Brace yourself for some cold, hard, facts.
Cybercriminals will steal an estimated 33 billion records by 2023, according to Juniper Research, a firm that forecasts digital tech trends. Half of all data breaches globally will occur in the U.S. alone, Juniper says.
Joshua Lamont, 44, founder of JRL Strategies, a communications consultancy in Menlo Park, California, knows the crushing impact of cybertheft firsthand.
“In 2015, my Dad and I were traveling for Thanksgiving,” Lamont says. “That day, we woke up to find more than $25,000 in fraudulent charges on my credit cards, and cash had been stolen from my bank account.”
Lamont’s mom had recently passed away, and the bank surmises that someone got hold of her Social Security number ,and later his. Lamont thinks it’s because he was added to a joint account his father had once shared with his mother.
Over four weeks, thieves spent $13,000 from his personal and business accounts combined, $7,400 on his business credit card, and $5,800 out of the joint account shared with his father. Says Lamont: “They spent the money on an adult website with models who were tipped or given tokens paid for with my identity.”
“With data breaches occurring so frequently, much of your personal information has become available for sale on the Dark Web to identity thieves,” says Steven J. J. Weisman, a lawyer in Amherst, Massachusetts. “Being aware of this, the best place to find help is at the end of your own arm.”
Here are seven ways to protect your digital assets online.
Use strong, unique passwords
A common mistake that digital users make is using the same password for each account.
“Once a hacker figures out your easy password, then they can access all of your accounts,” says Mark Moss, a market analyst in California, who uses LastPass, a free web browser plug-in that creates and manages his passwords.
Moss, who is based in Orange County, California, advises creating passwords with at least eight characters, uppercase and lowercase letters, numbers, symbols, and special characters.
Enable two-factor authentication (2FA)
The username and password are easy bait for cybercriminals.
“Add another layer of security to an online investment portal by enabling 2FA in your account’s privacy or security settings,” says Frances Dewing, CEO of Rubica Inc., a cybersecurity solutions firm in Seattle. “A code is sent via a text or app to your smartphone, and anyone trying to gain access will need both your password and this code, which changes each time you log in .”
Freeze your credit
A security freeze prevents lenders from accessing your credit reports. “A fraudster trying to open an account in your name should be promptly rejected because the lender will be unable to verify the borrower’s creditworthiness,” explains Taylor Jessee, a CPA and CFP in Richmond, Virginia. “This is a highly effective precaution, and it’s free and easy to do.”
To place a security credit freeze on your files, contact Equifax, TransUnion, and Experian directly. If applying for new credit, the bureaus are legally required to “unfreeze” your credit, Jessee says.
Use biometrics to secure accounts
“Biometrics utilizes your unique physical or behavioral characteristics to grant access to your most secured files,” says Daniel R. Hill, President of D.R. Hill & Associates, an investment advisory in Richmond, Virginia. “I suggest clients use it for bank accounts, retirement portfolios, and credit cards to employ fingerprinting, vocal vibration, or retina scan to receive access to digital files.”
Understand your risk
Shortly after his 67th birthday, James Shambo of Colorado Springs, Colorado, received a letter congratulating him on initiating his Social Security benefits. Though he was a retired CPA, he opted to wait until age 70 to receive benefits. “Further digging uncovered that a thief had received $19,235 of my benefits,” says Shambo, now 68. “I was dumbfounded.”
Anyone age 62 to 70 who has yet to apply for benefits is at risk, particularly if your personal information was exposed in the July 2017 Equifax breach, advises Shambo.
Before the breach, he had frozen his credit files. However, the thief had Shambo’s benefits direct deposited into an account opened with a bank that does not perform credit checks before issuing prepaid Visa debit cards. Shambo contacted Social Security, and it froze further payments. He also filed a police report with a case number and had electronic access to his account blocked. Now, he will have to battle with Social Security, the IRS, and later Medicare to sort things out.
To protect themselves from identity theft, people should to check out the American Institute of CPA’s 360 Degrees of Financial Literacy site, says Jon Lynch, manager of public relations for the institute.
Seek out fraud protection
Ask each entity you have accounts with about extra security.
“Consumers can password-protect bank accounts so that an individual can’t go into a branch and conduct transactions without it,” says Eva Velasquez, President and CEO of Identity Theft Resource Center, a nonprofit that helps identity theft victims resolve cases for free. “The friction you experience when proactively protecting your accounts is significantly less than when you have to remediate an identity theft issue.”
Act to minimize losses
Lamont, the cybertheft victim from California, snapped into action once thieves gained access to his accounts.
“I switched banks and opened new accounts with extra measures, so I receive alerts for nearly every transaction,” he says. “I also worked with the Department of Veterans Affairs to get an independent fiduciary appointed to handle my Dad’s VA disability benefits.”
Next, he eliminated all credit cards. Now, he constantly changes passwords, uses two-party authenticators, and keeps two months’ rent, cash, and prepaid Visa cards on hand.
“We’ve recovered, but we’ve never been the same,” he says.