Equifax hack: Steps to take beyond freezing your credit

Nicole Sinclair
Markets Correspondent

Equifax (EFX), one of the three major credit reporting bureaus, said on Thursday that “criminals” had stolen data that could impact 143 million US consumers. And while the immediate advice from experts has been to freeze your credit, there are other important steps to consider.

First off, yes, freeze your credit. By freezing your credit across the three credit report bureaus (Equifax, Experian, and TransUnion), it will be harder for hackers to open up lines of credit in your name. Freezing your credit does not affect your credit score and you can always temporarily lift the freeze when you need to run your credit for any reason, including applying for a mortgage. But understand that the step only goes so far, according to experts. It doesn’t prevent the use of already-obtained information by fraudsters.

So what else should you do?

Equifax has offered one year of free credit monitoring, which can detect any signs of identity theft. Now that the company has clarified that accepting this offer does not prohibit consumers from taking legal action, this is one measure to take.

It is key to garget all your personal information that may have been affected, according to Michael Reitblat, CEO of Forter, an e-commerce fraud prevention company.

Credit card strategies

Reitblat told Yahoo Finance that Forter noticed a “significant” spike in what appears to be fraudulent account takeovers this summer at retailers, something they believe could be a result of the Equifax data breach. And this could just be the start.

In other words, credit cards may already have been accessed and it’s important for consumers to identify.

The first step is to check your main credit cards for small purchases.

“Fraudsters know that you may not notice small charges, say $30, on your heavily-used credit cards,” according to Reitblat. “So when you’re checking your statement, look closely at even small charges.”

Second is to check cards that may have been sparsely used, including retail store credit cards. Reitblat explained that fraudsters will often make larger purchases, that would be more noticeable on your main credit card, on these cards that you don’t monitor as regularly.

To make sure you know all the credit cards you have open, Reitblat suggests Credit Karma as a simple way to identify which open credit card accounts you have.

And the third step is to make sure you remove any saved credit cards online, from retail sites to Paypal, so they can’t be stolen.

Password protection

In addition to these steps, Reitblat explained that strengthening your password is key as a preventive measure.

“I advise that individuals aim to move into the 10% of security-minded people with better passwords and security,” he said. “With fraudsters, it’s not personal. If it’s easier to steal from one person, they will steal from that person.”

Reitblat explained it’s all about “relative ease” for the fraudster

“It’s like the old joke,” he said. “A bear jumps out of a bush and starts chasing two hikers. They both start running for their lives, but then one of them stops to put on his running shoes. His friend says, ‘What are you doing? You can’t outrun a bear!’ His friend replies, ‘I don’t have to outrun the bear, I only have to outrun you.'”

Fraudsters’ first password attempt is usually a guess, Reitblat said, using birth dates, children’s names and other personal life go-tos.

“Don’t use easy-to-guess passwords,” he said.

Beyond that, software that runs randomly across characters will have a harder time getting your password if it’s longer, uses at least one upper case letter, one number, and one special character.

Individuals should also make sure their passwords are different across sites. While this can be a challenge, it’s worthwhile. And to stay organized, Reitblat has a tool: Last Pass. The site, which helps manage password, helps avoid forgetting but keeping your sophistication high.