Blog

smiONE Source

Financial knowledge at your fingertips

Identity Theft Prevention and Response

January 29, 2024

Identity theft can be financially devastating and have a lasting impact on your future if the proper precautions aren’t taken. No one is immune to becoming a target or victim of identity theft, so it’s important to stay vigilant and put your best defenses up against fraudsters.

What is Identity Theft?

Identity theft is when someone uses your personal information (like your debit card or bank account number, social security number, birthdate, etc.) to commit fraud. This can include making purchases or opening accounts in your name.

Types of Identity Theft

Identity theft is sort of an umbrella term for the many types of fraud that involve someone else using your personal information to profit. It’s important to understand some of the most common types of identity theft, so you can look out for warning signs and protect yourself. Four types of identity theft that we see most often (and that you should be aware of) are financial, medical, synthetic, and child.

1.    Financial

Financial identity theft is committed when someone uses your financial information to commit fraud, this can include credit card fraud (someone else opening a line of credit with your information), benefit fraud (someone receiving government benefits with your information), and tax fraud (someone filing a tax return using your information).

2.    Medical

Medical identity theft is when someone uses your personal information to receive medical services. The kicker is, you’re still the one footing the bill. Filing a fraudulent medical insurance claim is another form of medical identity theft.

3.    Synthetic

Synthetic identity theft is when a criminal pieces together a fictitious consumer persona with some of their victims’ real personal information. For example, a fraudster may have access to numerous birthdates, names, or other forms of personally identifiable information (PII) and combine them to create fake identities that look like real consumers.

4.    Child

When a fraudster steals and uses a minor’s information to open new accounts or lines of credit in their name, it’s called child identity theft. This kind of fraud can often be difficult to identify until the child grows up to apply for college loans, credit cards, etc. Unfortunately, this form of identity theft is often perpetrated by a friend or family member that knows the child.

 

Preventing Identity Theft

While identity theft can seem complex and confusing, there are easy ways to protect yourself against, and you may already be doing some of them!

1.    Appropriately store and dispose of important documents containing personal information.

It’s best to keep important documents and documents containing personally identifiable information (PII) in a locked safe, file cabinet, or other secure location. You should keep these documents at home unless you need them. You should NOT be carrying these documents (including your social security card) around with you. It’s important to shred documents such as receipts, bank statements, credit offers, etc. to further protect against those who may snoop through trash to find information.

Be sure to check your mail regularly to reduce the risk of fraudsters gaining access to your information and put a hold on your mail if you will be out of town.

2.    Use strong passwords and password managers. Enable multi-factor authentication (MFA).

Passwords should include at least 12 characters (the longer, the better) and incorporate letters, numbers, and special characters where possible. Create unique passwords for each account and change them every few months, so your accounts will remain secure if one password is compromised.

A password manager can help you organize, manage, and use passwords for various sites and applications. Using a password manager enables you to create and use longer, more complex passwords without worrying about how to remember them. Some password managers will also be able to identify weaknesses in your passwords and propose stronger ones as you’re creating a new account.

Remember, smiONE agents will NEVER ask you for your PIN or password.

Multi-factor authentication, or MFA, adds layers of security to your accounts. With MFA enabled, you’ll be required to use at least two methods of identity verification to access your accounts. Commonly, you’ll be sent a unique verification code by phone call, text, or email to confirm it is really you trying to access the account. If your passwords or credentials are ever compromised, MFA can keep a bad actor from accessing your accounts by requiring the additional verification step.

Your smiONE Card account is equipped with MFA functionality, so be sure to set up at least one additional verification method for increased security!

3.    Use a VPN on public wi-fi.

Public wi-fi networks are a common vulnerability that hackers, scammers, and fraudsters can exploit. These bad actors can use unsecured wi-fi networks to access your devices and your information. A virtual private network, or VPN, works to protect your online privacy by encrypting your data and masking your devices’ IP addresses, hiding information like your location and identity, so you are less likely to be targeted by these threats.

4.    Beware of common scams (skimming, phishing, spoofing).

Credit/debit card skimming is when someone uses a device to digitally steal your account or card information from places like ATMs and cash registers. Often, we’ll hear of this happening at the gas pump, so it’s generally a good idea to pay inside.

Phishing is a type of scam in which a scammer disguises their emails or text messages as coming from a reputable and trustworthy source, often a financial company. They then disguise their links and attachments, so you’ll be inclined to trust and click them, allowing the scammer to access your information or devices. You should always double check links and contact information before trusting an email and avoid clicking links from unknown senders, downloading software from unknown sources, or providing personal information to unconfirmed sites or people.

Spoofing is similar to phishing, but occurs when a scammer is able to disguise their phone number or contact information as someone else. For example, spoofers can make it look like you’re getting a call from a family member or your financial institution.

Remember, financial institutions like banks and the IRS will NOT ask you for personal information or account credentials via email or text and will NEVER call you with threats of legal action. If you’re ever unsure, it’s smart to hang up or ignore the email and opt for calling your financial provider directly to provide the information. You can find trustworthy contact information on the company’s website.

5.    Enroll in real-time alerts.

Some service providers, like financial or medical providers, will often have an option for you to enroll in real-time alerts, and you should! These alerts will inform you of account actions as they occur, which can help you identify fraudulent activity and take precautions quickly. You can typically customize the alerts to be sent to your preferred communication method (text or email), and you maybe able to select which specific alerts you want to receive.

To set up, review, or update notification settings for your smiONE Card account, log in on the mobile app or your online account center.

6.    Regularly review your credit reports along with your financial and medical account activity.

Whether you’ve opted for alerts or not, you should still be checking your account activity and reports regularly. This is a great way to check to make sure you recognize each account and transaction, and immediately check on or report any that you don’t recognize. Remember to check your insurance claims and statements regularly, too!

You can check your credit report with each of the major credit reporting companies (Experian, TransUnion, and Equifax) for free every year at annualcreditreport.com.

 

Responding to Identity Theft

What should you do if you’ve identified fraudulent activity on your account?

1.     Lock or freeze your cards.

If you believe you’ve been a victim of identity theft or fraud, you should lock or freeze your affected cards, and sometimes it’s good to proactively lock your remaining cards and accounts to reduce the risk of the fraudster gaining access to those as well. Most credit and debit card companies will have the option to lock your card somewhere in the settings menu either in their mobile app or an online cardholder portal. Locking or freezing your card disables the card, so no transactions can occur. This is a helpful security feature because you don’t have to completely cancel the card until you’ve had time to investigate and confirm fraudulent activity. You can always unlock or unfreeze your card at a later time if you’ve determined that a fraudster no longer has or never had access to your card account.

You can suspend your Platinum smiONE™ Visa® Prepaid Card via the Platinum smiONE mobile app (iOS / Android) or your online account center.

2.    Report the fraud to appropriate parties.

Once you’ve locked your cards and made sure the threat was contained, it’s important to report the fraud, so the authorities and providers are aware and can take necessary precautions to protect your assets. Commonly, you’ll want to report this to the affected institution (financial, medical, criminal, etc.), the Federal Trade Commission (FTC), law enforcement, and the major credit reporting companies. If you believe your social security number was compromised or the identity theft will affect your taxes (ex: tax fraud and benefits fraud), you may also need to contact the Internal Revenue Service (IRS) to ensure you’re only paying the taxes you’re supposed to. We’ll talk more about what this reporting looks like in the next section. Here, it is also crucial to document evidence of the fraud, this can include financial or insurance statements and IRS or collections notices.

3.    Put a credit alert/freeze on your credit reports.

A good safeguard as you’re investigating potential identity theft is placing a freeze on your credit reports, which will restrict yourself and others from opening a new line of credit in your name. You will still be able to lift the freeze temporarily if you decide to open a new line of credit. To place a freeze on your reports, contact Experian, TransUnion, and/or Equifax. The freeze will remain active on your accounts until you remove it.

Alternatively, you might look to place a credit alert on your reports. A credit alert makes it more difficult for someone else to open a line of credit in your name because companies will need to verify your identity before opening the credit line. Slightly different from the credit freeze, you’ll only need to alert one of the credit reporting companies and it becomes their duty to alert the others. Additionally, unlike the credit freeze, a credit alert will expire after one year, at which point you will have the option to renew.

If you know you have been a victim of identity fraud and reported it to the FTC, you can add an extended credit alert to your accounts. This makes it even harder for others to obtain credit under your name as it requires companies to get in contact with you before extending that credit.

 

Reporting Identity Theft

Reporting identity theft is important because it helps protect yourself and other consumers from additional scams and losses. The right authorities can investigate and charge an individual for identity theft and can help you minimize any damages. Be prepared with documentation of the suspicious activity and be prepared to prove your identity with identification, proof of residence, etc.

1.    The FTC

Your first step in reporting should always be directly to the FTC at identitytheft.gov. From there, you will be able to fill out an FTC Identity Theft Report with details about the evidence you’ve collected. The FTC can also help with developing your recovery plan.

2.    Law Enforcement

Some companies may request or require a police report to dispute the fraudulent charges, so it’ll be good to have one on file. Don’t forget to bring a copy of your FTC Identity Theft Report to support your claims, along with any other documented evidence you have.

3.   Your Providers

Depending on the type of fraud or identity theft, you may have different providers to alert. In the event of medical identity theft, you’ll want to get in touch with your medical providers and insurance company to let them know what’s going on and see how you can minimize damages. With financial fraud, you’ll want to reach out to the affected financial providers. This might include your credit or debit card company, governmental benefits providers, loan providers, credit bureaus, etc. Once you’ve gotten in touch with your provider, you can dispute the claims or transactions and close any accounts you didn’t open yourself.

If you believe you may have been a victim of identity theft and your smiONE Card has been compromised, call us immediately to report fraudulent charges and minimize any potential losses. We will cancel your current and ship you a new one while we work to resolve any fraudulent activity.

As an additional security measure, it would be wise to change the passwords and PINs on any affected accounts.

4.   Credit Bureaus

Like we mentioned earlier, it’ll be important to contact one or all of the major credit bureaus to ensure the fraudster can no longer affect your credit and creditworthiness. If you plan to put a freeze on your credit, you’ll need to contact each of these companies, using the contact information below. Remember, for a credit alert you’ll only need to contact one and they’ll be responsible for informing the others.

Experian:

Experian.com/help

888-EXPERIAN

(888-397-3742)

 

TransUnion:

TransUnion.com/credit-help

888-909-8872

 

Equifax:

Equifax.com/personal/credit-report-services

800-685-1111

 

5.    The IRS

If the identity theft may or may have already affected your taxes, you’ll probably want to reach out to the IRS to make sure you’re not liable for what someone else did with your social. Typically, you’ll be notified by the IRS if the taxes you filed don’t match their records and that might be when you’re first alerted to the fraud. You should call the IRS number on the notice you received, then, you can visit irs.gov/faqs/irs-procedures/reporting-identity-theft and fill out the Form 14039, Identity Theft Affidavit. You may be asked to provide additional evidence or documentation to support your claims and the IRS will notify you once they’ve made a determination regarding the fraud.    

More from the smiONE Blog...

Shopping Safety Tips for the Holiday Season

How to Set Up Direct Deposit

10 Ways to Save Money in 2024