You might think that avoiding the Internet and refusing to set up online access to your accounts will protect you from fraud. A couple of years ago, I would have agreed with you. Today, the opposite is true. If you do not set up your online accounts you are enabling an identity thief to do it for you.
Big data is big business
In the digital age you can buy almost anything with the click of a button. Unfortunately this includes the ability to buy your personal identifying information. Believe it or not, there are online "stores" where someone can buy a name, address, date of birth and social security number. They may even be able to buy bank account or credit card information.
Sensitive data is big business. So where can you buy sensitive information online? All I am going to say is that it is a secret network typically found in the deep web. The deep web is the area that Google and other common search engines do not index. You may not be able to find them but I guarantee you that the criminals can and do find them.
The Identity Theft Resource Center estimates that over 600 million records have been exposed since 2005. It should be noted that these are only the ones that were reported. Because of this, you need to assume that your information is already available for sale in the deep web.
How thieves get access to your info
Once a thief has your name, address, date of birth and social security number, they contact financial institutions, pretending to be you, and ask to set up online access to your accounts.
If you already have online access, the most the financial institution call center representative can do is reset your password. This action typically will result in you receiving either an email or letter confirming the request.
If you have not set up online access, then you just handed over access to the thief. Typically the financial institution call center representative will check your account, see that you have not set up online access, and will walk the thief through the steps of creating an account. It really is just that easy. (Note: for those of you who think that I have just written at tutorial for criminals, that is not the case. This is information they already know. I know this because it has been happening to my clients for the last couple of years.)
Why thieves do this
In order to remove money from your account the thief has to link it to another account such as a re-loadable gift card or a utility account.
A growing trend involves linking financial institution accounts to re-loadable—also known as prepaid—gift cards. Examples would be Visa, MasterCard or American Express gift cards. In order to link your bank account to the gift card the thief must first verify access to your account. This is done through transactional verification. The debiting company, the organization that offers the gift card, will make a small deposit into your account. Most of the time the deposit amount is less than one dollar, such as $.01 or $.21. The person that initiated the link request must then tell the debiting company how much was deposited. The easiest way for a thief to know the answer is by accessing your account online.
It should be noted that account linking does not show up on a credit report. Therefore, it will not be detected by credit monitoring. The only way to monitor for account linking is by diligently reconciling your statements at the end of each month. Pay close attention for transactional deposits or duplicate payments for utilities.
How can you reduce the risk of this happening in the first place?
How to protect your accounts
Basically you have two options: block all electronic access to your account (where available) or set up online access to your accounts. Individuals who don't know how to use a computer can contact their financial institution over the phone and ask them to block all electronic access.
Not all financial institutions are able, or willing, to do this. If that is the case, then ask to create a secret password or a passcode to be used when making account inquiries by telephone. Again, not all financial institutions offer this option. It is best to contact your financial institution and ask them what security options they provide.
Doing nothing is not an option. Besides, setting up online access to your accounts will provide you with additional benefits and tools against fraudulent transactions.
As stated earlier, setting up online access to your accounts is a relatively simple process that often begins with a telephone call or a visit to the company's website. Most credit card companies have automated the process. Simply visit the credit card's website and follow the instructions. Often, they will print the website address on your credit card statement.This is not the case with financial institutions. Many still require you to either visit the branch or call customer service to initiate online access. Contact your credit card company or financial institution for additional information.
One more thing, they will all require you to provide an email address.
The benefits of online access
One major benefit of online access is the ability to monitor your accounts from anywhere in the world at your convenience. No longer do you have to wait 30 days to receive your paper statement to know that your account has been compromised or, even worse, emptied. Early detection equals faster recovery.
Another benefit of online access is the ability to take advantage of account alerts, where available. When you set up an account alert you will be notified by either email or text message when the specific alert has been triggered. An example of an alert is an "account minimum balance" alert. You set the minimum amount and when your account balance drops below that amount specified you will receive an alert.
American Express offers a "card not present" alert. If your American Express credit card is used online, where it is not physically swiped through a processing machine, you will be receive an alert. The types of alerts available vary by financial institution.
Not just financial accounts
Another growing trend involves the My Social Security Account program available from the Social Security Administration. Last year, the Social Security Administration launched the My Social Security Account program, providing beneficiaries with online access to review and manage their account online.
Once established, a beneficiary can manage their benefits, apply for benefits or change the account for their automatic deposit. As with financial accounts, the thieves are using a victim's personal information to create a My Social Security Account in the name of the victim. Once the account has been established, the thief can hijack the victim's benefits.
Every social security fraud case I investigated last year I was able to track back to the My Social Security Account program. In each case, the victims had not set up their online account, enabling a thief to do it on their behalf.
Your options with the My Social Security Account are the same as with other financial accounts. Either set up your online account by visiting the Social Security website, or contact Social Security and tell them you want to opt-out of electronic access. (Just remember: if you opt-out you will not be able to access your benefits online but neither will a thief.)
In summary, we are living in the digital age and will be for many years to come. Each passing year brings new challenges in the fight against identity theft. Just because something worked yesterday does not mean it will work tomorrow.
Refusing to accept the digital age will not protect you from identity theft. In fact, it increases your risk of becoming the next victim. As stated earlier, you can pretty much assume your sensitive information is available for sale on the deep web. Because of this, you must keep abreast of your options and choose the one that works best for you.