The more we as individuals, health care providers, hotels, financial institutions, etc. are online, the more we are vulnerable to hacks. Equifax, one of the nation’s top credit rating services, is merely the latest hack so far this year affecting the largest number of people.
First things first, if you think you could be one of the +143M people who might have been marginalized by this hack, go to equifaxsecurity2017.com and follow the cues. Before you double click the URL to input your name and last 6 digits of your social security number, make sure that the URL in the address bar belongs to the company and not to some other entity.
Online hacking is one thing (Yahoo at +1B in 2016, numerous health care providers at +111M in 2015, JP Morgan at 83M in 2014…I could go on and on); phone and imposter scams are another. Let’s look at online hacking and scamming first.
The Identity Theft Resource Center (ITRC) tells us “…to be extra diligent about monitoring your account statements, looking for unauthorized charges, tracking and reporting any suspicious activity, and keeping a close eye on your credit reports. If you do experience any strange activity…report it immediately, no matter how minor it might seem at first.”
The ITRC also tells us, “There are already emails in circulation that suggest you check your credit report by using their handy link.” DON’T. And DON’T DELETE the email. Just leave it alone…deleting it may be enough for hackers to get into your system.
If you get an online ad to check your free credit, DON’T CLICK IT. If you want to get a free credit report, go to the Federal Trade Commission (FTC) website. You can get one free copy of you credit report per a 12-month period. You must pay to get additional reports during that 12-month period.
NEVER give out your personal/financial data when asked to do so in an email or in an alert to do so for “verification purposes.” Delete that email.
Looking at phone and imposter scams, Lisa Weintraub Schifferie, attorney with the FTC, suggests…
1. Do not under any circumstance give your personal or financial information to anyone on the phone unless you have initiated the phone call yourself.
2. Do not trust Caller ID. Scammers can spoof numbers all day long.
3. Hang up on robo-calls.
4. Do not press any keys to speak to an operator. This, like clicking/deleting an ad or email, may trigger more calls.
If you’ve already been hacked or scammed…
1. Change your passwords.
2. Change your account numbers if possible.
3. Change your security questions.
4. Monitor your accounts
The SEC reported this last Wednesday, two days ago, that it had been hacked. Luckily, they were able to rectify the situation almost immediately. BOTTOM LINE…if the SEC and Equifax can be hacked, anyone can. Pay attention to your accounts, report ANY suspicious activity immediately and NEVER give out your personal/financial information when asked by an email, person on the phone or robot to “verify your information.”