Identity Theft

Close any cards you used at Target during the breach

January 13, 2014 By Liz Weston

Dear Liz: My debit card was part of the recent Target data breach (my credit union called me). I’ve read articles telling me to pull my credit reports. Here’s the thing: I already requested two of my three free credit reports in early December. When I read about the Target incident, I requested the third one. So now, if I pull a credit report, I’d have to pay for it. I’m very concerned about this, as my finances are tight.

Answer: The information that was stolen in the Target breach — and immediately put up for sale on black-market sites — is not the kind of personal information that’s typically needed to open new accounts, said John Ulzheimer, credit expert for CreditSesame.com. So buying your credit reports or investing in credit monitoring, which is how you would spot new account fraud, isn’t strictly necessary, he said.

The information that was stolen can be used in what’s known as “account takeover,” which means the bad guys can take over existing accounts and make fraudulent charges. In the case of a debit card, that means they can drain your bank account. With a credit card, you wouldn’t have to pay the fraudulent transactions, but dealing with them could still be a hassle.

Either way, you would be smart to close any debit or credit card used at Target between Nov. 27 and Dec. 15, the time of the breach, and ask for a replacement, Ulzheimer said.

Monday’s need-to-know money news

June 10, 2013 By Liz Weston

How to get the most out of your summer vacation, protecting yourself from medical identity theft, correcting financial myths and how to start saving for retirement.

3 Ways to Maximize Your Frequent Flier Miles This Summer

While holiday blackouts can make redeeming frequent flier miles difficult during the summer, there are still good deals to be had if you know where to look.

How to Protect Yourself from Fraud at the Hospital

Identity thieves are targeting victims at their most vulnerable. Find out what you can do to protect yourself.

Want More Time Off? Some Employers Let You Buy It

A novel approach to managing vacation time could allow you to purchase a day off or sell time you’re not going to use.

Financial Advisers Correct Common Personal Finance Myths

Meet the five common personal finance myths and how to avoid them.

How To Start Saving For Retirement

The good news is that it’s not too late. The bad news is that it will be if you wait any longer.

Companies make it easy to hack your identity

April 24, 2013 By Liz Weston

You might think breaking into a corporate database would be hard. Not so. A recent report from the Verizon RISK Team found the vast majority of incidents required minimal skills and took place in a few hours. Unfortunately, those breaches often weren’t discovered for months or even years–and it typically wasn’t the company but rather a third party that discovered a breach.

From a Credit.com post on the study:

While one in 10 were so easy the average Internet user could have caused them, another 68 percent were the result of hacking attacks using the most basic methods, requiring relatively few resources to complete. Only one breach suffered in all of 2012 required “advanced skills, significant customizations, and/or extensive resources” to complete.

That is likewise reflected in the amount of time it took to cause most data breaches, the report said. Altogether, 84 percent took hours or even minutes to perpetrate, while these incidents typically took months or even years to discover. Nearly two-thirds of all breaches took at least that long, up from just 56 percent the year before, proving that it’s actually becoming more difficult to spot breaches, as well as contain them. While most were remediated in hours or days, nearly a quarter took months.

The take-away from this is that companies aren’t doing nearly enough to protect the information they collect about you. And the sad truth is that you have little control over what goes into these databases. You can do your best to protect your identity, and still have your information breached.

You should still take steps to reduce your exposure, steps like not giving your Social Security number to companies that don’t need it and refusing to give businesses permission to share your information. You should use tough-to-hack passwords and stop sharing secrets on social media. You also should monitor your credit reports and financial accounts.

Until companies get serious about protecting your data, though, you’re still a target for identity theft.

Now available: My new book!

August 28, 2012 By Liz Weston

Do you have questions about money? Here’s a secret: we all do, and sometimes finding the right answers can be tough. My new book, “There Are No Dumb Questions About Money,” can make it easier for you to figure out your financial world.

I’ve taken your toughest questions about money and answered them in a clear, easy-to-read format. This book can help you manage your spending, improve your credit and find the best way to pay off debt. It can help you make the right choices when you’re investing, paying for your children’s education and prioritizing your financial goals. I’ve also tackled the difficult, emotional side of money: how to get on the same page with your partner, cope with spendthrift children (or parents!) and talk about end-of-life issues that can be so difficult to discuss. (And if you think your family is dysfunctional about money, read Chapter 5…you’ll either find answers to your problems, or be grateful that your situation isn’t as bad as some of the ones described there!)

Interested? You can buy this ebook on iTunes or on Amazon.

Watch out for tax refund theft

July 9, 2012 By Liz Weston

Dear Liz: My cousin had his house broken into a little over a year ago. A lot of things were taken, but insurance replaced most of what he thought was missing. This year after he filed his return he was contacted by the IRS, which told him that a return using his information had already been filed and the refund check cashed. The IRS is investigating the situation now, but I really worry about what is going to happen to his Social Security in the future if someone else is using his numbers or those of his children. Do you have any information on what steps he should take?

Answer: Theft of tax refunds is a growing problem. In fact, tax identity theft is the No. 1 fraud on the IRS’ list of Dirty Dozen Tax Scams of 2012.

The fraud is often perpetrated by organized criminal gangs that con, steal or buy people’s personal information to create bogus returns. Some people fall right into the bad guys’ hands by responding to emails that purport to be from the IRS. (The IRS doesn’t email people to request personal or financial information.)

If the problem isn’t resolved within a few months, your cousin should contact the agency’s Identity Protection Specialized Unit at (800) 908-4490.

Since the criminals already have his Social Security number and other important financial information, he also should put security freezes on his credit reports at all three bureaus. Links to the bureaus and other information for identity theft victims can be found on the IRS’ site at http://www.irs.gov.