What happens next Where's my refund? Best CD rates this month Shop and save 🤑
PERSONAL FINANCE
Amazon

Weisman: You're not helpless against cybercrime

Steve Weisman
for USA TODAY
Hacker typing on a laptop

National Cybersecurity Awareness month began auspiciously with the disclosure by JP Morgan Chase through a required SEC filing that the massive data breach it suffered this summer involved more than 76 million households and 7 million small businesses.

There is little as customers that we can do about the security of the companies and government agencies with which we conduct business, but there are things we can do to protect ourselves from identity theft and the effects of massive data breaches which are now a part of modern day life. Living in a digital world requires some basic precautions and now is a good time to implement them in eight simple steps.

The first step is to change your password regularly, such as every six months. A good password has a mixture of capital letters, small letters, symbols and digits. Don't use any word in the dictionary because hackers have computer programs that can guess your password in a matter of seconds. Instead use a phrase, such as IHate2UsePasswords!!. This is a very secure password. You should also have a separate and distinct password for each of your accounts. To make things simple, you can merely adapt your basic password by adding a couple of distinguishing letters for each account. For example, you could make this your Amazon password by adding the letters "Am" at the end of your basic password so it reads IHate2UsePasswords!!Am.

You should also use dual factor authentication on all of your accounts when available. Dual-factor identification provides you with an extra level of security by which more than a password is necessary to gain access to your account. Generally with dual- factor identification, when you log into your account through your password, a code is then sent to your smartphone which you must input in order to access your account. Google, LastPass, Apple, Facebook, Twitter, Dropbox, Paypal and LinkedIn are just a few of the companies that provide dual-factor authentication. Dua- factor identification would have prevented the recent hacking of celebrity nude photos.

You also should change the answer to your security question to something completely nonsensical. Answering a security question is required if you forget your password or if you want to change your password. Hackers use this to take control of your accounts. Unfortunately the answers to common security questions, such as your mother's maiden name can be found with a little effort by an identity thief in the many places on the Internet that store personal information. So instead of the answer to your mother's maiden name being "Jones," change it to something nonsensical like "Grapefruit." No identity thief will guess it and it is silly enough for you to remember.

Don't click on links or download attachments in any email, text message or social media posting unless you have absolutely confirmed that it is legitimate. Identity thieves lure people into clicking on links in such communications resulting in the victims downloading keystroke logging malware that steals all of the information from their computers.

Don't provide personal information over the phone to anyone whom you have not called. You can never be sure if the person calling you is legitimate regardless of how compelling the reason he or she gives you to provide personal information. Don't rely on your Caller ID because, through a technique called "spoofing," an identity thief can make it appear that his or her call is from the IRS, your bank or some other legitimate entity. If you think the call might be legitimate, hang up and call the company or agency at a number that you know is real, not the number the caller gives you.

Review all of your accounts regularly and note the smallest charge that should not be there. Sometimes identity thieves will put regular reoccurring charges on your credit card or phone bill in the hope that you will not bother to investigate it because the charge is so small. The earlier you catch identity theft, the easier it is to deal with.

Check your credit report from each of the three major credit reporting agencies every year for evidence of fraud or even mistakes that need to be corrected. There are a lot of websites that promise a free credit report, but ask for your credit card and sign you up for services you do not want. Here is the link to the only official place to get your free credit report.

Put a credit freeze on your credit report so that even if an identity thief obtains your Social Security number, he or she cannot gain access to your credit report and run up a large debt in your name. A separate credit freeze needs to be established at each of the three major credit reporting agencies to be effective. Here are the links to the pages at Experian, TransUnion and Equifax where you can put a credit freeze on your report and get some peace of mind.:

TransUnion

Equifax

Experian

Make it your resolution for National Cybersecurity Awareness Month to follow these eight steps.

Steve Weisman is a lawyer, a professor at Bentley University and one of the country's leading experts in scams and identity theft. He writes the blog www.scamicide.com, and his new book is Identity Theft Alert.

Featured Weekly Ad