In 2024 the Federal Trade Commission (FTC) received more than 1.4 million reports of identity theft and according to Javelin Strategy & Research, $52 billion dollars was stolen from Americans by identity thieves that same year.
The most important actions you can take to protect yourself from identity theft is assuring your personal and confidential information is secure, whether it is on paper, online, stored on your computer or on a mobile device.
Here are some steps you can take to protect yourself and keep your information secure.
Freeze Your Credit
A credit freeze, also known as a security freeze, is one of the best ways to prevent fraud and identity theft. When your credit is frozen it limits access to your credit reports unless you lift the freeze, or “thaw” your credit. Limiting access to your credit report makes it significantly harder for creditors and lenders to access your files, this prevents criminals from opening accounts in your name.
In 2018 the Economic Growth, Regulatory Relief and Consumer Protection Act, was passed which requires all credit freezes to be free of charge. A credit freeze will not impact your credit score.
Freeze your credit at the major bureaus Equifax, Experian, Transunion and Innovis. This can be done online, by phone or through the mail.
You will need to provide your full name, address, Social Security number, birth date and other personal information. You’ll be asked a few questions to verify your identity and then be asked to create a PIN.
Keep your PIN and other information they provide in a secure location, you will need this to access your account and manage the freeze.
You can temporarily or permanently unfreeze your credit online, by phone or by mail.
Check your credit reports regularly. You can use sites like Credit Karma and Credit Sesame to view your credit scores.
You are entitled to a free copy of your credit reports at the three major credit bureaus, Equifax, Experian and Transunion. Go to http://AnnualCreditReport.com to request your reports.
A credit freeze is not the same as a credit lock. While both add a level of protection a credit freeze provides more legal protection and are generally harder than credit locks for identity thieves to remove.
Place a Fraud Alert on Your Accounts
A fraud alert does not block access to your credit reports like a credit freeze does, instead it notifies potential lenders to take additional verification steps to verify the applicant’s identity before issuing lines of credit, which may involve the creditor contacting the applicant by phone to verify their identity.
There are three types of fraud alerts. An initial fraud alert, also referred to as temporary fraud alerts because they expire after one year. Everyone has the right to add these to their credit reports, when in place a fraud alert asks creditors to take extra precautions to verify the identity of the person making a request for credit. An extended fraud alert is available if you have been a victim of credit fraud or identity theft. You may need to provide documentation that you have been the victim of identity theft when requesting an extended fraud alert. An extended fraud alert will last seven years. The extended fraud alert requires creditors to contact you before issuing credit in your name. An active-duty alert is available only to active-duty service members, they expire after a year and ask creditors to have a reasonable belief that they know the identity of the person making a request.
When you request a fraud alert with one credit bureau, the alert will be added to all three major credit bureaus, Equifax, Transunion and Experian. Visit one agency and request the alert and that agency will notify the others. You can add the alert by phone or by visiting the credit bureaus website. Equifax (888-766-0008), Experian (888-397-3742), and TransUnion (800-680-7289).
Get an Identity Protection PIN (IP PIN)
The IRS offers a free security tool, the Identity Protection PIN (IP PIN) this is a six-digit number that is known only to you and the IRS. It adds a layer of security to your account. The PIN is used to verify your identity with the IRS.
Identity theft is ubiquitous, in 2022 there were 5.7 million reports of fraud and identity theft in the United States. About 1 out of 3 Americans have been victims of identity fraud.
The IRS identified $5.7 billion in tax fraud in 2022, and there were nearly 8 million reports of suspicious tax-season activities.
The Electronic Tax Administration Advisory Committee called the IP PIN, “The number one security tool currently available to taxpayers from the IRS.”
When you file your taxes either electronically or by mail if you have been assigned an IP PIN, you will use that to prove your identity when filing. This prevents fraud by ensuring that someone else does not file a tax return in your name.
To request an IP PIN you must create an account with the IRS
Once you have created your account you can use the online IP PIN tool to request your IP PIN. The IP PIN is good for one year, a new IP PIN will be assigned to you each year.
Keep your IP PIN in a safe location and don’t share it with anyone except a trusted tax professional and the IRS. The IRS will never ask for your IP PIN by phone, email or text, if you receive this type of request, it is a scam. Do not respond.
Once you have been assigned an IP PIN it must be provided when you file your tax return. If you file electronically and don’t provide your IP PIN your return will be rejected, if you file by mail and don’t include your IP PIN the IRS will require additional screening to validate your identity. If you file using tax software enter the IP PIN when processing your return, if a tax professional files for you provide them with the IP PIN. The IP PIN will be used only on Forms 1040, 1040-NR, 1040-PR, 1040-SR, and 1040-SS.
If you cannot remember your IP PIN, log back in to the get an IP PIN tool to see your current IP PIN. If you have trouble viewing your IP PIN online, contact the IRS at 800-908-4490 to have your IP PIN reissued. You will be required to verify your identity. A new IP PIN will be mailed to you within 21 days.
Setting up an IP PIN number with the IRS helps to protect you against fraud and identity theft. It is just one more tool to use to protect yourself.
Opt Out to Prevent Credit Bureaus from Selling Your Data
Did you know that major credit bureaus, Equifax, Experian, Transunion and Innovis are legally allowed to sell and share your private data including your name, address, phone numbers and other personal details to any of their members who request and pay for the information? The credit bureaus collect personal information about you from banks, credit unions, credit card issuers, auto and mortgage lenders, debt collectors and others.
Lenders, credit card companies and other businesses buy the information and use it to determine your credit worthiness, known as prescreening. This is legal because of the Fair Credit Reporting Act (FCRA) The FCRA is a part of a group of acts contained in the Federal Consumer Credit Protection Act3 such as the Truth in Lending Act and the Fair Debt Collection Practices Act. It was implemented on April 25, 1971. https://files.consumerfinance.gov/f/documents/102012_cfpb_fair-credit-reporting-act-fcra_procedures.pdf
Once your information has been shared you will become the target of unsolicited calls, emails and mailings from credit card companies, lenders and other marketers.
You have the right to “opt-out” go to the Opt Out List and sign up. This will prevent the credit agencies from selling your credit information to others.
Add Your Phone Number to The Do Not Call List
Add your phone number to the “Do Not Call List”. This prevents unwanted sales calls from any industry. Go to the Federal Trade Commission (FTC) and sign up.
Set Up a Social Security Account
Setting up online access to your Social Security account offers many benefits and prevents cybercriminals from opening an account in your name. It is easy to do online.
Go to Social Security Administration
You will be asked a series of questions that only you should know the answers to. You will select a username and password and verify your account by entering a security code that they send to you.
If you have a credit freeze or fraud alert on your credit reports, you will be required to temporarily lift those to create your account. Once your Social Security account has been successfully created you can secure your credit accounts again.
If you don’t want to provide this information online, you can visit your local Social Security office in person, and they will assist you in setting up your account.
Registering for an account prevents someone else from setting up an account in your name. If you have been part of a data breach and your name, Social Security number and other personal information has been stolen a scammer can use that information to impersonate you.
There are many benefits to setting up a social security account, they include;
- Access to current and past statements.
- Estimate your monthly benefits if you claim them early or at the full retirement age.
- Update your contact information such as your address and phone number.
- Verify your lifetime earnings.
- Check for any errors in your statement and take the steps to correct any mistakes that are found.
- Setup direct deposits.
- Check the status of a pending claim.
- Request a verification letter as proof of income.
- Request replacement tax forms.
In the past Social Security mailed you a copy of your statement annually a few months before your birthday. They no longer do that. Now they only mail statements to workers aged 60 and older who do not have a “My Social Security Account” You can file a request to have your statement mailed to you. Go to Social Security Forms and fill out form SSA-7004. Social Security Forms
Social Security will never ask you to verify your identity by giving them your Social Security number over the phone or in a text message. They will never ask for your bank or credit card information. They will never ask you to send them money or any type of payment.
Set Up An E-Verify Account & Self-Lock Your Social Security Number
Self-Lock is a tool that allows you to lock your Social Security number when you have an E-Verify account. Self-Lock adds a layer of security to your Social Security number that can help to prevent employer related identity theft. Employer related identity theft happens when someone else tries to use your Social Security number and other private information to obtain a job. This can happen when someone wants to apply for a job, but they know they will not be able to pass the background check, or they don’t have the proper license or credentials to gain employment. For example, they may not be a legal citizen of the United States, or they are applying for a job that requires a license or degree that they don’t have.
If they are successful in stealing your identity and they get hired for the position their employment information including their wages could be reported in your name to the Internal Revenue Service and the Social Security Administration. When that happens, it may result in tax complications because their wages and tax obligations will be tied to your name. As a result, you could owe income tax or lose out on a refund. Your Social Security and Medicare benefits could also be impacted.
Additionally, you could suffer personal and financial harm if the person who stole your identity commits a crime or gains access to your financial accounts or opens financial accounts in your name.
When you use Self-Lock, it prevents someone else from using your SSN for an E-Verify case. According to the Social Security Administration “E-Verify is a free Internet based system operated by the Department of Homeland Security (DHS) in partnership with the Social Security Administration (SSA) that allows participating employers to electronically verify the employment eligibility of their newly hired employees”.
Employers use E-Verify to determine an employees United States citizenship status or their right to work for a company in the United States.
Once you setup Self-Lock if an employer tries to use your SSN in E-Verify to check your employment authorization it will result in an E-Verify Tentative Nonconfirmation (mismatch). You can unlock your SSN when applying for a job so that the employer can confirm your status and then lock it again once your status has been verified. Your Self- Lock remains in place as long as your account is active, and you have not unlocked your SSN.
To sign up for an E-Verify account go to https://myeverify.uscis.gov/
Click “Create Account” and then enter your email address. A confirmation email will be sent to the address. Open the email and click the link to verify.
Follow the steps to create your account, be sure to use a password manager or notebook to log all the information you enter which will include your password and security questions. Once your account is setup you can manage and lock your SSN.
Freeze Your ChexSystems Report
ChexSystems is a banking reporting agency that collects information about consumers use of checking and savings accounts.
The bureau maintains a report of your banking activity. Banks and credit unions can use the report when you apply for a new account. The report contains past banking activity. If your report contains negative information your application may be denied because the bank might consider you high risk.
Under the Fair Credit Reporting Act (FCRA), you are entitled to a free copy of your consumer disclosure report once every 12 months, the report is free of charge.
If your application for a new account has been denied and ChexSystems was used in the decision process, you can request your consumer disclosure report to help you understand what may have contributed to that decision.
To request a copy of your report, go to https://www.chexsystems.com/ you can fill out their online form or you can contact them by phone at 800-428-9623 or by mail by downloading the request form and mailing it to ChexSystems Inc., Attn: Consumer Relations, 7805 Hudson Road, Suite 100, Woodbury, MN 55125
Once you obtain a copy of your report you should check it for accuracy. If you find any mistakes you can file a dispute with ChexSystems. When filing a dispute provide any supporting documentation you have. ChexSystems can take up to 30 days to investigate your dispute. If confirmed they will remove the inaccurate information from your report.
If there is legitimate negative information in your report, you can take steps to resolve those issues. For example, if you have an account with a negative balance you can work with the bank or credit union to pay off the balance. Once your account is in good standing you can file a request with the bank, credit union or collection agency to update or remove the negative information from your ChexSystems report.
You also have the right to place a security freeze on your report. According to ChexSystems “A security freeze prohibits a consumer reporting agency from releasing any information in your consumer file without your expressed authorization. All consumers who reside in the United States have the right to place a security freeze on their file.
A security freeze is designed to prevent approval of checking, savings, credit accounts, loans, or other services from being approved in your name without your consent”.
Once a freeze is in place you can temporarily lift the freeze if you are applying for a new account with a bank, credit union or other lender.
To place a freeze, manage a freeze or request a replacement PIN go to https://www.chexsystems.com/security-freeze/information
Placing and lifting a security freeze is free.
Sign Up for USPS Informed Delivery
The United States Postal Service (USPS) offers a free service called Informed Delivery.
https://www.usps.com/manage/informed-delivery.htm
All mail traveling through USPS goes through a sorting machine, a picture of the front side of each piece of mail is taken, when you sign up for Informed Delivery you will receive a Morning Daily Digest email each day that shows a preview image of all incoming mail, as well as status updates about your incoming and outbound packages. You can see those notifications at any time via the dashboard from your phone, computer or tablet or in the USPS Mobile app. Informed Delivery also has other features that make tracking and receiving your packages easier and more convenient.
You can easily see what mail will be delivered to you each day, it can save you a trip to the mailbox and if you are waiting on an important piece of mail, you will know when to expect it.
Mail theft is a real concern, mail stolen from residential mailboxes and Postal Service boxes is a threat to public safety. Stolen mail can lead to financial and identity theft. When you know what mail to expect each day you will recognize if something is missing.
In addition to mail, Informed Delivery also tracks packages and sends notifications about their delivery status. The mobile app allows you to track and monitor your scheduled deliveries while you are away from home.
USPS Electron Signature Online allows you to create and keep an electronic signature on file for one year. You can apply the signature to incoming packages that require a signature upon delivery. When applied your mail carrier will leave your package in the mailbox without you being there to sign for it in person.
When you receive your Morning Daily Digest email each day there is a “set reminder” option. You can use it to receive additional notifications for mail you don’t want to miss.
You can manually add tracking numbers for packages that are not visible initially so that you will receive updates on those packages. You can track packages from the time they leave the shipping location until they arrive at your destination. You can view where the item is coming from and see updates during transit. You can view package details like weight, size and return address.
There is no reason not to sign up for this free service, signing up is quick and simple and can be done online. https://www.usps.com/manage/informed-delivery.htm
Secure Your Bank Accounts
With an increase in the number of Americans who bank online it is extremely important to do so safely. Identity theft and account hacking are real threats. According to the Federal Trade Commission (FTC) There were over 1 million reports of identity theft in 2022. This included bank fraud.
Banking online is very convenient and receiving your bank statements and other correspondence electronically prevents these documents from being stolen by mail thieves. There are certain precautions you should take when you bank online. These precautions can help to protect you from fraudulent activity.
Choose a strong password for your account and change it frequently. When you change your password also change your security questions. See my article Why you Should Never Use Real Answers to Security Questions
Always use Two-Factor Authentication (2FA) or Multi-Factor Authentication (MFA) this will add an additional layer of security to your account. You will be required to provide a code or some other form of authentication before you are granted access to your account. 2FA requires users to provide exactly two authentication factors, MFA requires users to provide 2 or more authentication factors.
When you use 2FA and MFA you will select where you want the authentication code to be sent. Don’t choose to have the code sent to your email. Email accounts can be hacked and if a cybercriminal has access to your email, they can retrieve the authentication code. Instead have the code sent to your phone or use an authenticator app.
Never write your usernames and passwords down where others can see them. Don’t use your email address or your real name as your username. Instead choose something that does not identify you. Using your name or email address makes you more vulnerable to hackers. Sign out of your account when you are finished banking.
Contact your bank and set up a verbal password or secret code. This is a password or code spoken over the phone when you call your bank which prevents someone else from calling in and accessing your account information.
Memorize your PIN and don’t share it with anyone.
Review your bank statements monthly and verify that every transaction is legitimate. If you find anything unusual notify your bank immediately.
Log into your bank account regularly to ensure all is well. Look for any debits or transfers you do not recognize. If anything is out of place, contact your bank right away.
Sign up for text and email alerts, your bank will notify you when there is activity related to your account, including when a transaction is made, balance alerts, purchase alerts, when unusual activity is detected, when your password changes and when there is an ATM withdrawal or deposit.
Be Careful Using Social Media
Choose a strong password for all accounts, including social media and change your passwords and security questions several times a year or when you suspect an account has been compromised. Turn on multifactor authentication (MFA) this adds an additional layer of security because you will be required to provide two or more verification factors to gain access to your accounts.
No matter which social media sites you are using log in and review your current settings. The National Cybersecurity Alliance has a list of links to the privacy settings pages for popular services and apps, including social media, review the privacy settings for each site you use. https://staysafeonline.org/resources/manage-your-privacy-settings/ Limit your posts to private so that only your friends can view them, this does not guarantee your safety, but it helps.
Remove anyone from your friends list that you do not know personally and don’t accept friend requests from people you don’t know.
One of the biggest problems with social media is that people share too much information. Even if you are only sharing with friends, they don’t need to know every detail about your life. Would you invite a friend into your home to go through your personal belongings? Most of us would not, think of social media the same way, no one needs to know your daily schedule, where you work, where your children and grandchildren go to school, that you are currently away on vacation or anything else that could potentially lead to in person and identity theft. Anything you post can potentially be shared and seen by anyone regardless of your privacy settings and scammers scour social media sites harvesting bits of information about you, this information along with the tons of data that has been stolen in the numerous data breeches that have taken place can be used to build a profile on you that can lead to identity theft. A report from AARP, showed that victims of online scams were more active on social media and shared personal information about themselves.
Don’t post pictures which can be used for fraud and theft. Social media is a digital cesspool of misinformation and untruths. Train yourself to be skeptical of anything you see.
Beware of any links or popups you see, they can direct you to fraudulent websites designed to steal personal information or infect your device with malware.
Cyberbullying happens to people of all ages, if someone is threatening or harassing you online report it to your family and the authorities.
According to a survey done by AARP, about 54 percent of respondents said they take online quizzes or surveys or download free apps on social media. These games and quizzes are dangerous, many are run by criminals who use them to gather personal and private information about users, some of the questions are similar to the security questions you answer when you sign up for online accounts and that is intentional, they can use your answers to break into your accounts. They can also use the information for fraudulent purposes including financial and identity theft.
Catfishing is when a criminal sets up a fake account intended to attract people into a relationship to scam them. Romance scams targeting seniors are quite common. They build trust and eventually start asking for money. Don’t connect with people on social media, it is just not worth the risk.
Don’t permit third-party apps to access your accounts, review your settings if you have used your social media account to log into other accounts consider removing that access, the same is true if you have given a company access to your profile, this happens when you play a game, enter a contest to take part in some other activity.
Some social media sites collect location information, they use this to target you with ads and suggestions. It is safer to turn this off.
Use Strong Passwords & MFA
Choose a strong, secure, unique password for each website you use. Choose a password that is as long as the site will allow, the longer the better. Use a combination of upper- and lower-case letters, numbers, and special characters. Don’t use a password that contains any personal information or one that would be easy to guess. Two of the most often used passwords are “password” and “12345”
Do not recycle old passwords and don’t choose a password that is like something you have used in the past.
Choose a unique password for each site you visit. I cannot stress how important this is. If a hacker gains access to one of your accounts and you use that same password on other websites, they can login to every account you use that password for which might include your bank, brokerage agency, Social Security, DMV, Insurance, email, and utility companies. This can lead to identity theft.
Set up a reminder to change your passwords a few times a year.
When you change your passwords also change your security questions. When setting up an account you may be prompted to select several security questions. If a hacker breaks into your account, they not only have your password but can view and change your security questions and answers. Never provide real answers to these questions which can be easy to guess, instead use a password generator to generate a password and use that as the answer. The answers should be nonsensical. Save your security questions and answers in your password manager.
Multi-Factor authentication requires you to provide 2 or more forms of authentication before accessing your account. When given this option, use it.
Do not share your passwords with others. You never know what someone else may do, even a friend, relative or significant other. Keep your passwords to yourself.
Use a Password Manager
A password manager is a secure database used to safely store your passwords. You use a master password to open the program and that is the only password you will need to remember. Most password managers also include a password generator which will create a strong, secure password. See my article on Using a Password Manager
Use Email Safely
Choose a long password and use a combination of upper and lower-case letters, numbers and symbols. Enable Multifactor Authentication for your email accounts.
Don’t respond to unsolicited email messages requesting personal information. Don’t unsubscribe to spam messages, it will not unsubscribe you but instead verify to the spammer that the address is legitimate. The link may also direct you to an undesirable web site containing malicious content. If, however you want to unsubscribe to a legitimate email message, a message that you received because you signed up for a newsletter or some other type of service the unsubscribe feature may work.
If you need to register online and provide your email address, use a disposable/temporary email address, or sign up for a free account to use just for registration purposes. Keep your personal and business email address private.
Don’t open email messages that you don’t trust, If you don’t recognize the sender and the message seems suspicious delete it.
Never open email attachments that you were not expecting, attachments may contain viruses and malware. If you are unsure and know the sender, contact them and ask them if they intended to send you the attachment.
Don’t use your company email to conduct personal business. Company email should be used strictly for business purposes.
If you are using an online email account, remember to log out when you are finished. Don’t save your login information in a web browser.
Email is not secure, don’t share anything personal or confidential in an email message, for example passwords, account numbers, Social Security numbers, credit card information and other sensitive data. Email messages can be intercepted, and the recipient can do whatever they like with the message once it is received.
Security Questions Are Important
When you register for an online account, you are often asked to choose several security questions. These are used to verify your identity. Although they have become somewhat outdated many sites still use them. The problem is that the questions are often very easy for someone to guess. For example, some common security questions are “What is your mother’s maiden name?” or “In what city were you born?” people who know you can easily provide the answers to these questions but so can strangers. Someone who really wants to access your account can do a bit of internet research to find the answers. Social media sites are a great tool for hackers and dishonest people to find out information about you. When you answer these questions don’t use a true answer, instead use your password manager to generate a long, strong password and use that as the answer.
Keep Important Documents Safe
Keep your important documents safe. Any documents that contain personal and private information should be kept in a safe location in your home, preferably a fireproof safe. Don’t carry documents in your purse or wallet. Carry only what is necessary like your driver’s license a few credit cards and some cash. Take pictures or keep a list of what you carry in your wallet or purse. If it is lost or stolen you will need to know what personal information is missing. For digital records, consider the use of encrypted storage drives or password-protected files.
Shred Private Documents
Shred anything that contains personal or private information before throwing them away. This can include old documents, files, bills and receipts, prescription labels, expired credit cards, debit cards and ID cards, tax forms, bank statements, medical bills and credit card offers and applications. Nothing that identifies you should be thrown away without being shredded.
Never Share Your Private Information
Never share your private or personal information with anyone who calls you on the phone, texts you, emails you or comes to your door. No legitimate agency or business will ask for your password, account number, Social Security number, Medicare number or any other confidential information. Unless you have initiated the phone call don’t share private information with anyone.
Take Your Receipts
When you make a purchase always take your receipts. Don’t leave ATM, bank receipts, credit card or gas station receipts behind or throw them in a public trash bin.
Monitor Your Medical Bills & Explanation of Benefits
Review your medical bills and explanation of benefits. Medical identity theft happens and if someone is using your name to get medical care you may notice charges, medical appointment or procedures you don’t recognize.
Sign Up for Online Bill Pay & Paperless Statements
Mail theft happens, when you sign up for online bill pay and statements you will receive less mail in your mailbox. This reduces your risk for having your mail stolen and used for malicious purposes. Do this for utility companies, financial institutions, doctors offices and anyone else you do business with.
Secure your Mail
Mail theft is a growing problem. At home consider purchasing a secure mailbox. These are locked mailboxes that require a key to open. The postal worker can deposit your mail in the mailbox, and only a person with the key can open it to get the mail out. Retrieve your mail promptly and put outgoing mail in the mailbox very close to your mail delivery time so that it is not sitting in the mailbox for longer than necessary. Don’t send or receive checks in the mail, sign up for online bill pay to reduce the chance of mailbox theft. Eliminate as much confidential mail as you can. Don’t use the blue post office boxes, they have been the target of mail theft. Take your mail directly to the post office instead.
Dispose of Computer, Smartphones & Other Devices Properly
Before getting rid of old electronic equipment wipe the devices to ensure your personal information is removed. Factory reset or remove the hard drive before you get rid of the device.
Use a Digital Wallet
Consider using a digital wallet to make payments. The secure app keeps digital versions of credit and debit cards on your smartphone. Your transactions are tokenized and encrypted, keeping your payment information safe.
Don’t Save your Usernames and Passwords in Your Web Browser
Don’t save usernames and passwords in your browser. Instead type them yourself or use your password manager to login.
Don’t Visit Secure Sites on Public Wi-Fi
Never visit secure websites when connected to public Wi-Fi. Hackers can easily access your computer, tablet or smartphone when you are connected to public Wi-Fi and steal your private information which can include email messages, passwords, credit card information, bank information and any other data on your device.
Use Secure Websites
Make sure every transaction you engage in on the Internet is over a secure connection, a secure site will display the padlock symbol and begin with “https”. Check the websites privacy policy. Know how a company will use or distribute your information, opt-out of allowing any business to share your information when possible.
Don’t Login Using a Computer or Device You Do Not Own
Never enter your password on another person’s computer or device, it could be saved without you knowing it. Especially important if you are using a public computer.
If you are using your computer or other device on public Wi-Fi don’t visit any websites that require you to login. When you are connected to public Wi-Fi your data can be intercepted by a hacker. Better to be safe than sorry. Wait until you get home to visit those sites.
Don’t Save Your Password in Your Web Browser
Don’t save your passwords in your browser, while this is convenient, it is not secure.
Secure Your Wireless Network
Be sure your wireless network is secure. See my article on steps to secure your wireless router. Secure Your Wireless Router If your wireless network is not secure, every device connected to the network is at risk.
Password Protect Your Devices
Password protect your computers, tablets and smart phones. This prevents others from gaining access if your device is lost or stolen. Enable auto-lock so that the screen is locked after a period of inactivity.
Use Antivirus Software
Install antivirus software on all of your devices and keep it updated. Run regular scans to check for malware.
Keep Devices Up to Date
Enable automatic updates on your computers, phones and tablets. Keep not only the operating system updated but also all apps and programs that are installed. Out of date software is one of the ways hackers gain access to your devices. Security updates often include important fixes for operating systems and hardware.
Beware of Phishing, Vishing & Smishing Scams
Phishing is when a cybercriminal sends and email trying to trick you into clicking on a link or providing personal and financial information about yourself.
Vishing is when you receive a phone call, often threatening or intimidating in nature. The cybercriminal tries to pressure you into providing personal and financial information. They often pose as a government agency, police department, the IRS or your bank.
Smishing also known as SMS phishing is a text message sent by cybercriminals trying to trick you into providing personal or financial information. They often pose as a bank or other financial institution. They may send a fraudulent link prompting you to log into your bank account where they steal your username and password.
Don’t fall for any of these tricks. Be cautious of any type of message you receive requesting information. Never log into your bank or any other website using a link sent in an email or text message. Instead, login using your password manager or by typing the address yourself.
Install Certified Apps
Install only Apple and Android certified apps on your devices. Third party apps can contain malware, they can steal data, spy on you using your microphone and camera and intercept messages.
Don’t Leave Devices Unattended
Never leave your devices unattended in public settings or leave them in your car. Millions of smartphones, laptops and tablets are stolen every year and very few are recovered. As many as 25% of these devices are stolen from vehicles or during transportation. Keep your devices with you or lock them away.
Turn your Devices Off
A hacker cannot access a device if it is turned off. If you are not using your computer, tablet or phone shut it off.
Don’t Use Links to Logon
Don’t click on links in an email or text message to log into your online accounts. Even if the email or text message looks legitimate it may not be and can direct you to a malicious website. Instead type the web address into your browser or connect to the site using your password manager.
Check Your Credit Reports Often
The three national credit reporting agencies — Equifax, Experian, and TransUnion now let you check your credit report at each of the agencies once a week for free. Visit AnnualCreditReport.com to request free copies of your credit reports. Review your reports for any unusual or suspicious activity.
Don’t Use Your Debit Card for Purchases
Instead of paying for purchases with your debit card use a credit card. Credit cards offer much more protection, and they are not tied directly to your bank account. Credit card companies usually block suspicious charges until you confirm they are not fraudulent. Use your debit card for cash withdrawals and your credit card for purchases and bill paying.
Watch Out for Skimming
Skimming happens when you use your debit or credit card at a payment terminal that has been compromised by a criminal. Your payment details are captured and stolen. Be cautious when using payment terminals and look for any signs of tampering. Use tap to pay or a payment app instead of inserting your card. See my article on Skimming Scams
Enable Alerts Through Your County Recorder’s Office
Home title theft and other malicious activities happen when someone files documents in your name with the County Recorders Office. Most County Recorders now offer alerts that help protect property owners against possible fraudulent activity. Similar to credit monitoring services, the county will automatically alert users when a document is recorded in their name. Visit your County Recorders website to find out what type of alert system is available in your area.
Zealous Quickly