Buzz
This is why taking a proactive approach to your financial security is crucial—set up your accounts as if you’re expecting a breach, as Sheera Frenkel highlights in the New York Times.
The most essential step, though obvious, is creating a robust password. “If I could get people to stop two behaviors, they would be: Don’t use simple passwords like your name, your child’s name, or your birthday, and don’t reuse passwords across sites,” advises Frenkel. A password manager can help. Mytour recommends LastPass and 1Password.
Next, review your credit report and examine your bank statements for any unusual activity. As Mytour previously mentioned, “credit reports don’t catch everything, like if someone withdrew money from your bank or investment accounts... ChexSystems, used by banks to validate identities, offers a security alert and freeze feature that makes it tougher for fraudsters to open fake accounts.” If you notice anything suspicious, contact your bank or creditor.
Consider using a single platform, like Mint, to track all of your accounts in one place, making it easier to spot unusual activity. Check your child’s credit report as well.
Next, lock your credit reports at the three major credit bureaus: Equifax, Experian, and TransUnion (they’re free now). If you need to unlock them later, Equifax asks for a password, while TransUnion and Experian require a PIN (make sure not to lose it when you initially lock your accounts, as it can be a headache to reset it).
Activate two-factor authentication for all accounts that support it (and think twice before using services that don’t offer it, especially when it involves your financial data). As Mytour pointed out earlier, “if a site asks you for something like the first car you ever owned as an answer to a security question, you don’t have to stick to the truth. You can write anything you want, just make sure you remember your fake ‘first car.’” Even better, use your password manager to store your answers.
Be cautious of calls, texts, or emails from anyone claiming to be from your bank, brokerage, or another institution. There are numerous scams where fraudsters pretend to be from a ‘bank’ and say you need to update your PIN—often with your personal info like your Social Security Number—by calling from the official bank number. If you receive a text, directly call your bank to verify. If they call you, ask to hang up and call them back yourself, regardless of how urgent they make the situation sound. This is also true for government agencies like the IRS—most likely, they are not calling you, and they definitely won’t threaten you with jail time, despite being a common scam tactic.
Keep in mind that you don’t have to share sensitive information like your Social Security Number just because someone, such as your doctor, requests it. “When unsure, ask why the SSN is necessary, or simply leave that field blank,” advises Kiplinger. “Some businesses want it to track you if you miss bill payments. You might be able to use an alternative identifier, like your phone number, instead.”
Lastly, set a recurring reminder to check one of your free credit reports every four months. You might also think about using a credit monitoring service for additional security. But remember, the best strategy is to approach every new account or service with the mindset that it could be compromised at any moment: Choose a strong password, enable two-factor authentication, and be cautious about sharing personal data. Stay alert.
Updated October 10, 2018 at 12 p.m.: This post has been revised to indicate that a six-digit PIN is now required when freezing your TransUnion credit report.
