Skip to content
Join our Newsletter

Kevin Greenard: Heightened awareness required in a digital world

There are many stories we could share about identity theft, as we have experience assisting clients who feel their identity has been compromised.

Individuals and businesses are continually having individuals trying to get access to their information. In some cases, the hackers are demanding a ransom to get the files released. Businesses have a heightened awareness of this and spend enormous amounts of funds to back up and protect their information and protect their client’s information.

Not everyone has the same heightened awareness, but it is important to be diligent about how you share your personal information.

There are a variety of ways fraudsters can try to gather your personal information. The simplest example I can recall is an individual who placed their previous investment statements in the regular mail without them being shredded.

Or someone might phone you, pretending to be a legitimate organization, and request information from you verbally.

Other fraudsters send you text messages or emails, often using fear or scare tactics to persuade you to provide the information that they want. In some situations, you may receive illegitimate letters in the mail that are asking for personal information.

In nearly all these cases, when the fraudsters are gathering your information, there is malicious intent.

Seniors are at risk

Particularly vulnerable to identity theft are seniors. This group is often targeted as they have the financial resources and are often more trusting.

If you have loved ones who are aging, we always encourage setting up the appropriate power of attorney documents to protect them. We have some information on this in our article “Protecting Loved Ones From Financial Fraud.”

Estate identity theft

Fraudsters will look for names in online obituaries and papers for deceased individuals. The obituaries are often very detailed and provide a lot of information. This information may be used by fraudsters to open credit accounts and to steal money from deceased individuals.

It is not uncommon for an executor to discover more unlisted assets throughout the course of administering the estate. If these unknown assets were a target, your executor might not discover them until it’s too late. This stresses the importance of having everything documented for your executor. (See our article about providing your executor information about your digital footprint.)

If you are an Executor, we would also recommend having the two credit rating agencies in Canada, Equifax and TransUnion, set up a “death notice” on the deceased’s credit reports.

Children are at risk

Children under the age of 19 in B.C. are not able to apply for a loan. Typically, there would be no need to even ask for a credit report for a child under 19 as there wouldn’t be a report.

Fraudsters know that children, or young adults, may not be monitoring their credit reports. These are perfect types of situations for fraudsters who will open credit accounts in a young person’s name.

Often this will go undiscovered until one day in the future when the victim of identity theft ultimately tries to take out credit and it’s discovered that a fraudster took out credit in the child’s name and did not paid it back.

As a parent, you can contact Equifax and TransUnion and ask them to confirm whether your child has a credit report. You will have to provide confirmation of your child’s identity (birth certificate) as well as your own (two pieces of government-issued identification).

Criminal identity theft

Fraudsters who are pulled over for traffic violations, or other infractions, may provide the name and identification of another individual. This is fraudulent and criminal; however, you’re not likely to know about it until you go to renew your driver’s licence, auto insurance, or have a warrant issued for your arrest.

Fake identification

Unfortunately, fake identification is not something we only see in the movies. This type of fraud is sometimes referred to as synthetic identity theft. In this situation, a fraudster could give information that is completely false.

An example of this could be a fake name and a fake birth certificate. In other situations, a fraudster could have a real social insurance number (not their own) and a fake name. In these types of situations, seniors, children and deceased individuals are often targeted as they do not monitor their situation as frequently.

Multiple online accounts and profiles

These days it is very easy for anyone to make multiple email accounts and social media profiles. Most people might have a separate account for innocent reasons, such as for buying and selling used goods online. Other people might have a separate account for more sinister reasons, such as trying to gain your personal information by becoming your “friend” on social media. They can gather information about where you live, where you work, your birthday and so on — information that can help them steal your identity.

Ease of opening accounts

Part of the concern is the ease with which individuals can apply for credit. This can be done either by mail or online. Some retail shopping stores will even let you open a credit card on the spot when you’re in the store. Scammers could bring in a fake ID, with your personal information on it, and open a credit card in your name for their use, with no intention of ever repaying it.

Shopping from home

Shopping from the comfort of your own home certainly has its perks. However, one of the downsides is every website you visit increases the chance of your personal information being stolen.

If you are shopping online, make sure you shop at secure sites that have “https://” in the URL and a lock icon. This shows the user that extra steps have been taken to keep their information secure. Also, ensure you have a reputable antivirus software installed and that it is up to date.

When shopping, it’s important to think before you click and to think before you share. Don’t provide unnecessary personal data such as your birthday, and don’t save payment information. If you miss out on birthday discounts or must enter your payment information with each purchase, it’s better than your information falling into the wrong hands.

Moving

If you have recently moved, or have moved frequently in the past, this increases your risk of identity theft.

When moving, we all do our best to update our address with all major organizations we deal with, but invariably we may forget to update our address for one or two things; we’re only human. As soon as you move, it’s important you notify any financial institutions you do business with, the Canada Revenue Agency (CRA), insurance companies, etc. We ask our clients to provide us verbal confirmation of their new address in case their email addresses are compromised.

Canada Post offers mail forwarding services within the province, across provinces, and to the U.S. and internationally. Moving within a province, the mail forwarding services cost $56.70 for four months and $86.80 for 12 months.

If you are moving and receive mail containing sensitive information, using this service is highly recommended. With each piece of mail you receive that has been forwarded from your old address, you can contact the sender and ensure your new address is updated going forward.

We encourage everyone to receive electronic statements for as many accounts as possible. People are stealing statements, tax slips, utility bills and other personal information from mailboxes. Going paperless is not just environmentally friendly; it can also prevent your statements from ending up in the wrong hands.

What can you do?

In today’s fast-evolving digital age, everyone is vulnerable. We’ve included 10 actionable steps we recommend everyone take. Approximately 37 per cent of Canadians have been victims of some sort of identity theft.

While there’s no guarantee you will never encounter identity theft yourself, why not take as many steps as you can to avoid having it happen to you?

1) Monitor your accounts, statements, and bills frequently. Fraudsters may start by making small purchases on your credit cards or debit cards and then work their way up from there. If you see any charges you don’t recognize, no matter how small, call your financial institution right away.

2) Obtain your credit reports from Equifax and TransUnion regularly (at least every two years). We wrote an article that details how to request a credit report for the first time.

3) Be skeptical of unknown people trying to contact you. This can be via telephone, text message, email or mail. Don’t respond or click on any unsolicited links in these communications, and certainly don’t provide any personal information.

We suggest confirming with the company directly if the communication is legitimate. Contact the company using a phone number that is posted on the company’s official website or from your monthly statements. Do not use any contact numbers provided in the communication because if the message is not genuine, the phone number won’t be either.

4) Don’t trust public Wi-Fi networks. When on a public Wi-Fi network, it’s very easy for hackers to access the information you are sharing on your device. To help protect yourself, you can use a Virtual Private Network (VPN) that uses data-encryption to hide your online activity and identity.

5) Create strong, unique passwords and change them frequently. At Scotia Wealth Management, we are required to change our passwords at a minimum every 90 days. This is common practice throughout security-conscious organizations, and the same should apply in our everyday life. By creating a password using a “pass-phrase,” a mixture of upper- and lower-case letters, symbols and numbers, you will enhance the security of your sensitive information.

6) Be wary of what information you include on social media. Often individuals are broadcasting information that fraudsters are looking for.

Before you post things online you should think twice of what that information might mean for unscrupulous individuals. For example, you post a photo of you and your family on vacation and caption it “Let the two-week family vacation begin!” If that information fell into the wrong hands, criminals could know you are gone for two weeks.

As much as you want to share your vacation with family and friends, consider waiting until you are back home before posting photos. If you do post photos on social media, tighten up your security settings. It is also worthwhile to consider who is on your friend list — do you know them all? If there is anyone you have accepted without first knowing, remove them.

7) Safeguard your private information. Store it in locked filing cabinets and ensure you properly dispose of sensitive information by shredding it rather than throwing it out in the garbage or recycling. Being careless by throwing statements in the garbage or recycling can have costly consequences.

8) Secure your mail and sign up for paperless statements whenever possible. If you do not want to get paperless statements, consider paying for a post office box, or purchase a secure mailbox for your home that requires a key to open it so no one can reach into it and grab your mail.

9) Think twice before making online purchases. With an online purchase, you are including your name, address and payment information at the very least. Prior to entering that information, make sure it’s from a reputable company and you are using a secure webpage as evidenced from the lock symbol by the URL.

10) Invest in antivirus software. Ensure it is up to date and consider setting it to automatically scan your computer every 24 to 48 hours.

Kevin Greenard CPA CA FMA CFP CIM is a Senior Wealth Advisor and Portfolio Manager, Wealth Management with The Greenard Group at Scotia Wealth Management in Victoria. His column appears every week at timescolonist.com. Call 250-389-2138, email [email protected], or visit greenardgroup.com.