Your Personal Information’s Been Hacked – Here’s the One Step to Take to Protect Your Finances
I’m sorry to pass along this unfortunate news, but your personal information has already been hacked and is bouncing around the unsavory parts of the Internet just waiting for a predator to randomly pull your info from the millions of others and make your life hell.
Consider this, at the low end, hundreds of millions of individuals worldwide had some form of their personal information hacked from supposedly “safe” databases in the past few years.
A few of these may sound familiar.
- Marriott Hotels (SPG) – 500 million guests’ information hacked
- Yahoo – 1 billion+ accounts hacked
- Under Armour (MyFitnessPal) 150 million accounts hacked
- Equifax – 143 million Americans’ confidential financial information hacked
And these are the major breaches that are made public. How many smaller businesses with databases holding your email address, password, home address
A Personal Experience
There are a variety of outcomes when a criminal gets hold of your personal information. Here’s one.
Last month my wife noticed something strange while cleaning out her email Spam folder.
It was an email sent from her email address. She selected the email and began reading in the preview pane.
It was from a hacker and was very detailed and convincing.
In the interest of brevity, I won’t go into great detail, but will provide some of what the hacker wrote in an effort to alert others who may fall prey to a similar scheme.
The email started by saying that he/she had obtained my wife’s personal information via
He/she went on to say they had then planted malware on the computer and had been watching everything that had been done on the computer for months, as well as literally watching her (and my) actions while on/near the computer via the computer’s webcam.
He/she proceeded to say trying to change passwords on various accounts would be fruitless since the changes would be logged by the malware.
Additionally, the hacker got very specific with the kind of router we (supposedly) had, citing brand name and associated product numbers, adding to the credibility factor. (Although, when checked, that information didn’t actually match)
The kicker, however, was when he/she actually included in the email a password that my wife has used in the past. Interestingly, though, not the password she was using for her email account.
The credibility of the ransom email diminished when it started down the path of threatening to expose pornography usage to all her contacts.
Still, there was that lingering concern considering this individual was able to send an email from within her email account as well as cite an actual password she had used.
The request for him/her to go away was approximately $800 sent to an account via Bitcoin.
Actually, that’s a low amount considering other reported ransom situations I’ve read. And, likely a smart move by a hacker taking a shotgun-blast approach to conning others out of their money. Those who might not research the matter, and feel their private actions might come close to what the hacker is threatening to expose, would possibly send the “reasonable” amount of $800 hoping to make it all go away.
The email my wife received was a con.
But the fact that someone had access to her email address and a password she has used illustrates that from some unknown hack, her personal information was exposed.
And, for those interested, the ability to send an email using another person’s email address is a fairly easy process for those who have access to the right software. Do a search for “email spoofing” to learn more.
So this crook never actually had access to her email account nor our computer, just her email address and one of her passwords, obtained from one of the many hacks that have taken place in recent years.
How to Protect Yourself
This personal experience was, luckily, a fairly innocuous one, akin to the many emails from Nigerian Princes promising millions of dollars if you will only help them out with a small financial donation to get the ball rolling for one scheme or another.
Others fall into a different category.
The reason the above con works is because it’s based in reality. Hackers are able to access personal and business computers, taking over webcams and accessing all the information stored within a computer’s hard drive.
And the threats are real – whether they be exposing Internet activity or holding hostage your digital information – they will (potentially) follow through unless the ransom is paid. And in the cases where the hackers truly have gotten access, the ransom amount will be significantly more than a few hundred dollars.
As I said in the beginning of this piece, your personal information is already out there.
The only question is, will you be one of the unlucky individuals on whom a hacker will focus his or her efforts?
I could get into the “change all your passwords frequently” or “use complex passwords” guidance that is so often passed along.
Let’s be real, though, keeping track of the easy-to-remember passwords the majority of us use for the vast number of websites that require them is hard enough. We’re really going to make up a new 15-20 character password utilizing a variety of characters for each of the dozens of secured websites we visit regularly?
A password manager is an option. Although, while I’ve considered it, I’ve never actually gone through with it; my primary concern
Two-factor authentication is another safety option to consider. It will help to keep the bad guys at bay. But it has an inconvenience factor that will
These types of efforts are worthwhile.
But to really nail down your online safety, specifically as it relates to your financial security, there’s one step you need to take now.
Credit Freeze
In mid-September, we wrote about changes to the federal laws governing credit freezes and fraud alerts.
In a nutshell, federal law now allows individuals to freeze and unfreeze his/her credit at-will for absolutely no cost.
A credit freeze restricts access to your credit file, making it more difficult for identity thieves to open accounts in the names of others.
So if hackers have gained access to login information that allows entre to even more sensitive personal info such as a Social Security number, their ability to actually use that info for nefarious purposes will be limited to non-existent.
They may try to open credit cards, buy a car, or even something as basic as get new cell phone service and a dozen iPhone Xs to go with it.
All those efforts will be blocked when your credit is frozen.
Freezing your accounts is fairly easy. Yes, you do have to visit each credit bureau – Equifax, Experian, and TransUnion – to freeze your accounts, but once set up, turning a freeze off, and back on, is a simple operation.
I read a recent report about an individual visiting a cellular provider to begin new service. He had forgotten his credit was frozen – cell providers require a credit check to establish new service – and when the store associate began the new service process, he wasn’t able to proceed due to the credit freeze. The gentleman, remembering the freeze, accessed the credit bureaus via his cell phone, unfroze his credit, and had the associate try again. During that few minute period, the freeze was lifted and the new service activation was able to move ahead.
So for those worried about the effort to unfreeze credit when a check is needed, don’t be, the process is easy and quick. Especially so if you plan ahead.
Of course, a credit freeze won’t solve all hacking issues.
Should your bank account (not your credit cards) get hacked, that’s going to be a more intensive process.
And a credit freeze most assuredly won’t protect you from a situation where the hacker holds compromising information on you and is threatening to spread it around without a ransom payment. Although, hopefully, thanks to the personal experience related above, you’ll know when a threat may be less than credible.
But, for most problems associated with data breaches, a simple credit freeze will not only bring peace of
What tactics do you use to keep yourself safe in this time of ever-present data hacks?
Hacker image courtesy of hyena reality at FreeDigitalPhotos.net
