Consumers concerned about the safety of their bank and credit accounts should take defensive and proactive steps right away to protect their financial well-being if hackers have attacked.
And these days, that seems to include just about everybody. Last year alone, more than 13 million Americans were victimized by identity fraud, according to Javelin Strategy & Research in Pleasanton, Calif. More recent data breaches at major U.S. financial institutions and retailers have exposed potentially millions more. Russian hacker attacks on JPMorgan Chase and at least four other banks in August resulted in the loss of gigabytes of customer information, according to Bloomberg News.
While Bloomberg said Chase plans to contact customers who might be affected by the latest breach, there’s no reason not to take the following steps now, even if your bank or credit provider hasn’t been hacked. It just may not know it yet.
Change logins and passwords
It’s a chore but an easy one and may prevent much bigger headaches later: Change all logins and passwords for each bank and credit account, and consider changing personal identification numbers (PINs) as well. Some safety experts advise taking this step at least once every six months to protect against fraud even if you don’t think the accounts have been exposed. It’s good medicine.
Examine recent statements
Go through account statements line by line and verify each transaction. Even a tiny discrepancy should be reported immediately. Thieves often start by making a small test purchase before engaging in larger fraud, so catching them early counts.
Check balances frequently
Mobile or online banking users in particular should check statements frequently to ensure that no suspicious charges crop up unnoticed. Consider setting up email or text alerts each time a transaction occurs in an account, if that option is available.
Flag suspicious activity
Report any unauthorized charge or suspicious activity to the bank or credit provider immediately. At some providers, tardy reporting leaves the account holder exposed to greater losses that the company won’t cover.
Be wary of queries
Banks generally never ask for account information such as a password or PIN by telephone or email, so don’t trust official-looking inquiries seeking personal information to verify accounts or for other purposes. It could be a “phishing” expedition by fraudsters looking to prey on the unsuspecting. Don’t bite! But if there’s a compelling reason to make sure everything is OK, go on the company’s website to check. Don’t click on links or pop-ups suspicious emails may contain.
Find and review any account agreements and policies to make sure what you may be liable for and what the company will do in the event of fraud or other unauthorized activity, as well as your reporting obligations. In general, banks and credit providers won’t hold customers accountable for losses tied to theft or identity fraud, provided they are reported in a timely manner.
Ask the three major credit-rating companies – Equifax, TransUnion and Experian – to provide fraud alerts so that lenders know your information may be compromised. These notices require extra steps to verify a would-be borrower’s information and identity before doing business with them. Consumers can also tell the raters to lock up their credit reports, effectively blocking the creation of new accounts.
Some companies have adopted two-factor authentication systems to provide an extra level of protection for account access. Some require users to respond to a text message while others ask for the identification of a preset symbol or picture before a user can log in.
Banks are required to alert customers when data has been breached, but it can take weeks to determine what was exposed. So don’t wait – take these steps now to protect your financial health.
JPMorgan Chase image via Shutterstock.