Protecting yourself from the Equifax data breach is not something that’s going to end tomorrow. Or next month. Or next year.
If cyber criminals have your personal information, there’s no limit — both in time and scope — to how they can use it. Avoiding identity theft and fraud is something you could be fighting for years to come.
Here’s what the bad guys can do with your data and what you should do to protect yourself.
Stealing your identity
A criminal could ruin your credit by applying for multiple accounts in your name and failing to pay back borrowed money. Bad credit could keep you from qualifying for a loan or favorable rates.
Luckily, there are ways to avoid such nightmares. Start by checking your credit report. A free one is available each year from the three big credit reporting bureaus, including Equifax.
A credit monitoring service can help you keep tabs on your credit reports. But you should freeze your credit to prevent new accounts from being opened in your name and place a fraud alert to protect yourself from identity theft.
“There’s no one thing you need to do,” says Matthew Gardiner, senior product marketing manager at Mimecast, a tech company providing cloud email services. “It’s always about having levels of security controls or multiple layers of security controls.”
You should regularly check your bank account and credit card statements. Call your bank or issuer as soon possible about any fraudulent credit or debit card transactions. Instances of identity theft should be reported to the Federal Trade Commission and the Internal Revenue Service, says Fran Rosch, executive vice president and general manager of consumer business at Symantec.
Other potential threats
Hackers may use your stolen data to open accounts and sell it to other crooks. They can also do these other three things with the information taken from Equifax.
Hack into other accounts
With enough information, Brian Vecci, a technical evangelist at a software company called Varonis, says it’s possible to gain access to your email inbox.
Two-factor authentication — which, for example, uses both a username/password combo and a text message to your phone to confirm your identity — can protect your email accounts. And it never hurts to have strong passwords that you change frequently. Sites that offer random passwords each time you log in can be helpful, Vecci says.
To find out whether your email address has been compromised, Vecci recommends using a website like haveibeenpwned.com. The site can also notify you of other cyber threats.
Attempt a phishing attack
A phishing attack happens when a scammer pretends to be someone they’re not, says Sean Tierney, director of threat intelligence at Infoblox.
Look out for signs of phishing scams such as typos. Avoid clicking on links coming from domains that don’t seem credible. Secure sites should include “https” in their URLs.
The FTC issued an alert warning consumers about phone calls and emails from people claiming to be Equifax representatives. If you’re contacted by a scammer, file a complaint.
Commit other types of fraud
Bold criminals could use your data to engage in all sorts of crimes, like gaining access to corporate online networks and medical services.
Some private information is only valuable for a brief period, Tierney says. Other data — like Social Security numbers — could be used long after the Equifax breach fades away. That’s why getting into the habit of monitoring your accounts is key.
“Being vigilant for a few months will not be enough,” Rosch says. “Some scammers will wait a year or longer to act on this information.”