Up until last Thursday, Identity Theft and being hacked were merely abstractions to Connie and me — something that happened to other people who weren’t ultra careful like we are. Not any more — for now it has happened to us! The days since then have been nightmarish, to put it mildly. But perhaps, by sharing the experience with you, we may help save you from our fate.
First of all, we are no longer as trusting of safeguards we mistakenly assumed Internet providers had put in place. But before I deal with safeguards, permit me to stop a minute and describe for you what it’s like to be hacked:
The first clue was when Connie checked in first thing Thursday morning, and lo, the entire Address Book of untold hundreds of our e-mail addresses, names, phone numbers, etc., were all missing!
In very short order, here came a non-stop barrage of phone calls (not only from all over North America but also Europe and Africa) from people asking if we were OK. Initially, there were also e-mails, but those mysteriously stopped. The big question: “Are you home? Or are you really stuck in Madrid, Spain (having been mugged), needing $5,000 to be wired to a certain number/address immediately so that you can make it home?” By later in the day, it became increasingly apparent that someone (most likely in Nigeria, China, or Romania, the apparent centers for Identity Theft today; however one in every ten victims actually knows the perpretator, according to Lifelock) had taken control of our e-mail world: writing personal letters to responders to the bogus plea for funds — in Connie’s name, or mine! –, reaffirming our immediate need for money. We’ll most likely never know how much other personal and business mail they misdirected to themselves.
In desperation, Connie began the laborious process of recreating the e-mail address book, one at a time, until she’d found about a hundred. Then weary of it all, we went to bed. Next morning, she discovered that the unseen thief had stolen those too! And deleted our address book again. That’s when we realized the full extent of the hacking. So Connie got on the phone with a representative of our provider (in far-off Manila) and began to work through the mess to a solution. In the middle of which, incoming e-mails mysteriously vanished from the screen in front of her. Talk about staring at a robber face to face!
So what do you do when you’ve been raped of your security and sense of being certain of your own ship? Lots! You race to your bank and credit card providers. You immediately change the passwords to all accounts (more on that later). You soon realize these are but lead dominoes for with a hostile force now owning the names of all those family, friends, business associates, clients, etc., that you interact with, where do you go next? You can’t alert them to the truth, urging them to beward of these semi-demands for funds because all these addresses have been stolen from you! You don’t have their e-mail addresses anymore.
Your next realization is that you need to immediately secure at least one more Internet provider, for the one you thought you had is now snake-bit. That means that more dominoes will fall as you’re forced to order new stationery, business cards, etc. And it goes on and on from there into no one knows where.
Eventually, we changed our password on our e-mail account and mail began to appear again; but two days of our lives had been commandeered by a hostile force determined to destroy us.
Belatedly, we signed up for Identity Theft protection. Really, there is no such thing, but having such a program in place enables you to make pre-emptive strikes when someone somewhere begins pretending to be you, setting up accounts in your name and charging things to them; even buying automobiles, etc., in your name — then, not paying them, leaving your credit rating in shambles.
During the two-hour dialogue with that protective organization, we learned much about this soft underbelly of the “brave new world” of cyberspace. We also learned a lot from our banks and friends and relatives who had given us after-the-fact counsel. Here are some of the things we’ve learned:
- No Internet provider is immune from being hacked, no matter how large — even our national government routinely gets hacked. Nothing is safe anymore to these monsters who are seeking to destroy rather than create on their own.
- Passwords are your key protection (your firewall). They need to be at least twelve digits long, interweaving totally unrelated letters, numbers, and symbols on your keyboard; no full words, no sequential anything — and, after logging in, placing your password in a safe place. And they recommend changing those passwords every six months.
- Odds are staggeringly against us! If a bank is broken into, there is a 95% conviction rate. If you are hacked or your identity is stolen, at best there may be a 1% conviction rate.
- Destroy – don’t put in trash – all records containing your name, address, phone numbers, e-mails, etc., for thieves daily pick through our garbage in order to begin structuring a new identity for themselves and their crimes.
- Ditto, your used prescription medicine containers. Medicare is being defrauded by billions of thieves latching onto such individual prescription records.
- Don’t let credit cards out of your sight if you can possibly avoid it, for unscrupulous employees often surreptitiously make copies of them while your credit card is in their possession.
- Especially, guard with your life Debit Cards, for they can be used to clean out entire bank accounts!
- Online banking is dangerous. Institute safeguards.
- Be extremely careful about how much personal information you place on Facebook. It too is monitored by those who seek to do you harm.
- When blogging or commenting on social media, do not tell people in advance where you will be on certain dates, as thieves may clean out your house while you are away! This goes for web sites too.
- Unscrupulous people may secretly make copies from cards in your hand ar checkouts or even from your wallets or purses!
- Every time we use a credit card, we open ourselves to the danger of losing our identities.
- Especially does your Social Security number need to be protected. Ditto medical policy cards.
- You should take steps to stop in their tracks all pre-approved credit card offers (in the mail).
- Destroy all bank statements you don’t keep for IRS Purposes.
- Never give our personal information to anyone by phone unless you are certain the caller is legitimately who s/he claimes to be.
- You need to place 12-digit passwords on everything.
- When hacked, immediately cancel old credit cards and secure new ones.
- Avoid using your mother’s maiden name, your birth date, the last four digits of your Social Security number or a series of consecutive numbers.
- Either monitor yourself or have an Identity Protection agency monitor for you one of the following three consumer reporting companies:
- Equifax: 1-800-525-6285
- Experian: 1-888-397-3742
- TransUnion: 1-800-680-7289
- After being hacked, put a tickler on your calendar 90 days out, for Identity Thieves often wait 91 days before moving in on you, lulling you into thinking all is well.
- It is imperative that you continually monitor your financial accounts (daily, if possible), watching out for questionable charges. Reason being that thieves usually begin with small charges to your account — to see if it works — then, if those aren’t flagged, they move on to ever larger purchases. And the longer it takes you to catch these things the more difficulty you’ll have in getting banks or credit card companies to swallow the results. If you report loss or theft within two business days of your discovery, your liability is limited to $50. Then it immediately goes up to $500. After 60 days, the loss is all yours. When you report a theft to an institution, always follow it up with a certified-return request letter.
Hopefully, you will personally escape being hacked, by instituting safeguards suggested earlier in this blog.
If you received one of those infamous bogus requests for funds in our names, you have our abject apology!
Blessings!
Do let me know your thoughts, reactions, and responses to this blog.