Identity theft: What you need to know

Key Points

  • Identity fraud hit an all-time high in 2017 with 16.7 million U.S. victims1
  • Medical identity theft is also on the rise and is more difficult to detect
  • Protecting your privacy and security is a top priority at Ameriprise

Recent news stories about social media breaches demonstrate how easily information can be used by third parties without your permission. Has cybercrime evolved beyond the isolated outbreaks that make headlines? The short answer is yes.

“It’s true that attempted security breaches are on the rise,” says Scott More, Chief Information Security Officer at Ameriprise Financial. “That said, as hackers have become more sophisticated, federal agencies and financial institutions have evolved to stay abreast of their techniques.”

Here are the three most common types of cybercrime, along with prevention tips and steps to take if you’re hacked.

Most people associate identity theft primarily with using personal information to take over financial accounts.

To guard against fraud, review your statements and accounts for all your financial holdings regularly to confirm that transactions and balances are correct. Also, enrolling in e-delivery of financial statements and other documents can help ensure this information is delivered securely to you. Signing up for email and text alerts will help you receive real-time account updates.

For Ameriprise clients: The secure site on ameriprise.com allows for easy review of current and past transactions and statements. Additionally, if you’re registered for the secure site, you can sign up for text alerts by selecting My Profile and then visiting the Communications/Alert Preferences section. 

“A whole series of alerts are available to monitor different types of Ameriprise account activity so that you can be aware of your accounts without even logging in,” More says. 

Another tip: If you notice suspicious activity on a credit card or bank statement, contact all financial institutions where you hold accounts. You should also place a 90-day fraud alert on your credit reports by contacting the fraud hotlines of all three credit reporting agencies:

  • Equifax: 1.888.766.0008
  • Experian: 1.888.397.3742
  • TransUnion: 1.800.680.7289

This fraud alert prevents identity thieves from opening new accounts in your name since most lenders need to review your credit report before approving an account.

Keeping your Social Security number safe

Protecting your Social Security number (SSN) is another important step you can take to safeguard all your financial holdings – from bank to credit card accounts. Here are some tips:

  • Shred any documents that contain your SSN rather than putting them in the garbage or recycling
  • Don’t send your SSN through email or text messages, as these can be hacked
  • Be mindful of who’s in earshot when sharing private information over the phone
  • File your tax return early to help prevent others from accessing your refund, as duplicative returns with the same SSN will raise red flags with the IRS

Did you know that cybercriminals can use your health insurance information to see a doctor, get prescription drugs or file claims to your insurance provider? It may sound far-fetched, but 23% of the total data breaches in 2017 impacted medical or health care organizations.2  

So, what’s the remedy?

  • Be sure to read all medical and insurance statements carefully. If something looks unfamiliar to you, call your health insurance customer service number to cross-reference your information with theirs
  • Keep your insurance card in a safe place, and call your provider if you happen to lose it. They may issue you a new account number or simply make a note in your account to look for suspicious activity
  • If it appears someone fraudulently processed claims with your insurance, alert your medical providers immediately and be prepared to gather supporting documentation
  • After a fraud incident is reported, follow up with both insurance and medical providers to make sure all errors have been amended

A sharp increase in social media use means a greater risk of stolen identities and online fraud. It may seem harmless to post on your profile that you’ll be out of town or just bought a new car. But in the age of oversharing, a seemingly innocent update can be dangerous if it gets into the wrong hands.

When it comes to stalking or stealing an identity, use of photo- and video-sharing sites provides deeper insights into you, those you care about, your lifestyle and places you like to frequent. Your social media profile and the updates you share online may inadvertently reveal answers to security questions and give hackers password hints.

Recent social media breaches have shown how information can be used without your permission. Authorized security experts hired by companies to test fraud prevention systems have been able to access bank accounts using only information commonly found in social media profiles — a person’s name, email and other social profile information.3 

Each time you make a social media status update, think about whether it could be used to compromise your privacy or security in any way. Be selective when accepting social network invites, and remember that it’s not “unfriendly” to decline adding someone you don’t know to your social network.

 

While institutions are continuously evolving to thwart the latest cybercrime techniques, your first line of defense is often at home, since identity thieves specialize in hacking personal devices.

“The most common technique, known as phishing, could involve receiving an email indicating your account has been compromised, that you need to validate your information or that there’s something wrong with an order,” More says. “This is a red flag — should you receive such an email, delete the email in case it contains any viruses and do not respond.” Financial institutions, government agencies and other legitimate organizations are unlikely to request personal details or sensitive information via email.

Another common scam involves a fake “virus alert” with an 800 number to call for help. “Whatever you do, don’t call the number as that could help the hacker determine your location or provide other details that may compromise your security,” More says. “If you are concerned, contact a known and trusted source, such as the store where you purchased or service your computer.”

One of the easiest ways to protect yourself is to keep your technology updated. “Hackers exploit software vulnerabilities of people who haven’t kept their software and anti-virus programs current. These updates are actually plugging security holes that exist within the system,” More says. “Set your system to auto-update so you know it will be maintained by a legitimate provider.”

Remember that not all identity theft involves the internet. Phone calls remain a popular way to gather security information. “Be suspicious when someone calls and asks you for personal or secure information,” More says. “If you don’t recognize the caller, don’t give them any answers.”

If you are a victim of cybercrime, file a local police report and contact the Federal Trade Commission (FTC) to file an identity theft affidavit. These actions will create an official FTC Identity Theft Report and can help you access information about other breaches, stop creditors from collecting identity-theft-driven debt and erase false information from your credit reports.

Here are key contacts:

  • Federal Trade Commission
    Identity Theft Hotline
    Phone: 1.877.438.4338 (1.877.ID.THEFT)
    Online: identitytheft.gov
  • Credit bureau fraud alert hotlines
    Equifax: 1.888.766.0008
    Experian: 1.888.397.3742
    TransUnion: 1.800.680.7289

For information on how to report unauthorized activity on your Ameriprise account, visit ameriprise.com.

How Ameriprise protects your information

Ameriprise deploys around-the-clock, sophisticated prevention and detection techniques to identify and stop security breaches. In addition to monitoring threat intelligence services and maintaining contact with local and federal law enforcement, we also use third-party experts to test and make sure both internal and external environments are secure.

“Ameriprise has a comprehensive information security program with numerous levels of protection that include firewalls, intrusion detection and prevention capabilities,” More says. “We also have a security operations center that monitors activity 24/7 in tandem with real-time incident response and recovery.”

Ameriprise will cover 100% of the value of losses in your Ameriprise® account(s) caused by unauthorized online activity if they were incurred through no fault of your own.

To learn more about our privacy policy, how we safeguard your information and how you can protect yourself, visit the Ameriprise website.

 

News & Featured Insights

VIEW MORE INSIGHTS