Fraudsters are always cooking up new schemes to get their greedy little paws on your hard-earned money. While there are leaks of personal information about which you can do nothing, there are tactics that help you lock down your wallet. Here are five tips to make sure that you don’t fall victim to a scam.
Do not open links or attachments that you are not expecting.
Do not answer calls from numbers that you do not know.
Freeze your credit reports.
Use two-factor authentication where available.
Shred your documents.
Let’s look at the reasons each of these work in preventing fraud in some more detail.
Opening Links Or Attachments
It is easy for a fraudster to make it look like a link is taking you to a legitimate web page, while it’s actually directing you to a site that will steal your personal information. These fake sites often look almost identical to the real site! The best rule of thumb is to ALWAYS type in the address of the site directly into your browser navigation bar, or use a bookmark.
Attachments can harbor what’s called malware (bad-for-you programs) like keystroke loggers or other methods of stealing your personal information. If you open the attachment, your computer will be infected, and you will not know it. Furthermore, even if you have anti-virus software, it is not effective against all types of attacks. If you receive an unsolicited attachment in your inbox, simply delete the email. Do NOT trust unsolicited attachments even from someone you know – their email may be compromised.
There are an increasing amount of scams that use “robocallers”, which may even utilize local numbers. If you pick up and interact, you’ll be transferred to a live person, usually operating from outside the US. The fraudsters will try to get you to give out information, such as your social security number, credit card number, or other such information. They employ various techniques, such as impersonating IRS agents, police officers, tech support, or other authorities, to put pressure on you to divulge the information.
The best way to avoid falling victim to this type of scan is to never answer a number you do not recognize. If it’s important, they will leave a voicemail. If you’re returning a call, find a phone number for the organization online and use that to call back. You can also use technology to aid you in call screening; there are many apps available for Android and iOS that will help you screen calls.
Freeze Your Credit Reports
Freezing your credit reports prevents ANYONE (including you) from running a credit check on you. This prevents identity theft fraud from happening, as any action that requires a credit check (new credit card, loan, utility account, etc.) will fail due to the inability to conduct a credit check.
This does not affect credit reporting that your creditors do. It simply locks down your credit file from any inquiry by a third party. While there are services that will monitor your credit file and alert you to any activity, freezing your credit reports is the only way to actually prevent identity theft from happening.
You will need to enact the freeze at each of the three credit bureaus; TransUnion, Equifax, and Experian. If you need to run a credit check, each bureau offers a way to provide access for a limited time. Simply ask the person/business running the check which bureau they will use, and allow temporary access to that credit file.
Update 9/14/17: With the recent hack of Equifax customer data, I am expanding this section to give you further information about how to enact a credit freeze. If you have a credit history, you should consider your personal information compromised to make sure you're safe:
You can place a freeze via a phone call (approximately 5 minutes per bureau):
State laws vary on if there is a cost / how much. In Michigan where we are located, the cost is $10 per bureau per person to freeze or unfreeze your credit file unless you are already a victim of fraud (in that case it's free). This is a small amount compared to the average ~$1,300 cost to repaid damage done by identity theft, not to mention the time and energy involved.
You will receive a PIN code during the call, so have a pen and paper handy. Keep the PIN code secure - preferably in two separate locations. If you lose it, you'll need to provide a LOT of documentation to un-freeze your credit (it's a hassle - don't lose the PIN). Consider adding the PIN code to your legal file at your lawyer's office, your safe deposit box, or an encrypted cloud account.
If you are in the midst of obtaining new credit, or plan to do so in the short-term, instead of doing a credit freeze you can place a fraud alert. This will alert anyone extending you credit to take extra precautions to verify your identity. The alert is good for 90 days, after which you need to renew it OR place a credit freeze. You only need to place the fraud alert with one credit bureau.
Two Factor Authentication
To enhance the security of your online accounts, always choose to use two-factor authentication if it is available. This service works by first prompting you for a username and password, as usual, but then also either sends a text message to your phone or uses a companion app to prompt for a second verification. This greatly increases security, as the fraudster would need to have access to not only your username and password, but also your cellphone (and associated password to unlock it).
Two factor authentication comes standard with most financial sites, and large email providers. I personally would not use an email provider that does not have this type of enhanced security. It’s all too common for fraudsters to get their hands on a list of emails and passwords through hacking of various sites – if this happens, they should not be able to access your email account. Your email account is often the weakest point in your online security because it allows for retrieval of other passwords. Keep it secure!
Shred Your Documents
We are ending with “old-school” fraud. Did you realize that the moment you throw something in the trash, it’s not yours anymore? Literally anyone can go through your trash to pick up anything in it, and they are not breaking any laws.
To secure yourself from having someone pickup personal information from your trash, either purchase a shredder (cross-cut or diamond-cut) or take your documents to a local financial institution to be shredded (ask if they will accept your shreddables first). Consider anything beyond your name and address as personal information. Shredding is cheap insurance to keep your private information private.
If you are interested to learn more about these, or other financial security topics, send me an email at firstname.lastname@example.org