[Kathy]

A silver lining in getting hacked???
Yes.
Anyone who has been hacked and went through all the hell that means is saying right now that:

– I’m off my rocker
– I have a few screws loose
– I’m crazy.
Nope. I just choose to see some positive in everything.
So here it is.

20 autopay accounts (some I didn’t even remember/realize I had) have been disconnected.
Do you have any that’s taken pulling your hair out to try to get them to stop?

Yep.
In one fell swoop, gone.
Now, it’s taken me WEEKS to get a human on the phone with the power to do all the changes I needed, but patience is a virtue; right?

So, Lesson # 1 here.
Check PayPal to see how many autopays YOU have there. Then do so with every credit card you have. And then your bank/debit card(s). You may have some you don’t want to pay anymore!

Lesson #2
Set up 2-step authentication (or more if they’ll let you!) on everything and DO NOT have the only one be your phone #.

State Police said e-sims are easier than you’d believe to “steal”. Even in “unhackable” iPhones. So if hackers have your # they can get everything that sends codes to “your phone.” Like your bank. Especially do this for Vanguard/Fidelity.

“Do the 2-step” needs to be as popular as the 4% rule or backdoor Roth in this group!

Lesson #3
you will learn MANY lessons when you get hacked. What an eye opening experience. Not one I enjoy. But I WILL testify at that hacker’s trial! Keep using my #, Baby! I’ll gladly keep paying for it til you’re in handcuffs!

Lesson #4
Freeze all 3 credit bureau accounts. You can easily unfreeze them when you need to apply for any credit. The last thing anyone here wants is someone applying for credit in their name.

Unfortunately, in the courts where I worked, some of my trials involved family members, neighbors, and friends who did this. Parents who knew their kids’ SSN applied for things in their name.

Ruined their credit before they were even in college. Or vice versa. Kids who used their parents’ SSN. Don’t trust. Just freeze.

Lesson #5
Check the dark web. According to the officer that took my report, probably every American has most of their PII there.

So I have two questions for those of you who have been hearty enough to read my post.

Question number one:
Have you used any of those companies that say they will clean your information off the dark web? Is it even possible? (OK, that was two questions. Part A & part B – quit being so picky.)

Question number two:
Have any of you used companies like LifeLock or their competitors and felt you got your money’s worth versus their monthly subscription cost?

And part two of this question, have you tried more than one to be able to say which is better than the other?

And if you’ve been hacked in any way, add your lessons learned in the comments.

[Tatiana]

How do you look in the dark web? I thought that was a thing only criminals knew how to do.

Not judging at all. Just naive about it.

[Janice]

Another thing to consider adding to your list, most counties/Appraisal Districts, offer some form of “locking” the deed to your home/property, so it’s harder to have it stolen in a case of identity theft or forged HELOC or a forged sale.

I’m not sure of what all is in involved with it, as our CAD started offering it the year after the sale of my home and I’ve been renting ever since.

But with cases of property fraud on the rise and so many having a significant portion of their net worth in their home value, it would be worth securing it.

The service offered by out Appraisal District is free to any property holder, if I remember correctly, but it did involve requesting it and going in person to complete a a form and signing a sworn statement and verification of identification.

I think there are paid services available, too, but I couldn’t say which are more legitimate than others.

I’m sorry that you’re dealing with being hacked, but I appreciate you sharing the tips and I applaud your ability to find the silver lining in every situation!

I try to do that as well.

[Tony]

I’ve never had any financial accounts hacked, but I’ve always stayed current with whatever security steps I need to prevent it. You should also use a password manager of some kind.

I have a unique +/- 25 character password for every single account I own, on top of 2FA, frozen credit, and password authenticators wherever possible.

Most of this can all be easily set up in 15 minutes.

I also used a service called Optery to get all my old accounts and passwords that are no longer used off the Internet.

It worked pretty well, although the process takes a month or two as they contact companies on your behalf to have the information removed.

[Angela]

I have Allstate Identity through my work and it covers my family (my adult kids included). I love it. Sorry you were hacked.

I dread the day and I think about it more often than I probably should because I just feel it’s “inevitable”.

[Frank]

Don’t use autopay unless you have set it up and control it from your bank, NEVER from any service provider.

[Niki]

FYI – The CFPB has been dismantled, which is the dept responsible for ensuring consumer protection.

Reimbursement and timely action for fraud specifically via platforms like PayPal, Zelle, and Venmo was part of their oversight and new actions and legislation will remove that.

My recommendation would be to take any necessary actions to greatly reduce your risk if you plan to continue using those platforms.

[Gemma]

I’m scared to even type in the words ‘dark web’ I have no clue what it all means.

But are you saying we should look into it and see if our identities are showing up there? What are the steps?

Sorry you got hacked!

[Rhonda]

Had someone file for my tax return and get it. I think it was someone from the company who installed our solar panels.

No one else would have knowledge of my ssn and the large return. Had no idea until it was August and no refund came through.

It took a very long time to prove I was me and get the $ back. 12 years later I still have to file differently.

[Liz]

Not judging OP, truly I’m always baffled by the commercials offering to clean up subscriptions and “save you money”.

How do you sign up for something and not see the monthly charges and continue paying for years for something you don’t use?

[Julianne]

We recently had a networking call with a cybersecurity expert who said “it’s not IF; it’s WHEN” you’ll be hacked.

There are a million ways (exaggeration here) for them to hack your info.

Great advice!

[Nancy]

If we shouldn’t use the phone as a second step, then what should we use?

Our emails are out there too

[Maggie]

A couple questions
For #2 So do you need a brand new phone if they have your E-simm? My friend got hacked and everytime he thinks it’s taken care of, he keeps seeing wierd activity again.

He has an I phone.

Second, how did you find out who did it?

[Barbara]

Oof, so sorry you’re going through all that, but what a great attitude to have!

I haven’t tried to use any of the dark web services because I assume info will just show up there again relatively quickly and I don’t want to pay someone indefinitely.

Same with the LifeLock type services, personally I don’t think they’re worth paying for.

I have a few credit monitoring services for free due to various data breaches, and I haven’t found them to be particularly useful.

Especially since it’s so easy to freeze credit.
This is what I do:

Unique passwords for each account (and a password manager, I use KeePass)

2 factor authentication, using an authenticator when possible
Check credit reports every 2-3 months (though I’ve been more lax about this lately)

Credit freeze at all 3 bureaus (actually I just lifted it to apply for a cc – easy-peasy! I was able to do a temporary thaw for just a day, don’t even need to remember to go back and re-freeze)

Number lock on my phone to help prevent SIM swapping (very easy to do on Google Fi, I assume other carriers have similar things)

I also use YNAB for budgeting and it makes it very easy to keep very close track of all my credit card transactions (and I have a lot of credit cards.) I would know very quickly if there were fraudulent charges.
I haven’t had major issues with identity theft, though years ago someone filed a fraudulent unemployment claim in my name.

Since then I’ve had to use a PIN to file taxes, but luckily there were no other repercussions.

[Author]

Posts