Welcome to Financial Advisor IQ

Paid Post

4 Tools to Help Protect Clients Against Identity Theft

October 5, 2018

It’s been a little over a year since news of the Equifax breach broke, leaving millions of Americans wondering what the potential exposure of their social security numbers, dates of birth, driver’s license numbers, and e-mail addresses could mean for the security of their data—and their identity. At the time, hundreds of Commonwealth advisors reached out to the firm’s Information Security team, asking how to help protect clients against identify theft. As the situation changed seemingly hourly, it was challenging for us to process the news, develop an appropriate response, and help advisors and clients take the right steps to secure their personal information.

While Equifax has taken steps to shore up its own security to help prevent a similar breach from recurring, the fact remains that many remain at risk for identity theft due to this incident. What can they do to monitor their information? Here, we’ll review four tools that can help alert you to fraudulent activity.

1) Credit Monitoring Services

Credit monitoring services check individuals’ credit files for any changes or suspicious activity, so they don’t have to check on it themselves. Credit monitoring services can send alerts (most often via e-mail or text message) when there are hard credit inquiries or when new lines of credit are opened. If anything looks fishy, individuals can report the unauthorized activity to the company holding that account, as well as to the major credit bureaus. At this stage, some incidents may be remediated.

2) Fraud Alerts

A fraud alert is a cautionary note that individuals can place on their credit reports. It tells credit lenders or service providers that the individual may have been a victim of identity theft, so they must verify with the account holder before making any changes to his or her credit. Usually, verification happens via phone.

Fraud alerts come in two flavors: initial and extended. Previously, initial alerts were good for 90 days. Under a new law effective September 21, 2018, initial alerts will last for one year. Extended alerts will remain good for seven years; such alerts require an identity theft report, which must be filed with the Federal Trade Commission (FTC).

3) Credit Freezes

As the name indicates, this tool freezes credit files so that no one—including the individual who placed the freeze—can open a new line of credit. To open a new line of credit, individuals will have to unfreeze their credit files first (with a personal identification number [PIN] provided to them) and then freeze their accounts again when they’re done. This is the most heavy-duty tool individuals can administer on their own to secure their personal information, but it has some consequences.

4) Identity Theft Protection Services

Identity theft protection services provide an all-in-one suite of tools and resources that can help clients avoid identity theft. The better services offer real-time credit monitoring at all three major bureaus, customized account alerts (for more than just credit), and a 24/7 call center.

Helping Victims of Identity Theft

A great starting point for victims of identity theft is identitytheft.gov. By following the site’s simple prompts, victims can select their identity theft situation, access guidance and resources specific to them, and file identity theft reports with the FTC.

Preventing a part two. After remediation, maintaining healthy account hygiene can help clients avoid identity theft in the future. Here are some tips to share with clients:

  • Encourage them to change account passwords for any accounts that may have been compromised.
  • Remind your clients that their passwords should be unique for each account. That way, if one account is compromised, the attackers will have a harder time accessing other accounts.
  • Teach your clients to enable multifactor authentication wherever possible. Multifactor authentication asks users to provide more than one form of identification to log into their accounts. For example, in addition to entering a password or PIN, users are prompted to access something they have, such as a smartphone or a hardware token.
  • If clients suspect that their e-mail accounts may have been hacked, instruct them to review the mail-forwarding rules and delete any rules they don’t recognize. Attackers often add forwarding rules so that when accounts send or receive certain e-mails, those e-mails are forwarded—even after individuals have regained access and changed their passwords.

Becoming an Information Security Resource

In this era of heightened cybersecurity risk, it’s important for financial advisors to understand the tools and resources that can help protect clients against identity theft. You, after all, are the one your clients trust with their personal and financial information, so it only makes sense that they will come to you for guidance on how to secure their data.

This post originally appeared on Commonwealth Independent Advisor, a blog authored by subject-matter experts at Commonwealth Financial Network®, the nation’s largest privately held RIA–independent broker/dealer. To subscribe, please visit https://blog.commonwealth.com.