If you think your finances are safer now that you use a chip card, think again. The latest Javelin Identity Fraud Study reports the number of identity fraud victims increased by 16 percent in 2016 to more than 15 million consumers. And the amount the thieves took grew by $1 billion to more than $16 billion in the past year.
A large part of the increase came from “card not present” fraud in the first year since chip cards became widely used. Fraudsters are resorting to more invasive ways of getting your identity details than simply counterfeiting mag stripe cards.
So-called “phishing” schemes have become far more sophisticated. Gone are the days of the misspellings and clumsy grammar that made fraud emails obvious. Fraudsters have gotten better at tricking you into clicking on a link in one of these emails. Once you do that on your computer or smartphone, these links deploy malware called “bots” to collect all your data, including PIN and CV authentication numbers as you shop online.
There's also a growing trend of identity fraud crimes enabled by victims' social media posts. Harmless items on your pages, including celebrations of your birthday, or a college graduation or reunion, give thieves information they use open new accounts in your name. Fraudulent new credit accounts for more than half the increase in identity theft crime last year.
So what should you be doing to guard your identity? Here are some suggestions, which mostly involve common sense and a commitment to regularly review your finances.
—Check online accounts regularly. Visit your bank or credit card website at least once a week to make sure that no withdrawals or unauthorized charges have been made. Yes, you're protected from fraud, but there's no way to avoid the hassle of getting a new account number when you've been attacked. At least you can minimize the trauma by catching fraudulent purchases immediately.
—Check your credit report at least quarterly. These days, it's not so much to check your credit status as to make sure no one has opened a new account in your name. Consider freezing your credit to avoid this problem. That's easy to do, especially if you don't plan to open new accounts or make a major purchase that requires new credit. A freeze can easily and temporarily be lifted.
—Guard your personal information. Don't store passwords in browsers, even though it makes online shopping easier. In fact, don't store passwords unprotected on your smart phone where they are easily accessed. Instead, subscribe to an encrypted password protection service.
—Create two-factor authentication (2FA) for your banking and credit and brokerage accounts. That means you can't simply sign in with your password. Instead, the bank will send you a one-time code via either email or text to a different device than the one you are using to sign in. That guarantees an extra degree of protection. Most financial companies will let you set parameters so you can use your credit or debit card to buy a latte without any trouble but a purchase over a certain set amount will trigger the 2FA requirement.
—Be aware of your vulnerabilities. Regard all unsolicited emails suspiciously, and never click on a link. Simply hang up on phone callers who ask you for personal information. And examine the security of WiFi links you may use to get online for banking or shopping.
I have always thought that if you took the steps described above, you would be reasonably safe — or at least would catch fraud quickly. But experts at Lifelock, which cosponsored the Javelin study, opened my eyes to new forms of identity theft that might not be so quickly revealed.
These include identity theft via payday loans, peer-to-peer lending platforms, and new cell phone account originations. These are not likely to be picked up — at least quickly — by credit bureaus. But they are a focus of protection at Lifelock.
However you choose to protect yourself, don't be deluded by the latest card security measures. Identity theft is growing. And you could be next. That's the Savage Truth.