• Home
  • The Equifax Data Breach, What To Do Next

The Equifax Data Breach, What To Do Next

Jonathan Swanburg
By: Jonathan Swanburg
Share This Post

There is a lot of good information on the internet about ways to protect yourself from identity theft that go beyond signing up for the one year of free protection from TrustedID Premier or paying for a service such as IDShield or LifeLock. Below I’ve taken the Bankrate article, 5 Ways to Protect Your Identity After the Equifax Breach, and added commentary to make the suggestions more actionable.

1. Don’t hesitate: Freeze your credit

Equifax is now offering a free credit freeze that can block fraudsters from opening accounts in your name. Rival credit reporting agencies TransUnion and Experian have seen jumps in the numbers of people requesting credit freezes from them.
But obtaining a credit freeze and then unfreezing your credit reports when you apply for a new credit card or cellphone can be time-consuming.
Apart from Equifax’s free offer, you’ll usually have to pay around $10 to set up the process, and then pay again when you want to lift the freeze to take out a loan.
One trick is to ask, say, a credit card issuer’s sales representative which credit agency the company works with, and then unfreeze only that corresponding credit report.

Credit freeze is a great option if you don’t plan on opening a new line of credit anytime soon. However, adding a credit freeze or fraud alert to your account may have some unintended consequences. For example, it will make it impossible to create a Social Security account online since the SSA.gov website uses information from your credit report to verify your personal data. So if you haven’t done so already, create your Social Security account before setting up the credit freeze. If you already have the credit freeze or fraud alert setup and don’t want to remove it, you would have to visit your local Social Security office to setup your online account which can be a huge hassle.

2. Monitor accounts and your credit

The Equifax hack involved almost 300,000 credit card accounts, so hackers may be able to make purchases without your knowledge.
While you’re generally not liable for fraudulent credit card charges, identity thieves are becoming more sophisticated. And, if you don’t discover a bogus charge, you’ll pay.
One way to know know instantly whenever there’s been any unusual activity involving your credit card or checking account is to set up mobile transaction alerts.
You’ll also want to monitor your credit card and checking and savings accounts daily, and keep monthly tabs on your FICO credit score. Many credit cards offer your credit score, derived from one credit bureau or another, on each statement.
Order your credit reports from all three reporting bureaus and go through them for any mistakes.
You can get a free credit report and score from myBankrate.

Monitoring your account activity on a regular basis is the single most important thing you can do to spot fraudulent activity before it becomes a serious issue. To accomplish this goal, I recommend using a free account aggregation tool (such as our wealth management tool) to aggregate all of your financial accounts in one place. This would allow you to quickly see all the transactions, across all of your accounts, in real time, from a single sign in. This will prevent you from missing fraudulent activity in some of your less frequently used or monitored accounts. That may include bank accounts, PayPal accounts, store credit cards, and other blind spots you may not remember to check otherwise.

3. Add new layers of security

Safeguard your accounts by enrolling in two-factor authentication, which would require you to log on using both a password and a one-time code sent to your cellphone. That would make it more difficult for a criminal to gain access.
Many Americans fail to understand two-factor authentication. Only 10 percent could identify it correctly in a recent survey by the Pew Research Center.
You’ll also want to set up a PIN code with your wireless provider, so a customer service agent wouldn’t be tricked into allowing a hacker to commandeer your phone.
And, establish a system with financial advisers who have access to your investment accounts so it would take more than just a simple email from you to get them to wire money from your funds.
“Good identity protection hygiene should be as rote as brushing your teeth,” says Velasquez. “You just need to know that’s what you got to do.”

Two-factor authentication simply means that when you enter your password somewhere, you will also receive a text or a phone call with a unique, one-time use code that must be entered before you’re given access to the information. With two-factor authentication, even if someone steals the password to your account, he won’t be granted access to your information unless he also steals your phone.

I personally use LastPass for my password manager and authenticator.

As for the financial advisor part, Tri-Star Advisors requires that clients speak with their advisor over the phone before making any wire transfers.  In addition to several other steps we take to verify wire requests, this is an important one for preventing potentially fraudulent transfers.    

4. Be careful with your taxes

Identity thieves don’t stop with credit cards.
While the IRS has reported that the number of tax fraud victims fell to 377,000 in 2016 from almost 700,000 in 2015, fraudsters are still interested in pinching whatever refund you have coming to you.
File your return as early as possible, and change your withholding to lower a potential refund.
If you think you’re the victim of fraud, file the identity-theft affidavit, Form 14039, with the IRS.

This one is often overlooked. There isn’t much to add here other than it is important to request your refund as a direct deposit so criminals cannot have the money redirected to their address or steal it from your mailbox.

5. Watch your emails and snail mail

Hackers also may use stolen information to send you a phishing email – a note that looks legitimate but contains links to malware.
Fraudsters can use these emails to get you to click on encryption ransomware, which can block you out of your photos and sensitive files until you agree to pay a ransom to regain access. Backing up your data on a hard drive is key.
Get into the habit of reading email carefully before responding, paying special attention to the sender. A scammer might hide behind a name that looks familiar, but the spelling will be off by a letter or two.

Even if the sender looks official or like someone you know, hover over any links before clicking them. The web address will show up so you can determine whether the link is going where you think it should be. When in doubt, go directly to the source rather than clicking a potentially dangerous link. Finally, keep your web browser and anti-virus software up to date and be wary of popups. For more information on protecting yourself from fishing, I recommend the SEC’s publication - "Phishing" Fraud: How to Avoid Getting Fried by Phony Phishermen

Need a tool to monitor all of your financial accounts in one place?  Use the link below to sign up for free access to our wealth management portal: 

Start Today!