Kokua Line: How do I deal with identity theft?

Question: Will freezing credit stop ID theft? I don’t know what else to do besides calling the police. I am getting mail and phone calls about accounts I never opened.

Answer: Freezing your credit should help prevent more fraudulent accounts from being opened in your name, but it’s one task in a long list of things you need to do. Filing a police report also is important, as is submitting a complaint with the Federal Trade Commission. You can do the latter at identitytheft.gov, which will suggest a recovery plan based on the information you input.

The FTC’s to-do list is very long for victims like you, whose name, Social Security number and date of birth have been misused to open fraudulent accounts online. Besides coping with fraud that has already occurred, you are trying to protect your own assets, restore your identity and prevent more fraud or other crimes from being committed in your name.

Kokua Line receives numerous calls from identity- theft victims, including some older people like you who are overwhelmed by the work ahead. We spoke to Kathy Stokes, AARP’s director of fraud prevention programs, and other experts for advice about what victims should do right away, to help you prioritize:

>> Freeze your credit with nationwide credit-reporting companies Equifax, Experian and TransUnion, or, for a less strict alternative, add a fraud alert with one, which will tell the others. New creditors won’t be able to check your credit with a security freeze in place, and most won’t open new accounts without doing so, which will make it harder for criminals to open more fraudulent accounts using your identity. A fraud alert is less stringent, allowing creditors to access your credit report if they verify your identity. Contact the companies online, by phone or by mail. See 808ne.ws/creditfreeze for details on contacting all three, or call 800-685-1111 (Equifax), 888-397-3742 (Experian) and 888-909-8872 (TransUnion).

>> Check the security and privacy settings of your digital devices and upgrade as needed. Scan for and remove malware if necessary.

Don't miss out on what's happening!

Stay in touch with breaking news, as it happens, conveniently in your email inbox. It's FREE!

By clicking to sign up, you agree to Star-Advertiser's and Google's Terms of Service and Privacy Policy. This form is protected by reCAPTCHA.

>> Update passwords on all your actual accounts, including your email addresses, credit card accounts, bank accounts, retirement accounts, etc. Don’t use the same or similar passwords across multiple accounts. It’s best to use a password manager to create complex, encrypted passwords, Stokes said, but if you don’t feel comfortable using a password manager, create complex passwords yourself and keep them in a safe place. “They’ve got to be very strong passwords, not guessable and not repeated,” she said. Change user names and PINs as well, if necessary.

>> Set up multifactor authentication on your own online accounts to prevent criminals from logging in with your user name and password. With dual-factor authentication, for example, you’ll receive a unique code as a text or phone call to complete the log-in process.

>> Adopt online and/or app access for your financial accounts, “because if you don’t do it, someone else can set it up, or try to,” said Stokes, meaning criminals who have your personally identifiable information, also known as PII. You can set up activity alerts and check balances 24/7, and “not have to wait for monthly or quarterly statements,” which can be nerve-wracking for victims, Stokes said.

>> Contact banks, credit card companies and other financial institutions with which you do business to make sure your accounts have not been compromised. If you can’t or won’t adopt online access, ask how to enhance account security without it; namely, how to prevent thieves who have your PII from accessing your account.

>> You may not have received mail or phone calls about all the fraudulent accounts opened in your name, but try to close the ones you know about. Doing so may be difficult if the account is with an app-only financial technology company with no service outside the app. In that case, the Consumer Financial Protection Bureau may help. File a complaint at consumerfinance.gov that can be forwarded to an unresponsive company.

>> Get your Experian, TransUnion and Equifax credit reports for free through annualcreditreport.com, check each for incorrect information and dispute errant entries, whether they are related to your identity (listing places you’ve never lived, for example), accounts you did not authorize, charges you did not authorize or even credit inquiries you did not authorize.

Everyone should improve their passwords, use multifactor authentication and otherwise upgrade account security, Stokes said, not just fraud victims. There are many other questions on this topic, some of which we’ll cover in future columns as cybercrime proliferates in an era of contactless financial technology.

“One of the things that AARP is trying to do is advocate at the local, state and federal level for stronger protections for consumers. These crimes are off the charts in every state. Financial institutions and big tech all need to do a lot more” to prevent them, she said.

Write to Kokua Line at Honolulu Star-Advertiser, 500 Ala Moana Blvd., Suite 7-500, Honolulu, HI 96813; call 808-529-4773; or email kokualine@staradvertiser.com.