Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 8 MINUTES AGO.
You are here: Home / Cybercrime / Beware: The Equifax Hack Isn't Over
Beware: The Equifax Hack Isn't Over -- More Risks Ahead
Beware: The Equifax Hack Isn't Over -- More Risks Ahead
By Liz Weston Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
OCTOBER
31
2017
Long after the Equifax breach was announced, people were still struggling to freeze their credit reports as credit bureau websites failed, lured people to look-alike products or even redirected visitors to download malicious software.

But that's just the start of the gauntlet people may have to run to protect their financial lives.

The Equifax hack exposed the names, addresses, birthdates and Social Security numbers of up to 145.5 million Americans. Drivers license information for 10.9 million people was also exposed, according to a Wall Street Journal report.

This is the sensitive, private information that's used to establish your identity, which is why freezing your credit reports -- as important as that is -- won't be enough.

Credit freezes won't prevent criminals from taking over credit, bank, retirement and investment accounts, says security expert Avivah Litan with Gartner Research. Thieves also could use the purloined information to snatch your tax refund or mess with your Social Security benefits. Your email, phone, shopping and cloud-based storage accounts aren't safe, either.

Here are the cybersecurity steps you should take now:

Make Sure All of Your Freezes Are in Place

You need to set up credit freezes separately at each of the three major credit bureaus (Equifax, Experian and TransUnion) as well as with Innovis, a lesser-known bureau, and ChexSystems, a database that banks use to track people who mishandle their accounts. Banks and lenders that can't access your reports are much less likely to allow criminals to set up phony accounts in your name. Keep track of the personal identification numbers you're issued, since you'll need those to lift the freezes if you apply for credit or financial accounts.

Set Up Two-Factor Authentication if You Can

Two-factor security requires something you know, typically a password, along with something you have, such as a code texted to your phone or generated by an authentication app. (Security experts including Litan recommend using an app since criminals have started taking over cell phone accounts to circumvent two-factor verification by text.) Yes, two-factor authentication is a hassle, and no, it's not foolproof, but it creates another barrier between your accounts and the criminally inclined. Typically, once you set it up, you'll have to use it only if you try to sign in with an unrecognized device or after a set amount of time.

Two-factor security is a must for your password manager, your email and any cloud-based storage account including DropBox and Evernote. Consider setting it up for shopping sites, such as Amazon, and your social media accounts. Incredibly, not all financial institutions offer this (they should); consider whether you want to continue doing business with a company that refuses to take your security seriously.

The four big cell phone carriers don't offer it, either, which is pretty horrifying. Phone numbers are often used as a security backup, so a criminal controlling yours could reset passwords on many of your accounts.

File Your Taxes Early

It's pretty lame that the only thing you can do to thwart thieves from ginning up a phony tax return is to file your legitimate one as soon as possible after the IRS begins accepting them. Right now, that's all you can do. People who have already been victims are issued a special code they can use in the future, but a pilot program offering codes to other taxpayers hasn't been extended. The IRS will start processing returns Jan. 22. Employers don't have to send out the W-2 forms most of us need until Jan. 31.

Create a 'My Social Security' Account

Again, you're trying to get there before the evildoers. Setting up online access to your Social Security records will help you monitor activity, such as attempts to take over your account or apply for benefits. If your credit files are frozen, you'll need to lift the freeze with Equifax -- yes, that's the bureau Social Security uses to verify your identity -- or set it up in person at a Social Security office. Equifax is waiving the fees to set up and lift freezes until January.

You can't make your identity hack-proof, unfortunately, any more than you can keep a determined burglar from breaking into your home. Your goal is to make the bad guys work hard enough that they'll decide to move on to an easier target.

© 2017 Associated Press under contract with NewsEdge/Acquire Media. All rights reserved.

Image credit: iStock.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN CYBERCRIME
ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.