Last year, over a million people fell victim to phishing. Not just common citizens, either – presidents of banks, heads of security firms and top CEOs from huge corporations are among the victims. Phishers are good at what they do.
Security isn’t just about defense – it’s about response too. If you believe you’ve been phished, it’s time to take action.
Don’t Panic
Stay calm. Stay controlled. Fear and confusion are primary weapons of the phisher. Many financial institutions are prepared for phishing events, and in many circumstances, you might even get your money back.
It’s time to make some phone calls.
Close Compromised Accounts
Call the credit union if your accounts or debit card information has been leaked. Call your credit card provider if your card number has been lost or stolen. The thieves must be stopped from using your data.
The customer service agents will need as many details as you can provide about what happened. Make notes about who you talked to, what information you let out, and when the incident occurred.
If you fail to inform the proper institutions in a timely manner, you’ll likely lose any refund you would have coming to you. You need to act quickly. Don’t worry, you will be issued new accounts and cards.
Contact One of the Major Credit Bureaus
- Equifax: 1-888-766-0008
- Experian: 1-888-397-3742
- TransUnion: 1-800-680-7289
This step will guard against the phishers opening any new accounts in your name.
Whichever bureau you contact is required to notify the other two. A fraud alert will be placed on your credit report for ninety days; you may request a seven-year alert with the proper paperwork. Note: if you’re applying for credit during an alert, you will be required to provide additional proof of your identity. This may cause additional delays in securing credit for yourself. It’s a small price for your financial security, but just be aware.
Additionally, you can request an active duty alert, which will automatically opt you out of pre-screen credit and insurance offers for up to two years.
You’ll also be entitled to a copy of your credit report. Get it and review the information for any fraudulent activity.
Call the Police
Phishing is a crime. Call the police and file a report. Be sure to get a copy of that report for yourself – it will come in handy during the cleanup phase.
Some local authorities don’t take reports for phishing. Be persistent. The FTC suggests you file a Miscellaneous Incident Report instead, if that’s what it takes. You’ll need some kind of documentation you reported the incident to the authorities.
File a Complaint with the FTC
By filing your incident with the Federal Trade Commission, you’re contributing to a national database of identity theft data used by law enforcement officials across the country. The FTC will refer to you to additional agencies and companies based on your individual experiences.
To file a complaint, call the FTC’s Identity Theft Hotline, toll-free: 1-877-ID-THEFT (438-4338).
You can also file a complaint online at OnGuard Online, an informative site sponsored by the FTC and the Department of Homeland Security.
Contact Other Agencies
Depending on your situation, you may need to contact other agencies. If the bad guys used your driver’s license number, you’ll want to call your DMV or Secretary of State. Same goes for your Social Security number and the Social Security Administration.