Recent high-profile government data breaches add to the long list of cyber attacks putting consumers' information at risk. Given the scale of such attacks, "you have to assume we're all going to be victims at some point," says Neal O'Farrell, security and identity theft expert at Credit Sesame, a consumer credit advice Web site. "The focus has to be on detecting it early and minimizing the damage."
Both the IRS and the U.S. Office of Personnel Management announced in recent weeks that they have been targeted by cyber crooks. The IRS said in late May that hackers had gained unauthorized access to information on roughly 100,000 taxpayers. And OPM said in early June that personal information of about 4 million current and former government employees may have been stolen. These attacks come on the heels of other large-scale data breaches in the private sector, such as at health insurer Anthem.
While consumers can't prevent data breaches, they can wrap some barbed wire around their personal information. Your first step: Change your passwords often, and make them complex. Services such as 1Password (www.agilebits.com) and Dashlane (www.dashlane.com) can help you generate strong passwords and change them quickly.
Sign up for Kiplinger’s Free E-Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
If you don't want to use one of these password managers, O'Farrell suggests this trick: Think of a sentence about a memorable past event and pull out the first letter of each word, maintaining the upper and lower cases, and all the numbers. "I graduated from Springfield High School in May 1964," for example, would give you the password IgfSHSiM1964.
Next, ask your bank, credit card issuer and other organizations you deal with online whether they offer "multifactor authentication" -- a security system that requires multiple steps. After you enter your password, for example, a bank could send a text to your smartphone with a code that lets you access your account. That way, even if a cyber thief gets your password, he still will not be able to access your account because he won't have your phone. Besides big financial institutions, e-mail providers such as Google's Gmail and social media sites such as Facebook offer this security.
Keep a Close Eye on Your Accounts
Monitor your credit report and all accounts closely. Request a free credit report at www.annualcreditreport.com. Services such as BillGuard (www.billguard.com) and Mint (www.mint.com) can help you monitor transactions across all your accounts. "Don't ignore small transactions you don't remember," says Becky Frost, senior manager of consumer education at credit reporting company Experian. Often, she says, a thief will make a small transaction to be sure an account is open before going further. "If it's something you don't recognize, alert your bank immediately," she says.
Don't rely on your bank to flag suspicious activity. Generally, "bank systems are set up to detect out-of-pattern spending," such as an Iowa resident making transactions in France, says Adam Levin, chairman of IDT911, which helps businesses prevent data breaches. But thieves can pair stolen account information with zip codes, so "as long as purchases are in the realm of what you normally do, banks may not pick it up,"
he says. "Look at your accounts on a daily basis."
Be stingy with the information you share online, over the phone or in person. Doctor's offices, sports clubs and other organizations may ask for your Social Security number as a simple way of identifying you, but in many cases, they really don't need this information, Frost says. Ask if they can use another identifier.
Online, "it's completely fine to post pictures of your cat" on social media sites, Frost says. "But make sure 'Fluffy' isn't the security question that unlocks your account." When using e-mail, don't click on links or call phone numbers contained in messages purporting to be from your bank or credit card company. Look at the back of your debit or credit card to find the phone number you should call.
-
Is ESPN’s New Streaming Service Worth It?ESPN will release its standalone streaming service this fall for $29.99 per month for one year. Is it worth the cost? We'll break it down.
-
Why Shark Tank’s Barbara Corcoran Is Selling Her $12 Million NYC Dream HomeReal estate mogul Barbara Corcoran is trading her luxurious NYC penthouse for a more age-friendly space that will fit her future lifestyle — here’s what to consider when planning for the long term.
-
How to Guard Against Identity Theft in 2025Scammers are getting better at impersonating legitimate businesses.
-
Roth IRA Contribution Limits for 2025Roth IRAs Roth IRA contribution limits have gone up. Here's what you need to know.
-
Four Tips for Renting Out Your Home on Airbnbreal estate Here's what you should know before listing your home on Airbnb.
-
Five Ways to a Cheap Last-Minute VacationTravel It is possible to pull off a cheap last-minute vacation. Here are some tips to make it happen.
-
Social Media Scams Cost Consumers $2.7B, Study ShowsScams related to online shopping, investment schemes and romance top the FTC's social media list this year.
-
How to Figure Out How Much Life Insurance You Needinsurance Instead of relying on rules of thumb, you’re better off taking a systematic approach to figuring your life insurance needs.
-
Amazon Big Deal Days Is Coming! We’ve Got All the DetailsAmazon Prime To kick off the holiday season with a bang, Amazon Big Deal Days runs Tuesday, October 8 and Wednesday, October 9.
-
How to Shop for Life Insurance in 3 Easy Stepsinsurance Shopping for life insurance? You may be able to estimate how much you need online, but that's just the start of your search.
