security — October 30, 2012

Don't Go On That Phishing Trip - You Might Get Hooked! Part 2

by Bob Williams

Part 2 - What To Do When You're Not You

identity protectionLast time, we hopefully alerted you to the dangers of identity theft. If we did our job, even your mailman is looking a tad suspicious to you right about now. OK, so maybe we don't have to go that far, but it is good to be cautious.

But what's all the ruckus about, anyway?

The operative word in the phrase "identity theft" is theft. The crooks who get hold of your Social Security Number or bank account number and password can do things like file a tax return (pretending to be you) and get your refund. If that happens, and you file later, you'll get a rejection from the IRS, saying your SSN has already been used on a return. These same cybercreeps can run up charges on your credit card accounts, tap into your bank accounts, and wreak havoc on your credit history.

The financial industry as a whole was sort of slow to come up with procedures to recover from identity theft, mainly because the offense was so hard to track down in the first place. But we can help with some general pointers on what to do if there's monkey business going on in your finances.

One place to start is online. The Federal Trade Commission has a couple of great publications dealing with identity theft. You can download them here or go to www.ftc.gov.

In general, be suspicious when confronted with the warning signs of identity theft: bills or statements for items you didn't order; late statements from your accounts; unknown transactions showing up on credit card statements; mistakes on the Explanation of Benefits from your health insurance plan; collection statements on your credit report; or a notice from the IRS that your Social Security Number has been used on a return -- and you haven't filed yet.

The Tax Man helpeth

If you suspect identity theft on a tax return, contact the IRS immediately. If you got a notice from the IRS, use the phone number on the letter, otherwise call 800-908-4490. You should also fill out the IRS Identity Theft Affidavit, Form 14039.

Once it's been confirmed that your identity has been compromised, start your defense by contacting one of the three major credit reports: Equifax (800-525-6285 or www.equifax.com); Experian (888-397-7289 or www.experian.com); or TransUnion (800-680-7289 or www.transunion.com). This can help mitigate any further damage to your credit score -- and your reputation.

A Phishing expedition...

Sometimes, instead of stealing your information outright, cybercrooks will attempt to fool you into giving it to them outright. It's done through fake emails, texts or even telephone calls that mimic legitimate communication from your bank or some other account. This is called phishing, but the only fish these hoaxes plan to hook is YOU. It's just another item in the identity theft toolbox.

The best tactic against identity theft, of course, is not to fall victim in the first place. The Internet Crime Complaint Center (also known as IC3), a joint venture of the FBI and the White Collar Crime Center, has some very helpful hints to help avoid identity theft:

  • Ensure that websites are secure before submittingyour credit card number (secure sites will show the image of a lock, or a green bar in the address window of your browser).
  • Do your homework to determine that the business or website is legitimate.
  • Attempt to find a physical address for the business, rather than a P.O. box or maildrop.
  • Never throw away credit card or bank statements in usable form. Shred when possible.
  • Be aware of missed bills, which could indicate that your account has been taken over.
  • Be wary of scams requiring you to provide personal information.
  • Never give your credit card number over the phone unless you make the call.
  • Monitor your credit statements monthly for any fraudulent activity.
  • Report unauthorized transactions to your bank or credit card company as soon as possible.
  • Review a copy of your credit report at least once a year.
  • Don't carry your Social Security card or any document with your SSN on it.
  • Use firewalls and anti-spam/anti-virus software on your personal computer and keep up to date with security patches. Changeyour Internet passwords from time to time.

We'll be honest: The sophistication of some of the identity theft attacks is considerable. But we can all add another layer of defense by following the tips from IC3 and the IRS. Oh, and one last hint. Remember that the IRS NEVER contacts taxpayers by email to request personal or financial information. That includes text messages and social media channels.

Stay safe, my friends.

Sign up for more of this.

Subscribe to our blog for year–round finance strategies and tax tips. We’re here to remove the dread from filing taxes.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Please complete the reCaptcha.

It’s not too good to be true. See what others are saying.