Cyber Security Awareness Month is now over, and I haven't finished covering the ID Fraud topic I started at the beginning of Oct. I did get distracted on some other issues. Besides, we can't confine our celebrating to only one month!
I covered the basics of ID Fraud in these posts. But if you have been a victim, and particularly if you recently discovered you are victim, you need to take action... and time matters.
Here are the four key things you need to do, right now, if you have recently been the victim of ID Fraud in the US:
- Contact one of the three major Credit Bureaus (we'll leave a discussion of the "4th credit bureau" for another time).
- Close the suspect accounts.
- File a police report.
- File a report with the FTC by phone and in writing.
One additional thing you must do throughout this process is to keep a record of everything you do. This includes: noting date/time of phone calls; copies of letters; printout any web forms, and; keep a chronological log of your overall progress.
The FTC website has the specifics here.
Contact one of the Credit Bureaus and put a fraud alert on your account.
This is the first thing to do. You can put what is called an initial fraud alert on your credit record. This initial alert will last 90 days. It should not cost anything to place this alert. The bureau you call should contact the other two credit bureaus, but it doesn't hurt to verify this with them.
The fraud alert basically requires extra effort to authenticate any requests for new credit. This typically means that the credit issuer needs to contact you before issuing credit. This should make it tougher for a fraudster to open credit in your name. That's good! The downside is that it also might make it more difficult for you to open new credit.
After the initial 90 day period, you can renew the alert each 90 days. This may cost a nominal fee depending upon what state you live in (US).
(we'll talk about other measures like credit monitoring services in a future post)
Close the affected accounts.
Contact the credit issuer and close any accounts you know were affected. If your purse or wallet was stolen, then close all the accounts for the cards you were carrying.
If you're not sure if a particular account was affected, you're probably best off closing it as well.
File a police report.
Contact your local police and file a report. Except in rare cases where there was additional theft (for example, if your identifying documents and credit cards were stolen as part of a home break-in), the police will not actually take any action. You're not contacting the police so they will investigate the problem. You are establishing documentation and proof of the event. In the future, you may need to prove that you took action and when you took action. The police report accomplishes this. Get a copy of that report.
File a complaint with the FTC (US Federal Trade Commission).
Again, this is part of establishing your documentation trail. The FTC has a great website for information that I'll link below. The specific instructions for filing the FTC complaint is here. Note that they suggest filing with the FTC before filing the police report. That is not critical, and you need to do both. You can complete the FTC form online so that might be easier and it's available 24x7.
Those are the first steps to take. But there are more. Here are a few more steps to take:
Who else to notify?
You may want to notify your other banks and creditors both to find out if there has been any unusual activity (banks and card issuers are usually pretty good at finding anomalous activity before you do) and so they can flag your accounts. Consider notifying anyone who bills you monthly for services including utilities and insurance providers.
If you think your US social security number has been compromised, you should contact the Social Security Administration.
You can notify your state driver and vehicle services department in case someone tries to get a driver's license in your name.
Online defense.
If this problem started online, perhaps through an information breach, you should change your passwords and consider using multi-factor authentication as I've covered in the past.
There are more complete details on these steps on the FTC website here.
Even under the best of circumstances, the process of reporting, documenting and repairing ID Fraud is a major pain. In our next installment I'll talk about things you can do to help prevent you from becoming a victim, or in those circumstances where this is out of your control, how to increase the odds of early detection and minimize the impact.
Have you had experience with any of the steps I list above? Do you have any advice on additional steps to take?
No comments:
Post a Comment