Up for grabs? - Washington consumers unknowingly putting their digital identities at risk
New survey shows many consumers fail quiz on how to protect their personal
information, while others have simply thrown in the towel
information from AARP
Hardly a month goes by without hearing of another data breach exposing our personal information to hackers and potential identity thieves. These breaches affect millions of individuals: Equifax–147 million, Target–110 million, Uber–57 million, Home Depot–53 million, and the list goes on and on. According to the California-based Privacy Rights Clearinghouse, there were over 738 data breaches in 2017 exposing more than 2-billion individual’s records. In fact, experts say very few of us haven’t been affected.
And while identity thieves are busy sharing and selling our personal information online, a new state survey from AARP shows Washington consumers are falling further behind in the battle to protect their identities. While confusion on just what steps to take are holding many back, some consumers have simply thrown in the towel and conceded that it’s only a matter of time before they’re the next victim of identity theft.
In an age of data breaches and sophisticated identity thieves, protecting your digital information is more important than ever. According to consumer fraud experts, there are three key steps consumers should take to better protect their personal information:
1) Set up and monitor online banking and checking accounts often;
2) Freeze your credit; and
3) Strengthen online passwords and privacy settings.
A capacity crowd of more than 250 Seattle area consumers learned the details behind those tips at the May 16 launch of the “Taking Charge of Your Digital Identity” campaign at South Seattle College. The event was the first in a statewide series launched by AARP, the Washington State Attorney General’s Office, Microsoft, the Federal Trade Commission, BECU and the Social Security Administration.
Special Guest, Washington State Attorney General Bob Ferguson spoke to the crowd and noted that data breaches here have affected nearly 3 million people, with the majority of them malicous cyber attacks. It has even affected his own family with a niece nearly falling prey to an IRS refund scam and the Archdiocese of the Catholic Church, of which he is a member, suffering a breach in 2014.
As part of the presentation, AARP released a new Washington state report, “Up for Grabs.” The survey of Washington online users 18+ revealed that a lack of awareness and knowledge of online dangers may be contributing to increased dangers for Washington consumers. According to AARP’s report, six-in-ten Washington adults (60%) failed a quiz testing their “Digital Identity IQ.” For instance:
- Only one third of respondents (32%) know that a fraud alert will not prevent their credit file from being shared with potential creditors A fraud alert does not block potential new credit, but places a comment on your history so that creditors will contact you prior to opening a new account.
- Only one-third of respondents (32%) know that a scan of the dark web will not confirm whether your personal information has been stolen. Because of the way the dark web is structured, it is impossible to do a complete scan of the dark web.
- Only half of respondents (53%) know that purchasing ID theft monitoring services does not prevent identity thieves from stealing your identity. Most ID theft monitoring services will notify individuals if someone is attempting to open new credit in their name, however it won’t prevent it from happening.
- Only about four-in-ten (38%) know that there are millions of Social Security numbers available for sale on the Internet for as low as $3.00 each.
Not only is a lack of awareness of online dangers placing consumers at risk, many others admit they have just given up. A full six-in-ten (60%) of those surveyed said that given the number of data breaches that have occurred over the past five years, they feel that no matter what they do, it is inevitable that criminals will use their stolen identity to exploit their credit at some point.
"With data breaches constantly in the news, keeping your personal information safe may seem like a difficult task," said Attorney General Bob Ferguson. "There are simple steps you can take to better protect yourself from identity theft. Take advantage of the resources offered by AARP, the Attorney General's Office and others." Attendees at today’s event were urged to follow three key steps to better protect themselves from identity thieves:
- Take Charge of Your Credit File
Getting a credit freeze is one of the three primary recommendations of security officials to help protect your identity. With a credit freeze in place, a criminal is unable to access your credit file or open new credit accounts. According to AARP’s report however, fewer than one-in-six Washington adults (14%) report having ever ordered a security freeze on their credit.
“Along with checking their credit reports regularly and reviewing bills promptly, many consumers find that freezing their credit is a simple thing they can do to protect themselves from crooks looking to set up phony credit accounts,” says Federal Trade Commission Regional Director Chuck Harwood. “A new Washington state law will soon let all consumers freeze their credit and lift the freeze at no cost.” AARP and the State Attorney General’s Office lobbied for the successful passage of the “Free Credit Freeze for All” law this year, offering free credit freezes and thaws for Washington consumers beginning in June of 2018. Prior to the laws’ passage, consumers had to pay around $10 to each of three credit reporting agencies to freeze their credit files, and another $10 per bureau to thaw their files.
- Check Your Online Accounts
With the ever increasing number of data breaches, experts say almost all of us have had our personal information exposed to potential identity thieves. So it’s vital that consumers have online access to all of their important bank accounts, credit cards and retirement accounts and to check them frequently. According to AARP’s report however, only four-in-ten (38%) of Washington adults have set-up online accounts for all of their bank accounts, while one-in-five (21%) admit they have not set up online access to any of their bank accounts. Similarly, only half (50%) of Washington adults have set-up online access to all of their credit cards, while more than one-quarter (27%) haven’t set up access to any of their credit cards.
To make matters worse, some consumers who say they are staying offline are doing so for all the wrong reasons. Nearly half of respondents who have not set up online access to some or any of their bank or credit card accounts (45%) say they haven’t because they are afraid their personal information will get stolen; about four-in-ten (41%) say they feel safer without an online account; and over one-third (36%) say they don’t trust the internet. “It’s ironic and unfortunate that fear and mistrust of the internet is actually putting people in greater danger that their personal information will be stolen and used by ID thieves,” says AARP State Director Doug Shadel. “Crooks have told us that people without online accounts are the perfect targets. It allows the criminals to set up online access themselves, and to even set passwords and identifying information locking people out of their own accounts.”
- Strengthen Your Passwords and Privacy Settings
The difference between secure computing and falling victim to online fraud or identity theft often comes down to a dozen or so keystrokes - your password. However, nearly half (45%) of Washington adults report using the same password for more than one online account. Younger adults are more likely to report doing this compared to older adults (18-49: 49%; 50-64: 46%; 65 and older: 33%). Using the same password across multiple accounts is a very risky practice. If hackers are able to break just one of your codes, they can now access each of your accounts . “Our members know we are very vigilant about protecting their data and often ask us what else they can do. We tell them to treat their passwords like toothbrushes,” says Kyle Welsh, BECU’s Chief Information Security Officer. “Change them frequently; don’t share them; don’t leave them lying around; and the longer you brush, the better.”
Privacy concerns over users personal information on Facebook has also been in the spotlight lately. AARP’s survey shows that among Washington Facebook users 18+, nearly three-quarters (72%) report having changed at least some of their privacy settings from the default settings. However, significantly fewer adults aged 65-and-older (33%) have done this. “Social media sites can be a great way to stay active and engaged, just be careful what you share,” says Jeff Lilleskare, Online Safety & Security Risk Management, Microsoft. “Check your settings to make sure only friends can see what you post, or at most friends of friends. Don't post when you're going to be traveling. Don't share your address, and be careful about taking pictures with sensitive information in them,” he says.
You can take a “Digital Identity IQ Quiz” online and see how you stack up against the rest of the state. Additional events are planned for Spokane on June 14, Vancouver on June 27, and Tri-Cities on July 11. Also check out more consumer protection tips and sign up for fraud alerts from the AARP Fraud Watch Network at www.aarp.org/fraudwatchnetwork.