Did you know that over 33% of adults in the US have already experienced identity theft? It’s a scary thought. When you work diligently to pay your bills and eliminate debt, the last thing you want to do is deal with identity theft.
We’re not trying to scare you by any means, but it’s more important than ever to protect against identity theft on the Internet-connected world that we live in.
Scammers are becoming more sophisticated, but you can still take steps to reduce your risk of theft and fraud. As financial advisors who work on retirement planning on a daily basis, we would like to share with you two stories before we go through our checklist on how to protect against identity theft and fraud.
Story 1: Fraudsters are Nearby
One time, we received an email from one of our clients asking us to transfer money to a particular account. We knew this account, but we called the client before a transfer because that’s an additional step we always take for our clients.
We never transfer money because of an email that we receive.
The client was happy we did call because someone hacked their email and found out their:
- Mortgage information
- Retirement information
Emails were sent to the numerous contacts in the person’s list trying to steal their identity. The client opened an investigation with authorities, and the culprit was someone living on their street who went through their trash to steal their identity.
Story 2: Duke Energy Call
In our second story, a scammer came close to tricking us, and it began with a phone call. The call came from “Duke Energy,” my energy provider. The provider told me that my electricity would be turned off within an hour.
Being out on vacation at the time, I was almost tricked until asking the person on the other end of the line a question or two.
Auto-pay is set up on my account, and I hung up and called Duke Energy. The scammer hoped that I would provide a credit card to avoid getting my electricity turned off.
Common Mistakes People Make That Increase the Risk of Cyber Threats
Cyber threats are constantly evolving, but the biggest ones that we’re seeing right now are:
Using the Same Password Across All Sites
A basic yet vital way to protect your identity and accounts is to use different passwords. According to security experts, 91% of people know that using the same password on websites is a security risk, yet 59% of people use the same password on all websites.
All it takes is a single security breach to gain access to all of your accounts.
Just think about it. If you use the same password and email for Twitter as you do for all of your other accounts, a single breach could lead to others gaining access to your:
- Email account
- Bank accounts
- Retirement accounts
- Social media
You can use password lockers that can help you create and store unique passwords for all sites with high-end encryption, too.
Not Using Two-Factor Authentication
When you log into your account, two-factor authentication can add an additional security measure to your account. For example, when you log into your bank account, you enter your username and password, and then you will have to:
- Access an email for a code, or
- Access a text message, or
- Get the code via phone
If you set up two-factor authentication, if it’s available, this will provide you with an additional layer of security that makes your account safer.
Sharing Your Password with Others
Do you share your password with other people? If so, you’re increasing your risks of fraud drastically. The individual may not be personally responsible for the fraud, but what if their device has malware that steals your account information?
Failing to Update Your Devices and Software
Your device, whether it’s a personal computer, tablet, smartphone or any other device, may be a weak point in your overall security. For example, a security hole on iPhone was recently discovered that could allow hackers to access the phone’s contents.
Updating the operating system fixes the issue, but a lot of people skip these vital updates.
You want to be sure that you update your:
- Operating system
- Web browser
Anti-virus updates are crucial because they work to prevent breaches in real-time.
Opening Unsolicited Emails
Email is one of the most common ways that theft occurs. If you receive an unsolicited email or something doesn’t seem right with an email, delete it. Following a link or downloading an attachment in the mail can lead to you unknowingly giving a scammer access to your computer.
Hackers can spoof an email so that it looks like it’s been sent from Amazon, Facebook, friends or others.
Remain diligent with your email and even texts because scammers routinely send messages with:
- Tracking links
- Download links
If something doesn’t seem right, delete the mail, or call the sender to verify that it’s really them.
Being Too Open on Social Media
People share far too much information on Facebook, Instagram, Twitter and other social media accounts. When you have the following information out there, hackers will use this information to gain access to your accounts, such as your:
Hackers can use this information to answer security questions on certain accounts to gain access to them. For example, a person posts a picture of their first-grade class and on their bank account, the “Name of Your Elementary School” is your security question.
It’s easy for a hacker to look at the photo, do some digging and find the school’s name.
For your own safety and security, don’t post too much personal information on social media accounts.
Opening Emails from Friends and Family
Friends and family are being used to trick people into downloading files, sending money or following links. Just imagine that a close friend sends an email asking to donate to their fundraiser, and you enter in all of your information to help this friend.
But your friend’s email was hacked, and you only find out months later.
If someone doesn’t email you often or even if they do, there’s no harm in calling them to ensure that the mail is legitimate.
We’re also seeing hackers do this to elderly individuals. The hacker will message them saying that their grandchild needs money or something similar because they found the child’s name on their social media accounts.
In short, don’t send money or follow instructions through email unless you’re 100% positive that the sender is not scamming you.
Not Paying Attention to Breaches or Hacks
Since you use a variety of sites and platforms, one may be hacked. For example, if you have a Chase account and a breach just occurred, you can request that your account be frozen. You should be taking a proactive approach to freeze your accounts and get ahead of potential identity theft.
Not Changing Your Password Periodically
Using the last point, if a breach occurs and someone gains access to your password, you may circumvent the risk due to your password changing habits. Security experts suggest changing passwords every 60 to 90 days.
Following this schedule will help you minimize your risks of someone stealing and using your password.
Common Phone Scams We’re Seeing Right Now
Phone scams are growing in popularity, too. A few of the scams to be cautious of are:
- The Social Security Administration will never give you a call. It’s a scam.
- The IRS will never give you a call. It’s a scam.
- Someone calls you saying that you won money. Probably not. It’s a scam.
- Microsoft calls and says that something’s wrong with your computer. It’s a scam.
- Credit card companies call and say they’ve detected fraud. Maybe. But hang up and call the number on the back of your card to make sure it’s not a scam.
We just want you to be careful to protect your identity. We’re not trying to scare you. Rather, we want you to be prepared and know how to keep your identity safe.
If you want to grab our free checklist that covers all these points, simply call our office at 919-787-8866 and ask for Laura or Morgan. They’ll send out the checklist for you to follow to ensure you’re taking proactive steps to keep your identity safe.
Want to learn more great information from us? We have a podcast where we discuss great topics, just like this, twice a week.