Preventing fraud and identity theft

We all are vulnerable to fraud and identity theft, regardless of age, education or level of wealth. With data breaches on the rise, individuals and small businesses are increasingly concerned about the consequences of having their information in the hands of cybercriminals.

The topic of fraud and identity theft can be daunting, and after any data breach, there are several questions that tend to be top of mind:

Has my information been compromised?

If you operate under the assumption that your information is already available to fraudsters, you may make smarter cyber decisions. Data breaches vary in their level of severity and type of information compromised, from name and email address to government IDs and account numbers. A hacker can build a profile about you with the data breach information, as well as additional material bought and sold on the dark web and data found on social media. Therefore, it is important to take precautions to mitigate for any potential identity theft.

What other ways can hackers get my information?

Your data can be compromised in a variety of ways, even if you are not the victim of a data breach. Criminals still take advantage of more traditional methods, such as stealing your mail or devices. They also employ social engineering techniques, such as phishing, through email, social media, texts or phone calls to gain confidential information. Fraudsters might trick you to enable them to remotely access your device, allowing them to download malware or provide confidential information.

How can I prevent becoming a victim of fraud and identity theft?

While there is no guarantee that you will not fall victim to fraud and identity theft, there are steps you can take to lower your risk:

  • 1. Be mindful of the information you share with others, even in the normal course of doing business, and never share banking credentials and passwords.
  • 2. Do not use personally identifying information as your username or password.
  • 3. Create strong and complex passwords on all devices and online accounts and never share them. Change them frequently and consider using a password management tool.
  • 4. Adopt multi-factor authentication wherever offered, especially on financial, email, social media and shopping accounts.
  • 5. Be wary of social engineering techniques. Be cautious when opening emails with spoofed email addresses, poor grammar or spelling, and suspicious attachments or links in emails. Do not assume a phone call is genuine because they have your information, and do not call or text an unknown phone number.
  • 6. Do not allow anyone to access your computer remotely, even if they claim to be from a reputable company. A common scheme used by fraudsters comes in the form of a pop-up on your screen or a phone call stating you have a virus on your device. Since this type of contact is most likely fraud, do not engage with the perpetrator; close out of the window or hang up on the caller.
  • 7. Always validate payment instructions by calling the originator on a known number when instructions are received via email, even if the email is from a trusted individual.
  • 8. Consider using online bill pay to avoid exposing your personal and account information if a check is lost or stolen in the mail.
  • 9. Keep financial documents and records in a secure place, and destroy sensitive documents you no longer need.
  • 10. In the U.S., consider securing or freezing your credit if you have not done so already.

Seniors, children and vulnerable individuals can also be at risk if their information is compromised. Fraud can be perpetrated against them and often goes unnoticed for a longer period of time, so ensure that the same steps are taken to protect them.

Picking up the pieces

Identity theft can be an overwhelming event and can take months or even years to rectify, without even taking into account financial ramifications. Refer to Protecting against and recovering from fraud and identity theft, a booklet from our Asset & Wealth Management Security & Fraud Management teams that provides tips about what you can do to respond cybercrime and identity theft.