Monitor your credit:
- Check your credit report annually. Consumers are entitled to a free credit report from each of the three major credit bureaus annually. Go to annualcreditreport.com to get started. A best practice is to check your credit report three times per year by requesting the report from one credit bureau every four months.
Protect yourself from scams:
- Be wary of phishing emails which often contain attachments or links to malicious websites infected with malware. Avoid opening attachments and clicking on links contained in emails received from unfamiliar sources.
- Be wary of SMiSHing which is similar to phishing but in SMS text messages. Avoid clicking on links or calling the telephone number contained in text messages received from unfamiliar sources.
- Don’t provide your online banking login credentials to anyone, particularly individuals you meet online. Victims of the romance scam are often duped into providing fraudsters with their online banking login credentials and the fraudsters end up stealing money from the accounts.
Protect yourself online:
- Use strong passwords that are at least 11 characters in length that are case-sensitive and include alpha-numeric characters and at least one symbol. Use a password checker to ensure you’re using a strong password.
- Do not use the same password for multiple websites used to conduct online transactions.
- Be sure your home computer is protected with a firewall and antivirus/antimalware software. A best practice is to configure the antivirus/antimalware software to automatically check for updates at least weekly.
- Be sure to install operating system patches when they are made available.
- Avoid using public Wi-Fi and public computers (e.g., those found in libraries and hotel lobbies) to conduct online transactions.
- When offered, use multifactor authentication for account logins or out-of-band authentication to confirm login attempts and/or transactions. Multifactor authentication involves using more than one authentication method, such as user password (something you know) and a one-time-password token (something you have), or biometrics (something you are). Out-of-band authentication typically involves the user receiving a passcode via text message which the user must enter to complete a login or a transaction.
- Be wary of what you’re sharing – Openly sharing information on social media can provide an identity thief with the necessary information to impersonate you, or answer certain challenge questions. Keep social media accounts private, and be cautious who you’re connecting with. Never share anything related to your credit union account, transactional history, or identifying information in unprotected public forums.
- Your Social Security Number should be closely guarded -Your Social Security number doesn’t change, which makes it the ultimate prize for an identity thief. If your credit union uses your whole or part of your SSN to identify you, ask them to use something else like an account password or recent transaction. You may have to share your SSN if you’re opening a new account, or applying for a loan or credit card, but you should only share that information when you’re certain it will not be overheard, or used without your consent.
Protect your children and/or minors
Most minors under the age 18 may not have a credit report available for review. However, children are regular targets of identity theft, and parents should take care to protect their children’s financial future.
Look for warning signs-
- Collection notices or calls products or services in your child’s name
- Notice declaring your child owes back income tax, or that their identifying information was used on multiple tax returns
- Offers for pre-approved credit in your child’s name
- Marketing offers arriving in your child’s name (could mean an account was opened at a financial institution)
- Be careful about sharing your child’s private identifying information especially Social Security numbers. If asked to share that information ask how it will be used.
Checking your child’s credit
- Contact each of the 3 nationwide credit reporting bureaus and request a credit report in your child’s name. Each has their own process, and it will take time, but it will be worth it.
- If there is a credit report in your child’s name, request a fraud alert, and consider a credit freeze
- Contact your local police department or Attorney General’s Office to file to report the identity theft and request a copy of any report generated
- (Identity theft affidavit?) Contact any financial institution and business listed on your child’s credit report and explain the account was opened because of theft and request it be closed. You may need to produce documentation from the credit bureaus and law enforcement
- Keep a detailed list of any phone calls made documents received as you may need to produce them later