Identity theft, credit card theft and other data breaches seem to be a fact of life these days. The key to weathering them is to catch the problem early and act quickly.
If your credit card information is compromised, you’ll most likely find out from your bank, when someone tries to use the card for purchases that just don’t seem right. You should always check statements carefully for unauthorized purchases, but most credit card retailers have become good at spotting them and alerting you.
In most cases, you can simply dispute the charge and the card issuer will take care of the rest. According to the federal Electronic Fund Transfer Act, if you report unauthorized purchases within 60 days, you can’t be held liable for more than $50, and many major credit cards have reduced that to zero. Some have higher liability claims, though, so check with your bank.
Debit cards can be vulnerable, although Visa or MasterCard require that any such cards with their brand have the same zero-liability protections as their credit cards, said Jason Oxman, chief executive of the Electronic Transactions Association, a trade group.
Special Section: Security
After a year of record-setting hacking incidents, companies and consumers are finally learning how to defend themselves and are altering how they approach computer security.
If you have a bank debit card, you have two business days to report any unauthorized transactions if you want full protection, but you may still be liable for $50. After two days but within 60 days, you could be responsible for up to $500 in losses. And if you somehow don’t notice or don’t report the theft within 60 days, you’re out of luck; someone could drain your bank account and you’d have no recourse.
That is why it’s a good idea to use a credit card when shopping online, or if you must use a debit card, use it in conjunction with something like PayPal, which adds an extra layer of fraud protection and will take responsibility for most unauthorized purchases.
With identity theft fraud, someone has impersonated you and opened credit accounts in your name. If that happens, you should immediately call one of the big three credit reporting agencies in the United States — Experian, TransUnion or Equifax — and ask them to place a fraud alert on your credit file.
The alert lasts 90 days and will prevent anyone from opening new accounts without your specific consent by phone. You have to notify only one credit bureau, and it will tell the other two. To be extra cautious, you should call all three yourself or set the alert online.
Once you’ve confirmed the theft, it’s also important to file a police report. In some cities, you can do this online as well. That report, the timeline of events and case number will be invaluable when you call banks or stores to assure them that the fraudulent accounts aren’t yours. And you can use the police report to extend the fraud alert on your credit files to seven years.
If thieves have opened multiple accounts in your name, you may want to enlist the help of an identity protection service like LifeLock or ProtectMyID, which is affiliated with the credit bureau Experian.
If you’re already in trouble, these companies will help you find unauthorized charges on your credit file, and then track down and help you call the banks and stores that may have accounts in your name. That can make it much easier to clean up the mess.
You may have to be present on the calls, or fill out affidavits or other paperwork to complete your claims, but the fraud resolution agents assist you with creating dispute letters and reaching the right people.It costs $10 to $30 a month to have one of these services monitor your account information for fraudulent activity, or you can monitor your credit activity yourself for the next few months or even a year. Either way, stay vigilant for future activity.
“If you’ve been a victim of ID theft, the likelihood is that your data’s been sold,” said Becky Frost, a public relations manager from Experian’s consumer division. “This may be something that you deal with once and move on, but what’s more likely is that you take care of the problem and then the data is sold again.”
For more extreme protection, some consumers are actually freezing their credit accounts so that credit agencies cannot release reports to anyone without explicit consent. The freeze doesn’t apply to companies you currently do business with, but would stop any new accounts from getting into your credit.
That means that if someone wants to open a credit card or get a loan, the credit agency will have to reach you for specific authorization, which you can grant with a personal identification number.
In most states, you can place a freeze on your credit without charge if you’re the victim of identity theft. (What gives, Connecticut?) Some states require a copy of a police or other identity fraud report as proof.
If you just want the additional security of knowing that your credit report is locked down against identity theft, you can pay a small fee — usually around $10 — to freeze your credit and then pay the same amount again to thaw it.
That may seem like an extreme step, but considering how often personal and financial data seems to be exposed lately, maybe extreme is the only way to feel safe.