Today, we discuss:
– The widespread occurrences of personal information security breaches.
– Steps to help protect yourself and your family from scams and fraud.
It’s not our intent to worry you.
Still, it’s important to approach your online activities with a healthy dose of caution and skepticism, given the prevalence of personal data breaches.
A key threat is the combination of breaches, resulting in hackers piecing together personal data from multiple breaches, ultimately providing bad guys a fuller picture of an individual’s personal information.
ONE EXAMPLE: National Public Data (NPD) Breach
Earlier this year, NPD experienced a data breach that exposed the personal information of millions of people. NPD is a data broker company that performs employee background checks. Their primary service is collecting information from public data sources, including criminal records, addresses, and employment history, and offering that information for sale. (Source: Wikipedia)
According to cybercrime analytics company SpyCloud, there were nearly 2.7 billion leaked records during NPD’s breach, including 272 million U.S. social security numbers.
The exposed sensitive personal details included:
- Full Names
- Dates of Birth
- 420M Distinct Addresses
- 272M Distinct U.S. Social Security Numbers
- 161M+ Distinct Phone Numbers
12 Steps to Help Protect Yourself From Data Breaches
The widespread occurrence of data breaches underscores the need for online (and offline) vigilance.
Help protect your identity and personal information. Take the following 12 actions:
#1—Monitor your financial accounts regularly.
Check your bank and credit card statements for unusual activity.
#2—Use strong and unique passwords.
Avoid using the same password for multiple accounts.
#3—Enable third-party authentication.
Third-party authentication is a broad term encompassing any additional form of verification beyond your primary username and password.
For Example:
We recommend using two-factor authentication for all of your personal and financial accounts. This helps add a second layer of security to your online accounts by requiring a one-time verification code typically sent via text or email.*
You can also use a mobile app, such as Google Authenticator, which generates a unique code that’s refreshed every 30 seconds for each site or service you register with the app.
For clarity, primary authentication is typically your password and username. Secondary authentication (aka two-factor) can be a code sent to your phone, a biometric scan (fingerprint, facial or voice recognition) or a security token.
*Email accounts have been compromised during some data breaches. This can potentially expose your two-factor authentication codes if you’re using email as a verification method.
#4—Be cautious of phishing scams.
Scammers often pose as trusted individuals or organizations to trick you into revealing personal information. Never click on links or open attachments in unsolicited emails or texts.
In general, don’t click on links sent via email or text.
Instead, go directly to the website the communication is “claiming” to be from. There are exceptions. For example, you’re expecting an email or text with information you requested.
Keep in mind, scammers are experts at social engineering.
For example, they’re counting on you being distracted and, therefore, increasing the likelihood of you mistakenly clicking on a link leading to a malicious website (downloads malware that takes control of your computer).
#5—Order your (free) annual credit reports to monitor your credit.
For detailed directions, visit the Federal Trade Commission’s Free Credit Reports how-to page.
#6—Leverage a credit monitoring service and consider freezing your credit.
Here’s a detailed article explaining how to freeze your credit with all 3 bureaus, including how to unfreeze your credit.
#7—Keep antivirus and antimalware software updated.
Updated software has access to the latest threat definitions, allowing it to identify and neutralize new malware strains that scammers might use. These programs also help prevent ransomware attacks by blocking the malware that encrypts files and demands a ransom.
#8—Think twice before interacting with unsolicited requests through email, text or calls.
Scammers often try tricking you into sending or receiving money. Always verify the identity of unexpected contacts.
Be skeptical. If it’s too good to be true, it likely is.
Also, large companies rarely contact you unexpectedly to inform you of a problem. Be wary of unsolicited calls, especially those claiming to be from tech companies or delivery services offering to fix issues or redeliver packages for a fee.
What’s more, scammers often spoof caller ID to appear legitimate.
#9—Recognize undue pressure.
If you feel pressured during a financial transaction, it’s likely a scam. Scammers use urgency to trick you. Generally, most financial transactions don’t require immediate action.
#10—Watch out for scams on the rise!
According to the Federal Trade Commission, several scams are on the rise, including solar energy scams, artificial intelligence (AI) scams, missing jury duty scams and more.
#11—Talk to family members about their security.
Scammers often target aging parents, making them especially vulnerable. Talk to your parents about the latest scams and encourage them to be alert of any unusual activity or requests.
Remember, government agencies will never call you and ask for money. Nor will they threaten you over the phone or through email with an arrest, legal action or loss of benefits. If this happens, hang up. Then call the agency’s official number located on their website to confirm if they contacted you.
#12—Establish a family safe word.
Given artificial intelligence (AI) and deepfakes, a family safe word can serve as a simple way to verify the identity of a caller, especially when dealing with unexpected or urgent situations.
AI models can be trained on a relatively small amount of audio data to accurately mimic a person’s voice. (Avoid saying the word “yes” with an unexpected caller, since it can be recorded and used against you.)
In general, if a loved one calls you asking for something out of the ordinary, prompt them for your family safe word.
Choose a safe word that’s memorable, unique and not easily guessed. Keep it short and simple and be sure to practice it regularly. Consider having a backup safe word in case you feel the primary one is compromised.
If something feels “off” then it’s likely a scam.
Security: Your Personal Financial Accounts
Finally, to enhance your security, we may ask you to update or provide additional security questions (aka challenge questions) during an upcoming meeting. It’s a practice known as knowledge-based authentication. These questions are another layer to help verify your identity and ensure the safety of your accounts.
–David Bunker, Financial Advisor & Licensed Fiduciary
Related: In addition to protecting your personal information, consider these essential financial planning questions to help strengthen your financial situation.
Before You Go
Get help optimizing your retirement income. Download our FREE “Prolonging Retirement Income” checklist.
Also, receive help retiring to the life you want, schedule a complimentary financial planning consultation.