05/2019 KIPLINGER’S PERSONAL FINANCE 45Tap these resources to protect yourself from
ID theft, to get assistance if you do become a
victim and to receive alerts about new scams.- The nonprofit Identity Theft Resource Center
helps victims resolve identity theft. Call the ITRC
at 888-400-5530, or start a live chat online at
http://www.idtheftcenter.org. - The AARP Fraud Watch Network hotline
(877-908-3360) offers victim assistance, and
you don’t have to be an AARP member to use it. - The Federal Trade Commission’s IdentityTheft
.gov walks victims through the steps to recovery
depending on the type of fraud they experienced
and offers sample letters to send to credit agen-
cies, lenders and other involved parties. Fraud
Support.org also guides victims to resources. - For detailed instructions on how to place a
credit freeze, including web links and phone
numbers for the credit agencies, go to kiplinger
.com/links/freeze. - To stay up-to-date on the latest scams, you
can sign up for alerts at http://www.fraud.org, www
.consumer.ftc.gov/features/scam-alerts and
http://www.aarp.org/money/scams-fraud. - To see if any of your e-mail addresses or ac-
counts have turned up in a data breach, go to
HaveIBeenPwned.com. If you turn up a positive
result, it’s time to update your passwords. - If a suspicious e-mail shows up in your inbox,
use Google’s Safe Browsing URL checker to see if
a website has been reported as dangerous to
visit. This can include malware-laden cesspools
as well as legit sites that have been compro-
mised. See more at http://transparencyreport
.google.com/safe-browsing/search. - If you think you may be vulnerable to a “SIM
swap” hack (see page 38), Google offers a guide
on how to port your phone number safely to its
VOIP service. Visit https://support.google
.com/voice/answer/1065667 to see how.
WHERE TO
GET HELP
authentication, or 2FA. You’ve experienced 2FA if a service has sent you an e-mail
or text to confirm your identity before signing in. If an account gives you the option
to require 2FA whenever you log in, it’s generally a good idea to use it. The extra
step prevents a thief with your bank password from accessing funds remotely.
Not all 2FA systems are equal, however. If an account only offers authentica-
tion via basic text messaging, you may be vulnerable to a “SIM swap” (see the box
on page 38). For now, this is still rare, and “having 2FA is better than not having it,
no question,” says Jake Williams, principal of Rendition InfoSec and former NSA
hacker. The website http://www.turnon2fa.com offers step-by-step instructions for acti-
vating the feature across dozens of websites, from Facebook to Fidelity.