal information. Fraudsters are getting more and more convincing, so phishing can be tough to spot. Here are a few things to keep an eye out for:
- Generic emails sent to “Mr./Mrs.,” “Sir/Madame,” etc., instead of your legal name
- Over the phone, the caller asks you to validate your information with a Social Security Number or account number, but they don’t provide any information specific to your account
- Email addresses that don’t match the name of the company supposedly sending you the email.
- Emails with a link asking you to provide information without signing in through the secure site you typically use to access your account. Or, the link leads to a site that looks familiar, but the web address is incorrect or may have subtle differences.
If you experience any of the above, don’t risk responding directly. If you have questions or concerns, contact the company through their official website or phone number to ask about the suspicious message.
While fraud and data breaches are on the rise, so are your options in helping to defend yourself. And the best part is that you’re not alone in the fight. There are several organizations out there that offer sophisticated tools and tips that make it easier to stay on top of fraud than you might think. Bottom line: by adopting these few simple habits, you can play a big part in safeguarding your identity and reducing the impact of fraudsters.
Data breaches can impact small businesses, too. If you’re a business owner, check out our guide to learn how to help protect your sensitive data.