How does that information get collected in the first place? We share personal information with companies for multiple reasons simply by going about our day—to pay for takeout at our favorite restaurant, to check into a hotel, or to collect rewards at the local coffee shop. Of course, we use our credit and debit cards too, sometimes as part of an online account that tracks our purchase history. 

In other words, we leave trails of data practically wherever we go these days, and that data is of high value to hackers. Thus, all those breaches we read about. 

Data breaches are a (sad) fact of life 

Whether it’s a major breach that exposes millions of records or one of many other smaller-scale breaches like the thousands that have struck healthcare providers, each one serves as a reminder that data breaches happen regularly and that we could find ourselves affected. Depending on the breach and the kind of information you’ve shared with the business or organization in question, information stolen in a breach could include: 

Usernames and passwords 
Email addresses 
Phone numbers and home addresses 
Contact information for friends and family members 
Birthdays and Driver’s license numbers 
Credit and debit card numbers or bank account details 
Purchase history and account activity 
Social security numbers 

What do crooks do with that data? Several things. Apart from using it themselves, they may sell that data to other criminals. Either way, this can lead to illicit use of credit and debit cards, draining of bank accounts, claiming tax refunds or medical expenses in the names of the victims, or, in extreme cases, assuming the identity of others altogether.  

Examples of data breaches over the recent years 

In all, data is a kind of currency in of itself because it has the potential to unlock several aspects of victim’s life, each with its own monetary value. It’s no wonder that big breaches like these have made the news over the years, with some of the notables including: 

Facebook – 2019: Two sets of data exposed the records of more than 530 million users, including phone numbers, account names, and Facebook IDs. 

Marriott International (Starwood) – 2018: Half a million guests had names, email and physical mailing addresses, phone numbers, passport numbers, Starwood Preferred Guest account information, dates of birth, and other information about their stays exposed. 

Equifax – 2017: Some 147 million records that included names, addresses, dates of birth, driver’s license numbers, and Social Security Numbers were exposed, along with a relatively small subset of 200,000 victims having their credit card information exposed as well. 

As mentioned, these are big breaches with big companies that we likely more than recognize. Yet smaller and mid-sized businesses are targets as well, with some 43% of data breaches involving companies of that size. Likewise, restaurants and retailers have seen their Point-of-Sale (POS) terminals compromised, right on down to neighborhood restaurants. 

Staying secure in light of data breaches 

When a company experiences a data breach, customers need to realize that this could impact their online safety. If your favorite coffee shop’s customer database gets leaked, there’s a chance that your personal or financial information was exposed. However, this doesn’t mean that your online safety is doomed. If you think you were affected by a breach, there are multiple steps you can take to help protect yourself from the potential side effects.  

1. Keep an eye on your bank and credit card accounts 

One of the most effective ways to determine whether someone is fraudulently using one or more of your accounts is to check your statements. If you see any charges that you did not make, report them to your bank or credit card company immediately. They have processes in place to handle fraud. While you’re with them, see if they offer alerts for strange purchases, transactions, or withdrawals. 

2. If you’re a victim, report it to local authorities and to the FTC for assistance.  

File a police report and a Federal Trade Commission (FTC) Identity Theft Report. This will help in case someone uses your Social Security number to commit fraud, since it will provide a legal record of the theft. The FTC can also assist by guiding you through the identity theft recovery process as well. Their site offers a step-by-step recovery plan that you can follow and track your progress as you go. 

3. Place a fraud alert 

If you suspect that your data might have been compromised, place a fraud alert on your credit. This not only ensures that any new or recent requests undergo scrutiny, but also allows you to have extra copies of your credit report so you can check for suspicious activity. You can place one fraud alert with any of the three major credit reporting agencies (Equifax, Experian, TransUnion) and they will notify the other two. A fraud alert typically lasts for a year, although there are options for extending it as well. 

4. Look into freezing your credit if needed 

Freezing your credit will make it highly difficult for criminals to take out loans or open new accounts in your name, as a freeze halts all requests to pull your credit—even legitimate ones. In this way, it’s a far stronger measure than placing a fraud alert. Note that if you plan to take out a loan, open a new credit card, or other activity that will prompt a credit report, you’ll need to take extra steps to see that through while the freeze is in place. (The organization you’re working with can assist with the specifics.) Unlike the fraud alert, you’ll need to contact each major credit reporting agency to put one in place. Also, a freeze lasts as long as you have it in place. You’ll have to remove it yourself, again with each agency. 

5. Update your passwords 

Ensure that your passwords are strong and unique. Many people utilize the same password or variations of it across all their accounts. Therefore, be sure to diversify your passcodes to ensure hackers cannot obtain access to all your accounts at once, should one password be compromised. You can also employ a password manager to keep track of your credentials, such as one you’ll find in comprehensive online protection software. 

6. Consider using identity theft protection 

A solution such as this will help you to monitor your accounts and alert you of any suspicious activity. Specifically, our own Identity Protection Service will monitor several types of personally identifiable information, alert you of potentially stolen personal info, and offer guided help to neutralize the threat. Also, it can help you steer clear of some types of theft with preventative guidance that can help keep theft from happening in the first place. With this set up on your computers and smartphone you can stay in the know and address issues immediately. 

7. Use online protection software, and expand your security toolbox 

To use your credit card safely online to make purchases, add both a VPN and password manager into your toolbox of security solutions. A VPN keeps your shopping experience private, while a password manager helps you keep track of and protect all your online accounts. Again, you’ll find a VPN as part of comprehensive online protection software. 

The post How to protect yourself from identity theft after a data breach appeared first on McAfee Blogs.

Read More

We’re online more than ever, in large part because it allows us to take advantage of online conveniences like bill pay and booking appointments. But these many benefits might also leave us exposed to risks, like identity theft.

Identity theft is characterized by one person using another’s personal or financial data for their benefit. Cybercriminals may take information like a person’s name, birthday, Social Security number, driver’s license number, home address, and bank account information and use it for their benefit. A name and matching financial information, for instance, can be used to apply for credit cards or open new accounts.

The good news is that you can safeguard yourself and your family with some best practices — allowing you to enjoy your best life online and worry less about cybercriminals. Share these 10 tips with your family to help keep your entire household safe.

Password-protect your devices with strong passwords

A good habit to get into is to password-protect your computer, tablet, and mobile devices through unique, strong passwords. These devices are home to some of your most sensitive information, including everything from emails to apps that connect to your bank accounts. So, if these devices fall into the wrong hands, a password makes it harder to access your personal data.

Take some time to come up with your passwords, though. It’s important to create strong passwords that hackers can’t guess. A strong password will include a mix of symbols, numbers, and letters. Steer clear of simple passwords like “123456” (it might seem obvious, but this is one of the most common passwords people use). Also, avoid including information that other people can guess, like your birthdate, home address, or name.

Don’t forget to use different passwords for different accounts. If you use the same password across multiple accounts, and a fraudster gains access to one account, they may access the others. Fortunately, McAfee’s identity protection services include a password manager, which can help secure your account credentials across multiple devices. This tool encrypts passwords, storing them safely and making it easy to keep track of them.

Learn how to identify and avoid phishing scams

Identity thieves are skilled at leveraging new technologies. Phishing is one great example of this. Phishing involves criminals masquerading as trustworthy entities, such as government agencies or banks, and using this trusted position to get sensitive information. Phishing scams started with traditional mail. They’re now also done via phone, text, and email.

As a general rule of thumb, never give out any personal information when contacted by a business, bank, or another entity. Also, make sure your email spam filters detect phishing attempts. Never open emails from people you don’t know, and don’t download email attachments without knowing what they are. Some phishing emails include malware, which can infiltrate your device and access personal data. A McAfee Total Protection plan is an all-in-one protection solution that can help you detect and avoid malware.

Fraudulent websites may also use phishing techniques. A website may look similar to the legitimate website of a mortgage lender, bank, or credit card company but might be a fraudulent platform seeking to get information from consumers. Always verify that any website you visit is the legitimate website of the institution, and consider McAfee antivirus software, which offers a safe browsing solution.

Set up alerts through your bank

When financial identity theft occurs, this can also impact financial institutions like banks and lenders. So, they’re eager to prevent fraud, as well. One way they do this is through fraud alerts. You can set up your online banking to issue fraud alerts — for example, via an email, text message, or phone call — if your bank suspects suspicious activity on your account.

In some cases, a bank will also freeze your account until you verify whether the activity is legitimate. This is a common tactic used to protect against credit card fraud. Geo-control is one example: If you live in the U.S., but a German IP address uses your credit card, your credit card provider will likely issue an alert. You can also set up alerts for certain transaction amounts or types.

Review your credit report regularly

Your credit report is one of the most powerful tools you have at your disposal for catching identity thieves and stopping them in their tracks. You’re entitled to a free credit report every 12 months via AnnualCreditReport.com, an initiative of the Federal Trade Commission (FTC). You can get a free copy of your report from each major credit bureau: Experian, Equifax, and TransUnion.

Review your report thoroughly, checking for inaccuracies. When credit monitoring, check your:

Personal information: Verify that your name, address, phone number, birthdate, Social Security number, and employment details are correct.
Accounts: Confirm that all accounts listed are yours and current. Keep an eye out for unrecognized credit cards, utility accounts, phone accounts, or streaming accounts.
Public records: Check for foreclosures, civil suits, liens, or bankruptcies. If these issues are on your credit report and you don’t recognize them, you might be affected by identity fraud.

If you find any discrepancies, contact the appropriate credit reporting company. You should also contact the relevant financial institution and visit IdentityTheft.gov. You can report the suspected identity theft and find resources to help you recover.

Be mindful of what you share on social media

Social media is great for connecting with others online, but it does open the door to some vulnerabilities. Be careful about what you post, and steer clear of sharing personal details like your home address, children’s names, pet’s names, or birthdays, which some people use as passwords. If a social media platform offers two-factor authentication, opt in.

Images are another touchy subject. Never post photos that include private data, like a picture of your passport or vaccine card. Consider what’s in the background of any photos — from your home (with a house number) to mail with your address. Finally, you may want to set your visibility to private on all social media accounts, limiting who can view them. And even if your account is private, you should still follow the above tips.

Shred sensitive documents

Some identity thieves get people’s personal information by dumpster diving. One solution? Invest in a paper shredder. You’ll be able to shred documents into tiny bits that are hard to piece together, making it that much harder for someone else to piece together any personal information they contain.

Here are some documents worth shredding:

Debit card statements, credit card statements, and bank statements that contain personal financial information
Invoices or receipts containing details like financial account numbers
Documents containing your Social Security number, like pay stubs and work contracts
Junk mail with contact information, like your name and address
Old photos and IDs, which people can use to create fake IDs
Shipping labels, like those you might get from online retailers to make returns
Medical records or receipts, which may contain insurance information
Canceled checks

If you’re not sure whether something needs to be shredded, go ahead and destroy it. It only takes seconds, and you’re better off safe than sorry.

Protect all of your devices with antivirus software

Whether you use a computer, tablet, or mobile device for many of your online activities, like paying bills, these devices contain a lot of personal data. So, it’s good to protect them from hackers. ​​Install antivirus software like McAfee’s to protect against viruses and spyware. It would be best if you also had a firewall, which is a network security system that controls the incoming and outgoing network traffic based on set security parameters.

To take your device security a step further, you may also want to invest in a virtual private network (VPN). This helps hide your online activity. It can safeguard against hackers on public networks but is also worth using at home. It hides details like browsing activity, personal data, and IP address from potential snoops. McAfee also offers VPN services.

Keep personal documents in a safe space

While your computer, tablet, or mobile device may hold a great deal of personal data, you likely also have hard copies of sensitive documents worth protecting. Documents like your birth certificate, Social Security card, and passport contain valuable information that identity thieves can use for personal gain, so you want to make sure they’re kept in a safe space.

Don’t simply shove these documents into your desk drawer. It’s best to keep them in a locked, fireproof home safe with a secure code. To keep things organized, put each document in a protective plastic sleeve and put the sleeves in a binder. This can be useful if you have a large family and need to keep track of everyone’s data.

Follow the news to learn about data breaches

Sophisticated hackers don’t just target individuals. They may also try to infiltrate businesses, government agencies, higher education institutions, health care facilities, and any other organization that gathers sensitive consumer information. If an entity is subject to a data breach, they’re legally required to notify any consumers who may have been impacted.

However, it’s still good to inform yourself about potential breaches that may affect you. Larger-scale data security risks are usually reported in the media. We also post about data breaches on the McAfee blog. If an entity you do business with has been affected, change your passwords and the passwords of any related accounts immediately.

Know the warning signs of identity theft

Knowing possible signs of identity theft can help you catch it early so that you can continue to enjoy your time online. Educate yourself and your family about these warning signs, ensuring everybody stays safe. Here are some possible indications identity thieves have targeted you:

You receive phone calls from debt collectors about accounts you aren’t familiar with. Don’t provide personal information over the phone immediately. Check your credit report to get the details about the debts in question.
Your credit score experiences unexplained changes. Get a copy of your credit report from the major credit reporting agencies to find out why.
Your bank accounts or credit cards have unknown charges you (and your family) can’t account for. Contact your financial institution to report the suspected fraud, providing relevant documentation to back up your claims. You can also report fraud to your local government.
You receive a fraud alert from your financial institution. Check any activity deemed potentially fraudulent as soon as possible.
You get mail addressed to another person’s name. This could include medical bills, W-2 forms related to unfamiliar employers, or credit card bills, for example. Follow up with the relevant institution.
You experience problems with your tax return For example, the Internal Revenue Service (IRS) may reject your filing if someone else has already filed in your name (to get your tax refund). Contact the IRS fraud department.

You’re only a step away from better protection

The internet keeps all of us connected, but that’s why identity theft protection is important. With people increasingly connected, doing more, and sharing more online, cybercriminals can pinpoint weaknesses and take advantage. Hackers are ready to leverage your information for personal gain, and identity theft is no exception.

McAfee is here to help. McAfee’s identity protection services provide 24/7 monitoring of your email addresses and bank accounts, providing up to $1 million worth of ID theft coverage. You deserve to enjoy the comfort offered by the internet without stressing about identity theft. Implement the best practices above in your household so that you and your loved ones can stay connected with confidence.

The post 10 Ways to Protect Your Identity appeared first on McAfee Blogs.

Read More

The internet provides plenty of fun and exciting opportunities for you and your family, from sharing on social media to online shopping. To help you enjoy every minute of it, though, it’s good to be aware of what less savory characters are up to.

And they sure have been busy. In fact, the U.S. Federal Trade Commission (FTC) received 2.1 million fraud reports in 2020. What is identity theft? Well, it’s the fraudulent use of another individual’s name and details for personal gain.

Those affected by identity fraud may see a dip in their finances and credit scores. They may also deal with anxiety around financial security going forward. However, while it’s important to be aware of the threat of identity theft, this shouldn’t be cause for alarm. There are plenty of tools and techniques that can help protect you and your family so you can continue to enjoy everything modern technology has to offer.

The first step in protecting yourself? Educate yourself. Understanding the different types of identity theft can help you safeguard yourself and your loved ones so that you can continue all your favorite online activities. Here we’ll define and explore the different types of identity theft to watch out for.

What is identity theft?

We’ve all probably heard of identity theft, but what is it? Identity theft is when someone uses another person’s financial or personal data, usually for monetary gain. This means a fraudster may take sensitive information like names, birthdates, Social Security numbers, driver’s license details, addresses, and bank account numbers or credit card numbers. They might then use this information to make purchases, open credit cards, and even use health insurance to get medical care.

5 types of identity theft

A little knowledge can go a long way in stopping cybercriminals in their tracks — especially since they’re becoming more sophisticated and coming up with new schemes every day.

Here are five common types of identity theft to help you stay one step ahead of hackers.

Financial identity theft

Financial identity theft is when one person uses another’s personal data for financial benefit. This is the most common form of identity theft (including the credit card example described above). Financial identity theft can take multiple forms, including:

Fraudsters may use your credit card information to buy things. We all love to shop online — even criminals. Unfortunately, this issue has become especially prevalent thanks to online shopping during the COVID-19 pandemic.
Hackers may steal funds from your bank account. Sometimes, the amount might be so small that it seems inconsequential, totaling just a few dollars. However, criminals can rack up millions in damages if they target enough people in this way.
Criminals may open new accounts using your Social Security number and other data. For example, a person may use your data to open a new line of credit. They then run through the credit line, leaving you to foot the bill.

The good news is that it’s easy to protect yourself against financial identity theft by checking your bank accounts, credit card statements, and bills. If you see an unexplained charge, contact your credit card company or bank immediately to report it. Also, check your credit report for changes in your score. An unexplained decrease in your score could mean fraudulent activity. You can do this through AnnualCreditReport.com, where you can get a free credit report every 12 months from each of the three major credit bureaus.

Another idea is to place a one-year fraud alert on your credit reports to keep people from opening new accounts in your name. This encourages creditors and lenders to take extra precautions to verify your identity before granting any loans or credit increases. You can also place a security freeze on your credit report, which blocks others from accessing it to extend credit.

Medical identity theft

This might not seem like a real form of identity theft, but it happens. Medical identity theft is when a criminal poses as another person to obtain health care services. In fact, fraudsters may use your name and insurance information to:

Get prescriptions for drugs.
Access medical services, from checkups to costly surgeries.
Obtain medical devices and supplies, such as wheelchairs or hearing aids.

This can result in you having bills for prescriptions, services, or devices you didn’t need, ask for, or even receive. Your health care and insurance records may even have these things added to them. An inaccurate medical record can make it harder for you to get the care you need in the future and even impact insurance coverage.

Fortunately, you can help minimize the risk of medical identity theft by regularly reviewing your medical claims. Contact your insurer if you see unfamiliar procedures, prescriptions, or services. You’ll also want to let your health care provider know so that they can ensure your medical files are correct. Finally, consider filing a complaint with the U.S. Department of Health and Human Services (HHS).

Criminal identity theft

Criminal identity theft occurs when a person arrested by law enforcement uses someone else’s name instead of providing theirs. They might be able to pass this off by creating a fake ID or using a stolen ID, like your driver’s license, to show to the police. This type of fraud can be difficult to detect until the consequences are evident, like:

You receive a court summons. For example, the courts may issue a summons if a criminal uses your ID for unpaid parking tickets.
A bench warrant is issued for your arrest. Unresolved problems like unpaid parking tickets can also result in a judge issuing a bench warrant. You may then be taken into custody at any time, even during a routine traffic stop.
A background check is issued. Sometimes, police will keep an identity theft victim in their database, noting it as an alias for the real criminal. This can result in a false criminal record showing up on your background check. This can cause problems with potential landlords and employers.

You can help protect yourself against criminal identity theft by safeguarding your ID. If your license or state-issued ID is lost or stolen, report it to the local Department of Motor Vehicles (DMV) and law enforcement. Also, limit the information you share online (and encourage family members to do the same). For example, if your teen got their first driver’s license and wants to share a pic of it on social media, explain why this isn’t a good idea.

Synthetic identity theft

As one of the fastest-growing types of financial crime in the U.S., synthetic identity theft involves creating fake identities using real people’s information. Fraudsters may use data like birthdates, addresses, and Social Security numbers from real people, blending them to create a fake profile. They can then use this persona to apply for loans or credit cards or commit other financial crimes. Kids and older adults tend to be vulnerable to this type of fraud since they rarely use their SSNs.

The most important thing about synthetic identity theft is knowing the signs and acting fast. Keep an eye out for any mail with your address on it but addressed to a different name and phone calls or mail about new credit accounts. You can further protect yourself by regularly checking your credit reports for unexplained changes and placing a security freeze on them.

There are also identity monitoring services available, which scan the internet, including the dark web, for breached Social Security numbers. If you suspect you or a loved one is the victim of synthetic identity theft, contact the relevant financial institutions to alert them.

Child identity theft

We all want to protect our children from bad actors, especially when it comes to identity theft. Child identity theft involves using a minor’s information to commit financial fraud, like opening a new account or line of credit under the child’s name. The thief may even use the child’s identity to get a driver’s license, apply for government benefits, or buy a house. This is often easier than targeting an adult because most kids don’t have credit reports or financial accounts, making them a clean slate.

Unfortunately, child identity theft is often perpetrated within the family by a relative who has access to the child’s data like their birthdate and address. And many children don’t realize they’ve been targeted until they’re older — for example, when they try to take out a student loan. By this point, the issue may have been escalating for years. So, it’s important as a parent to be aware of child identity theft.

The best way to do this is to check whether your child has a credit report with any of the three big credit bureaus (TransUnion, Equifax, and Experian). If so, review the report and report any fraudulent activity. You can also place a freeze on your child’s credit report to help minimize the risk of future fraud.

How do you know if you’re a victim of identity theft?

No one wants to be left in the dark when it comes to identity theft, so knowing the signs can help you spot it and take action quickly. This can help stop fraud in its tracks, minimizing both immediate damage and long-term repercussions. Some warning signs that may indicate identity theft include:

You get a fraud alert from a financial institution. To protect customers against identity thieves’ scams, most banks have security protocols to pinpoint potential data breaches. For example, if you live in the U.S., but a purchase is made using your credit card information in London, your bank may stop the transaction and send you a credit card fraud alert.
There are unexplained changes in your credit score. Your credit score going up can mean someone is trying to extend credit in your name (with the intent to run through it). A dip in your score could indicate anything from a loan application to a bill going to collection. You can get a free copy of your credit report from the three major credit bureaus every 12 months.
There are changes to your financial accounts. Check your bank statements at least once a month, keeping an eye out for unfamiliar transactions or withdrawals. Also, check for an increase in your line of credit or a new credit card account (which someone else may have requested in your name).
A loan or credit card application is denied. If you apply for a new credit card or a loan and are turned down, find out why. If you thought you had good credit, double-check your current credit history. Identity theft can result in your credit score
You get phone calls from debt collectors. If collection agencies start calling you about unfamiliar debts, someone else might be using your information to open financial accounts or take out lines of credit. Don’t divulge any personal information on the phone but do check your credit report to see what debts they’re referring to.
You get unfamiliar mail. If you get mail sent to your address that’s clearly for someone else, that person might be using your address for personal gain. Be wary if you receive medical bills in the mail that you don’t recognize or W-2 forms for companies you’ve never worked for.
You experience tax return If you get a tax transcript you didn’t ask for, or the Internal Revenue Service (IRS) rejects your e-filing, identity theft might be to blame. Some thieves will file fraudulent returns to get the victim’s refund. Contact the IRS fraud alert department.

You can also increase your odds of recognizing identity theft with tools like McAfee’s identity protection services. Our continual monitoring can keep tabs on over 60 types of personal information, which allows us to quickly identify security issues, alerting you to potential breaches so that you can fix them. We’ll also notify you up to 10 months sooner than similar services. By combining the best practices described above with a comprehensive identity protection service, you can worry less about identity theft and spend more time enjoying the internet.

Start protecting your information today

The internet makes daily life easier in many ways. You can now learn, work, play, and shop online. You shouldn’t have to forego these conveniences because of the threat of identity theft.

McAfee’s identity theft protection services can help keep you and your loved ones safe. McAfee uses extensive monitoring and an early detection system to notify you of potential risks or breaches. You’ll also have access to 24/7 online security experts and up to $1 million of identity theft coverage. Get the peace of mind you need to continue using the internet with confidence.

The post 5 Common Types of Identity Theft appeared first on McAfee Blogs.

Read More