Reducing Your Risk For Identity Theft & Data Breaches

Posted on October 16, 2018


Author: Mark A. Denlinger

Originally published in October 2018

Copyright © 2018 Knox McLaughlin Gornall & Sennett, P.C.

This article has not been updated for current law since the date of its posting on the website. This article is not intended to provide any legal advice. Please seek advice of your professional council.

Any U.S. federal and state tax advice contained in this communication is not intended or written by the Knox Law Firm to be used, and cannot be used by you, for the purpose of: (i) avoiding penalties under the Internal Revenue Code that may be imposed upon you, or (ii) promoting, marketing, or recommending to another party any transaction or matter addressed herein.

Tips to Reduce Your Risk and Prevent Identity Theft

  1. Monitor your credit reports
  2. Place strong passwords on your credit card, bank and phone accounts
  3. Secure personal information in your home
  4. Ask about information security procedures in your workplace
  5. Update virus protection software regularly and use a firewall
  6. Before you dispose of computers, smartphones, tablets, etc., make sure to “Wipe” the drives
  7. Look for website privacy policies before providing personal information
  8. Shred unnecessary financial documents – e.g., invoices, pre-approved credit offers, financial statements, unused checks or credit cards, anything with your SSN, etc.
  9. Close unused or unneeded credit cards or line of credit accounts, and consolidate accounts as much as possible to make monitoring easier
  10. Ensure mail is picked up or stopped when you are away
  11. Question suspicious email, online or phone inquiries

Additional Methods and Considerations to Protect Your Daily Privacy

  • Stop WiFi Imposters: Hackers can establish rogue WiFi networks with legitimate names and trick users/devices to join. Periodically delete the networks you join automatically
  • Lock your tablet, smartphone and laptop screens: These devices are easily lost or misplaced, and an unlocked device is an easy gateway for thieves.
  • Turn on Automatic Updates: Keeping software up-to-date is a critical step to boost security. Hackers exploit vulnerabilities and old software gives them greater access and avenues to succeed.
  • Use Two-Factor or Multi-Factor Authentication: Activate a PIN and security questions with accounts, including alternative email addresses to receive inquiries/notices.
  • Lock down your Web-connected Devices: Change the default settings on Internet-enabled devices and create unique username and passwords – e.g., your Smart TV is watching you so turn off certain “smart” settings associated with Automatic Content Recognition (ACR) which transmits data and analytics to companies for marketing purposes, etc.
  • If going out of town, prepare your laptop for traveling: Avoid public WiFi and restrict file sharing settings on your laptop when away from your home network. Cloak your laptop and turn off Network Discovery settings to make it more difficult for other devices to find your laptop.
  • Use encryption software where possible: New iOS and many Android smartphones are encrypted by default, but if you have an older mobile phone, you may need to set the encryption manually. Many USB flash drives have built-in encryption.
  • Update router firmware and shut it down when out of town: All your data goes through your router, so lock it up tight. You may want to upgrade your router as well – not only will speed likely increase, but so will security and protection.

Key Takeaway Tips for Identity Theft Protection

  1. Protect your Social Security number: Do not carry your Social Security card in your wallet or purse. If your health plan (other than Medicare) or another card uses your SSN, then ask them for a different number.
  2. Fight “phishing” and do not take the bait: Scammers “phish” for victims by pretending to be banks, stores or government agencies. Do not respond to any request to verify your account number or password, and never give out your personal information – unless you made the contact. Do not believe the number displayed in your phone’s Caller ID as this can be easily faked (often called “vishing”).
  3. Polish your password practices: Get tough and organized in your passwords, and use different passwords for all your accounts. Use at least 8 characters, including a mix of letters, numbers and symbols (see below), and avoid using items that are easily discoverable from public records, etc.
  4. Be mysterious on social network: What you share on social networks is easy for hackers and thieves to use for scams, phishing, etc., so do not over share.
  5. Shield your computer and smartphone: Protect your personal information on your computers and smartphones – use strong passwords, firewalls, virus protection and spyware protection – and update and upgrade the protections regularly.
  6. Click with caution: When shopping online, check out the website before entering your credit card number or other personal information. Only enter personal information on secure Web pages with “https” in the address bar and a padlock symbol at the bottom of the browser window.
  7. Check your bills and bank statements: Open your credit card bills and bank statements right away, and check carefully for any unauthorized charges or withdrawals. Call the credit card company if the bills do not arrive on time (as it may mean someone has changed the contact information to hide fraudulent charges).
  8. Stop pre-approved credit offers: To the extent possible, stop pre-approved credit offers as they are tempting targets for thieves who steal your mail. Have your name removed from credit bureau marketing lists- call toll-free 1-888-5OPTOUT (888-567-8688), or opt out online at www.optoutprescreen.com.
  9. Ask questions and remain vigilant: Do not be afraid to ask questions when a business or agency asks for your personal information – ask how it will be used, how it will be shared, and how it will be protected?
  10. Check your credit reports – for free: Monitor your credit history by reviewing your credit reports – you are entitled to one free credit report every year from each of the 3 national credit bureaus (Equifax, Experian and TransUnion). Spread out and stagger the requests from each bureau every 4 months. Also, if in the last 60 days you have been denied credit, housing or employment due to your credit rating or adverse action has been taken against your credit record, then you may be entitled to a free credit report from the reporting bureau used to make the decision, etc. (under the Fair Credit Reporting Act).
  11. Know what data and information you have (and where): Try not to store financial information or sensitive personal information on laptops or mobile devices, which can be easily lost or stolen. Be careful with flash drives and thumb drives, which can be easily lost or can become infected with dangerous files. Track where your information is stored on home computers, laptops and similar devices, as well as hard copies of paper files (i.e., tax returns, PINs for credit/debit cards, etc.).
  12. Delete or secure (and/or back-up) information regularly, and transfer and store information securely.

Key Steps to Take if Your Identity is Stolen or Compromised

  1. Lockdown or close/stop the problem account
  2. Scan credit card and bank statements for other unauthorized charges
  3. Immediately obtain and review your credit reports for mystery accounts
  4. File a report with the Federal Trade Commission
  5. Contact your local police department
  6. Sign up for a credit monitoring service
  7. Place a fraud alert on your credit reports and consider a credit freeze
  8. Open or obtain new credit cards and/or financial accounts
  9. Adjust your account settings and passwords/PINs
  10. Create an Identity Theft Report: An Identity Theft Report gives you rights that help you recover more quickly. File a complaint with the Federal Trade Commission (FTC) - www.ftc.gov/complaint or 1-877-438-4338. This will become your FTC Affidavit.
  11. Also, file a police report. These together will become your Identity Theft Report. Use this report with credit bureaus, credit card/bank accounts, etc, to help streamline the process of closing accounts and seeking recovery. For a business with cyber-insurance, an Identity Theft Report will assist in claims and recoveries, but does not alleviate any breach reporting obligations.

Author: Mark A. Denlinger

Originally published in October 2018

Copyright © 2018 Knox McLaughlin Gornall & Sennett, P.C.