Security Corner As the world has become increasingly more dependent on online technology and communication, people have become more susceptible to identity theft. It is helpful to understand the different ways in which your identity and personal information can be stolen online, as well as the steps our clients can take to prevent identity theft and the resulting financial stress. On the following page, we cover: Tips for Protecting Your Identity The Basics of Internet Security Internet Fraud Tax Filing Fraud Password Protection Tips for Protecting Your Identity First Step. A fraud alert or a credit freeze is an important first step towards recovering from or preventing identity theft. Call our office for help setting up a credit freeze. Prompt Reporting Can Help. Financial institutions generally carry the risk of loss due to fraud, as long as you report fraudulent activity promptly. If you do not report fraudulent bank account activity within 60 day, the entire loss may fall on you. Nip It in the Bud. Check your bank and credit card statements frequently for unauthorized use to nip identity theft in the bud. Check Your Credit Report. Regularly checking your credit report at annualcreditreport.com, will help you detect and prevent identity theft. Identity theft can devastate your credit score. Helpful Website. The Federal Trade Commission website can help you create a detailed identity theft report. Local law enforcement can use this for their investigation, and you can provide it to the credit reporting agencies if you have trouble clearing up your credit report. The Basics of Internet Security Anti-virus protection is a must to protect your computer against viruses, spyware, adware, and spam, and to protect yourself against identity theft. Never provide personal information via email. If you must send personal information, make sure you send it encrypted. Use secure passwords. For more detailed tips on creating safe passwords, see the section below on Password Protection. Make sure when entering personal information (including credit card numbers and identity details) on a website that the website has an updated and valid security certificate. One way to verify a website’s security is to make sure the web address begins with “https.” Norton has a “website checker” on its website. If you are ever unsure if a website is secure, you can see what Norton has to say about it here. Beware of scams sent through email. When in doubt, you can always open a new browser window to research a potential scam – never click on links in a suspicious email. Some computer viruses target children: a child might download a virus disguised as a video game. It’s a good idea to monitor children’s time spent online, and to look into Parental Control options. Internet Fraud The Internet has made life easier in many ways, but unfortunately it has also made it easier for lawbreakers to commit fraud and identity theft. In general, it’s a good idea to remain cautious of unfamiliar websites and email addresses, and to never provide your personal information unless you know you can trust the website. Common types of Internet Fraud Phishing is a scam in which you receive a fraudulent email designed to steal your identity or personal information, such as credit card numbers, bank account numbers, debit card PINs, and passwords. A phishing email often asks you to click a link to verify this type of information, which can contain a computer virus. More information and examples of phishing scams can be found here. Legitimate companies, including Financial Plans & Strategies, will never ask for your password or account number via email. The email may even threaten to disable your account if you don't reply, but don't believe it. If you receive a phishing email, don’t click on any link in the email and do not reply to the email itself. 419 fraud or Nigerian email scam usually involves asking the victim to send a small up-front payment in exchange for a share of a large amount of money. The scam can also prey on the charitable-minded, by asking for money to help escape an unfortunate situation. If the victim makes the payment, the scammer either invents a series of further reasons for the victim to send money, or simply disappears. Financial/purchase-related fraud Internet auction fraud: This scheme involves the misrepresentation of a product advertised for sale on an Internet auction site or non-delivery of merchandise. Credit card fraud: Through the unauthorized use of a credit/debit card, or card number, scammers fraudulently obtain money or property. Investment fraud: This is an offer using false claims to solicit investments or loans, or providing for the purchase, use, or trade of forged or counterfeit securities. How to Avoid Becoming a Victim of Internet Fraud Know and trust the email sender or website. If the sender or website is unfamiliar, conduct research to find out whether it is legitimate. Beware of imposter emails: a scam artist can send you an email pretending to be a legitimate business or organization. For example, one email scam appeared to have been sent from the U.S. Post Office, but actually contained a link to a virus that would steal the victim’s personal information. Be cautious of unsolicited emails because they are often fraudulent. The safest approach when you receive an email from a questionable sender is to delete it. Don’t believe promises of easy money. Guard your personal information. Don’t provide your credit card or bank account number unless you are actually paying for something on a trusted website. Your social security number should not be necessary unless you are applying for credit. Be especially suspicious if someone claiming to be from a company with whom you have an account asks for information that the business already has. [Note: if you ever receive a call from the Financial Plans & Strategies office asking for your personal information, and you feel uncomfortable giving that information, take down the caller’s name and number. Then, call the office and ask for the person by name.] Credit cards are the safest way to pay for online purchases because you can dispute the charges if you never get the goods or services or the offer was misrepresented. Beware of “dangerous downloads.” Only download files from emails and websites you know and trust. For more information: https://www.usa.gov/online-safety Tax Filing Fraud Criminals are using information to file fraudulent tax returns using the social security numbers of others. Whether you owe money or not they will alter the return so that they receive a refund. There are ways to help prevent this: File Early – The criminals will file as soon as they possibly can so that they can get the return before you do. If you have been a victim of or are a potential victim of identity theft and would like the IRS to mark your account to identify questionable activity you can complete and submit the IRS Affidavit Form 14039. By filing this form with the IRS, your tax return will not be processed as quickly because your return will be marked and reviewed for anything suspicious. Even though you may have this affidavit on file, it is still highly recommended that you file early. If you find that you owe monies and do not want to pay early in the year, you can still file early and you have until April 15th to pay what you owe. For more information: http://www.irs.gov/uac/Taxpayer-Guide-to-Identity-Theft Password Protection One of the simplest and most assured ways of protecting your identity online is by using secure passwords for all of your accounts. Avoid simple or obvious password choices, such as: A single word Personal information (your name, birthday, Social Security number, or the names of pets or loved ones) Common sequences of numbers or letters (123456789 or abcdefghijk) There are several ways to add strength to your password’s security, which depend on the website’s requirements for passwords: Use special characters, such as $, #, @, !, and &. Use a mixture of upper case and lower case letters, as well as numbers. The longer the password, the better. Many websites are requiring longer passwords, and in fact, they might ask you to create a passphrase rather than a password Create different passwords for different accounts and applications. It’s also a good idea to change your passwords quarterly. One of the challenges of having a unique password for each online account is remembering what they are. It’s okay to write your passwords down, as long as you then keep the list in a securely locked place, not on a Post-It stuck to the monitor, under the keyboard, or inside the top drawer. Consider using a secure password manager. Many web browsers (including Firefox and Chrome) have a password manager already built in. If you think you have a password that is not strong, change it! If you aren’t sure, you can test out your password’s strength. Click here to test your passwords.