The COVID-19 pandemic prompted a surge in online activity, as people work from home and obey stay-at-home orders. With that came a significant increase in theft of business and personal information. As standard practice, businesses now allocate significant resources to privacy and data security efforts to protect business information. But there’s also real value in protecting the individual business owners and employees from online threats. And it needn’t be complex or expensive. Individuals can use simple, free tools like those presented here to mitigate risk of online threats. For reasons explained below, we recommend utilizing the following tools in the order they are presented.
1. Create an online account with the Social Security Administration.
The United States Social Security Administration (SSA) has an online portal where you can create an account that allows you to check earnings, request withdrawals, and take other actions regarding your social security account. Only one online account can be set up per social security number. Fraudsters will create accounts for people who haven’t created one, then withdraw funds or take other malicious action. Even if you are not yet eligible to receive benefits, setting up your online account is an important step to guard against this threat. You’ll want to setup your SSA online account before you freeze your credit reports (SSA will not let you create an online account if your credit reports are frozen). Even after setting up your account, it may be prudent to periodically login and check for unusual activity. Fraudsters have still found ways to divert funds, even from those who have set up accounts (for example, calling SSA by phone and providing enough personal information to pass SSA’s telephonic verification).
2. Create an account with each of the three credit reporting bureaus, and place a security freeze on each of your three credit reports (Experian, Equifax, Transunion).
A security freeze on each of your three credit reports can prevent identity thieves from opening a new line of credit in your name. One of the most common criminal uses of stolen personal information is opening a credit card or store credit line in your name. The credit is maxed out by purchasing high-dollar items, which are then returned for cash or gift cards. The criminals walk away with the cash and gift cards to be spent freely. You are left with the debt. Fortunately, by law, each reporting agency must allow you to place a security freeze on your credit report free of charge (you can freeze, unfreeze, and refreeze without charge). A reporting agency will likely try to sell you a related product that may offer some additional features or convenience, but is not necessary. You may have to dig some, but you will find the free security freeze. Remember, you won’t be able to open a new credit account with a security freeze in place. Be sure to keep a good record of your freeze information and account credentials with each of the bureaus so you can unfreeze the reports when you wish to access your credit.
Of course, businesses have also fallen victim to the recent spike in online theft as cybercriminals take advantage of the mass shift to remote work and the resulting lack of in-person verifications. One recent trend is cybercriminals gaining access to corporate virtual private networks by targeting new hires (identified by scrubbing social media accounts) with phishing attacks. Businesses have been forced to quickly adapt their privacy and data security practices to meet the current challenges, stay secure, and maintain compliance with applicable laws. At Henson Efron, our attorneys have extensive knowledge and experience in privacy and data security. Contact us for assistance in meeting the current privacy and data security challenges of COVID-19.