4 Tools to Help Protect Clients Against Identity Theft
It’s been a little over a year since news of the Equifax breach broke, leaving millions of Americans wondering what the potential exposure of their social security numbers, dates of birth, driver’s license numbers, and e-mail addresses could mean for the security of their data—and their identity. At the time, hundreds of Commonwealth advisors reached out to the firm’s Information Security team, asking how to help protect clients against identify theft. As the situation changed seemingly hourly, it was challenging for us to process the news, develop an appropriate response, and help advisors and clients take the right steps to secure their personal information.
While Equifax has taken steps to shore up its own security to help prevent a similar breach from recurring, the fact remains that many remain at risk for identity theft due to this incident. What can they do to monitor their information? Here, we’ll review four tools that can help alert you to fraudulent activity.
1) Credit Monitoring Services
2) Fraud Alerts
Fraud alerts come in two flavors: initial and extended. Previously, initial alerts were good for 90 days. Under a new law effective September 21, 2018, initial alerts will last for one year. Extended alerts will remain good for seven years; such alerts require an identity theft report, which must be filed with the Federal Trade Commission (FTC).
3) Credit Freezes
4) Identity Theft Protection Services
Helping Victims of Identity Theft
A great starting point for victims of identity theft is identitytheft.gov. By following the site’s simple prompts, victims can select their identity theft situation, access guidance and resources specific to them, and file identity theft reports with the FTC.
Preventing a part two. After remediation, maintaining healthy account hygiene can help clients avoid identity theft in the future. Here are some tips to share with clients:
- Encourage them to change account passwords for any accounts that may have been compromised.
- Remind your clients that their passwords should be unique for each account. That way, if one account is compromised, the attackers will have a harder time accessing other accounts.
- Teach your clients to enable multifactor authentication wherever possible. Multifactor authentication asks users to provide more than one form of identification to log into their accounts. For example, in addition to entering a password or PIN, users are prompted to access something they have, such as a smartphone or a hardware token.
- If clients suspect that their e-mail accounts may have been hacked, instruct them to review the mail-forwarding rules and delete any rules they don’t recognize. Attackers often add forwarding rules so that when accounts send or receive certain e-mails, those e-mails are forwarded—even after individuals have regained access and changed their passwords.
Becoming an Information Security Resource
In this era of heightened cybersecurity risk, it’s important for financial advisors to understand the tools and resources that can help protect clients against identity theft. You, after all, are the one your clients trust with their personal and financial information, so it only makes sense that they will come to you for guidance on how to secure their data.