Our featured monthly article, Guarding Against Identity Theft, is a departure from the typical financial articles presented in this newsletter, however due to increased usage of accessing financial information online over the past decade or so, these two areas have become inextricable intertwined. As evidenced by my company’s recent mandatory audit, which included a four page questionnaire on cyber and computer security protocol alone. It is required that the best tools be in place to protect client’s personal and financial data. The review ranged from password protocol, to two-factor authentication, to hardware encryption, email encryption and VPN (Virtual Private Network) usage. I can affirm that the most up to date protocols are in place. Information security is vital to the viability of my business. So much information is being shared, uploaded, and transacted online that continuous diligence is being applied to safeguard your personal data.
Ironically, like mentioned in the the section of the article Don’t Talk to Strangers, as I was writing this column, my cell phone rang with the caller ID “Scam Likely”. Sure enough it was an automated voice from the “IRS” stating there is a pressing matter and if I do not call them back within 24 hours I would be apprehended. The IRS doesn’t call people looking for them. They already know where we all are, which is why they mail letters. They also do not email anyone. So, if you receive a call like this, do not call the number they state in the automated message. Hang up and attempt a caller block on your phone for that number. If you receive an email from them with an attachment, don’t open it and delete it immediately.
Also, the article and I mention the term VPN or Virtual Private Network. This type of service helps hide and encrypt your online activity. It can mask your ISP (Internet Service Provider) address making it look like you are somewhere else while encrypting the information that is traveling through the connection. I found a user friendly VPN called Private Internet Access that I use on all of my computers and devices. It is rather inexpensive and doesn’t interrupt browsing activity. The link to the service is https://www.privateinternetaccess.com and their introduction video is posted below.
Additionally, I wanted to share a personal story of identity theft. I periodically login to my personal credit card through the bank’s app installed on my phone to make sure that only legitimate charges appear. When the information appeared, my eye brows arched up, I mean way up! Someone must have spoofed my credit card either through an RFID capture or with some other technique because I was in possession of the physical card. There were thousands of dollars of charges on my credit card that were fraudulent. Bus tickets, pizza delivery in Washington DC, grocery deliveries to a home in California and VENMO payments (a personal payment app). I immediately called the credit card company to flag the transactions as fraudulent. After a few curious questions from the fraud department, specifically asking about the grocery and GrubHub deliveries to my home in California (we live in Philadelphia), they locked the card and began the refund process. It was a bit of a nerve racking experience, however the bank was quick to resolve the charges and reissue a new card. If you find yourself in a similar predicament, click on this link in order to formulate a plan of action https://www.idtheftcenter.org/. I located this resource on the FBI’s identity theft page.
Take steps so criminals won’t take vital information from you.
America is enduring a data breach epidemic. The latest annual study of the problem from Javelin Strategy & Research, a leading financial analytics research firm, says that 16.7 million people across the nation were impacted by I.D. theft in 2017 – an all-time high.1
The problem is getting worse – much worse. Last year, 30% of U.S. consumers were alerted about data breaches by firms holding their personal information. In 2016, just 12% of consumers were so affected. 1
Social Security numbers were compromised in 35% of I.D. crimes last year; credit card numbers, in 30% of breaches. Account takeovers tripled in 2017. About 1 million smartphone and computer users had phony intermediary accounts established for them at Amazon, PayPal, and other commerce websites. 1
Tax time is prime time for identity thieves. They would love to get their hands on your 1040 form, and they would also love to claim a phony refund using your personal information. In 2016, the I.R.S. had spotted 1 million bogus returns; in 2017, the number dropped to 900,000. This spring, initial data suggested even fewer cases of fraud would be identified, but the numbers are still too large. 2
E-filing of tax returns is smart; just make sure you use a secure Internet connection. When you e-file, you aren’t putting your Social Security number, address, and income information through the mail. You aren’t leaving Form 1040 on your desk at home (or work) while you get up and get some coffee or go out for a walk. If somehow you just can’t bring yourself to e-file, then think about sending your returns via Certified Mail. Those rough drafts of your returns where you ran the numbers and checked your work? Shred them.
The I.R.S. doesn’t use unsolicited emails to request information from taxpayers. If you get an email claiming to be from the I.R.S. asking for your personal or financial information, report it to your email provider as spam. 3
Use secure Wi-Fi. Avoid “coffee housing” your personal information away – never risk disclosing financial information over a public Wi-Fi network. (Broadband is susceptible, too.) It takes little sophistication to do this – just a little freeware.
Sure, a public Wi-Fi network at an airport or coffee house is password-protected – but if the password is posted on a wall or readily disclosed, how protected is it? A favorite hacker trick is to sit idly at a coffee house, library, or airport and set up a Wi-Fi hotspot with a name similar to the legitimate one. Inevitably, people will fall for the ruse, log on, and get hacked.
Look for the “https” & the padlock icon when you visit a website. Not just http, https. When you see that added “s” at the start of the website address, you are looking at a website with active SSL encryption, and you want that. A padlock icon in the address bar confirms an active SSL connection. For really solid security when you browse, you could opt for a VPN (virtual private network) service which encrypts 100% of your browsing traffic. 4,5
Check your credit report. Remember, you are entitled to one free credit report per year from each of the big three agencies: Experian, TransUnion, and Equifax. Historically, asking these bureaus to freeze your credit file in case of suspicious activity has cost a fee. Beginning in fall 2018, you will be able to request a freeze from all three at no charge, thanks to a change in federal law. 6
Don’t talk to strangers (Electronically). Broadly speaking, that is very good advice in this era of identity theft. If you get a call or email from someone you don’t recognize – it could tell you that you’ve won a prize; it could claim to be someone from the county clerk’s office, a pension fund, or a public utility – be skeptical. Financially, you could be doing yourself a great favor.
This material was prepared by MarketingPro, Inc., and does not necessarily represent the views of the presenting party, nor their affiliates. All information is believed to be from reliable sources; however we make no representation as to its completeness or accuracy. Please note – investing involves risk, and past performance is no guarantee of future results. The publisher is not engaged in rendering legal, accounting or other professional services. If assistance is needed, the reader is advised to engage the services of a competent professional. This information should not be construed as investment, tax or legal advice and may not be relied on for the purpose of avoiding any Federal tax penalty. This is neither a solicitation nor recommendation to purchase or sell any investment or insurance product or service, and should not be relied upon as such. All indices are unmanaged and are not illustrative of any particular investment.
1 – cbsnews.com/news/identity-theft-hits-record-high/ [2/6/18]
2 – nextgov.com/cybersecurity/2018/04/irs-stopping-fewer-fraudulent-returns-and-s-good-thing/147305/ [4/9/18]
3 – forbes.com/sites/kellyphillipserb/2018/03/22/irs-warns-on-dirty-dozen-tax-scams/ [3/22/18]
4 – nytimes.com/2018/05/04/technology/personaltech/staying-safer-on-public-networks.html [5/4/18]
5 – cntraveler.com/story/how-to-keep-your-data-safe-while-traveling [6/7/18]
6 – nbcnews.com/business/consumer/credit-freezes-will-soon-be-free-everyone-n883146 [6/14/18]