Fraud and identity theft can happen to anyone. They’re also entirely out of your control. Thousands of CRA accounts were recently harvested after a series of cyberattacks. Last year, a data breach at Desjardins Bank leaked the social insurance numbers, email addresses, and birthdates of around 2.7 million people. On top of that, there are always new phone scams and malware trying to collect your personal details.
Data breaches like these make it easy for hackers to wreak havoc on your finances. With the right information, they can steal money from your bank account, open new credit cards in your name, and even redirect benefit payments by changing the direct deposit details on your CRA account. If one of these situations have happened to you, don’t panic. Follow these seven tips to reclaim and protect your financial information.
1. View & verify account activity
If you suspect your personal data was stolen, log into your online account first to see if any fraudulent charges or account changes have been made. Keep in mind some suspicious-looking transactions can be legitimate as some businesses operate under different names. If you’re locked out of your account, use the forget my password feature or call customer service to regain control of it.
2. Change your password & security questions
Once a security breach is confirmed, change your password and security questions immediately. Make sure to use strong passwords that are unique and complex. Passwords should be at least eight characters long and consist of a mixture of letters, numbers, and symbols. Avoid passwords with common substitutions (i.e. “@” for “a”) as cybercrooks can crack these in a heartbeat. You should also pick security questions only you know the answers to or better yet, create fake answers no one would ever guess. Don’t use the same password and security questions for multiple accounts and never share this information with anyone. Consider updating passwords for all your other accounts (email, social media, etc.) if you feel they may be at risk.
3. Report the breach
Tell your bank, creditors, and credit bureaus that your account has been hacked. They’re ready to help you solve the problem and the bank may even return stolen funds right away. Contact the Canada Revenue Agency if you’re a victim of fraud, believe your social insurance number is compromised, or receive dubious messages that claim to be from the CRA. While you probably don’t know who your hacker is, it’s still worth filing a police report as cases from many victims can help authorities catch the criminal.
4. Freeze your account
Stop fraudsters from assessing your funds by freezing your bank account online, on the app, or by contacting customer service. A credit freeze is an excellent way to prevent identity theft in the United States, however this service is not available in Canada yet. Things may change in the future, but in the meantime, it’s best to set up fraud alerts with TransUnion and Equifax, Canada’s main credit bureaus. Fraud alerts are free for confirmed victims of identity theft and add an extra layer of protection by notifying creditors to complete additional verification before extending any credit. They can stay on your credit report for up to seven years and don’t affect your credit score.
5. Monitor your credit report
Credit bureaus may not catch all suspicious activity, which is why you should review your credit report regularly even if you have fraud warnings activated. Check to see that no one has opened accounts in your name and keep an eye out for unauthorized credit inquiries. You can check your credit score for free using Borrowell. The credit education company conducts soft credit inquiries so it doesn’t hurt your credit rating or show up on your report.
6. Set up additional security measures
Prevent a cyber attack from happening again by enabling text or email notifications. These notifications allow you to monitor your account in real-time by informing you of every change and transaction the moment they happen. You can also implement two-factor authentication to make it harder for fraudsters to get into your account. The security system goes beyond username and password by requiring an additional piece of information before you can log in. For example, you may need to input a special code that’s sent to your phone or answer a series of security questions.
7. Download updates & security software
Cybercriminals often use malware to gain access to personal information stored on computers. From email attachments to hacked files, malware can come from a variety of sources so be careful about what you click on. If you suspect your information was leaked using malware, install anti-virus software to check for threats and download security patch updates to keep your devices protected.
Having your financial information fall into the wrong hands is scary, but it’s important to stay calm and follow these tips if it happens to you. Doing so will minimize your risk of exposure and help you limit the damage to your finances.