Should you pay for identity theft protection?

S.F. Ehrlich Associates |
Categories
Cybersecurity

If you think your name, Social Security number, address, and other identifying information are not available on the so-called dark web, reconsider your position. In fact, if we just assume a lot of our personal information is already available for sale, we can act accordingly. 

Assuming we’re all potential targets for identity theft, it makes sense to ask: Should you pay for identity theft protection? Kiplinger’s Magazine asked that same question and had the following to report1:

“Identity theft plans typically include some combination of account monitoring, alerts and restoration support. In other words, they don’t stop criminals from targeting you – they just respond to identifying theft once it has happened.” 

The article notes that when an individual knows he has ‘someone’ who will clean up identity theft, it can lead to subscribers becoming careless. Neglect can include reusing the same simple passwords to access multiple websites, sloppily opening email attachments, and responding to unsolicited phone calls. 

“According to Aura, a company that provides identity theft protection plans, you don’t necessarily need ID protection services. While monitoring and fraud alerts are valuable ways to protect your identity, they don’t do anything you can’t do on your own.” Even with identity theft protection, “…it can take years to…restore your identity.” If the theft incident includes the loss of funds, it can also take years to retrieve those funds as well, even with identity theft protection. 

What can you do on your own:

  • Use a password manager. Be prepared for a time commitment when starting with a password manager. You must input each individual website and password. Once you’ve entered all your passwords into the program, you’ll have to log into the password manager to find them when you want to log into one of those websites. But password managers will generate complicated passwords, which are likely superior to your current passwords. Also, the program will alert you when the same password has been used multiple times if you’re intent on using your own. (Repetitive passwords make it easier for hackers to log into multiple secure websites. That’s why every website that is password protected should have its own unique password. To repeat: Every website that is password protected should have its own unique password.)
  • Check with your credit card company to see if it offers alerts and restoration services, as many companies offer similar services at no additional cost. Also worth noting, if you’re the victim of credit card fraud, it’s likely “… you will not have to pay a single dollar due to a fraudulent charge made on your account.” 
  • Ask your homeowner’s or renter’s insurance company if your policy includes protection for financial accounts. 
  • Install and update antivirus software. Many programs on the market include automatic updates so you can be protected since hackers improve their programs minute to minute. 
  • If you receive an official notification, such as via letter, that your personal information may have been hacked through a third-party website, sign up for any credit monitoring service that may be offered. Caution: if you receive an email stating that your personal information was stolen from a store, like Target, for example, do not respond to the email. Rather, go to the Target website for any alerts about a hacking incident. If that doesn’t work, call the toll-free number listed on the legitimate Target website (i.e., Target.com). You can be hacked by people who are pretending to alert you of a hack, which is the ultimate insult. 
  • Set up a credit freeze with the three national credit bureaus (Experian, Equifax, and TransUnion) so no one can get a credit card using your name. (Remember to take the freeze off, however, if/when applying for credit.)

Finally, never forget the tried-and-true methods that we’ve preached over and over:

  • Use unique and complex passwords for every account.
  • Where available, use multi-factor authentication to log into any sensitive account, including all financial and credit card accounts. (An example of multi-factor authentication is when a company texts the cell phone of record with a unique set of numbers you must enter on their website before allowing access to the account.) 
  • Never open attachments from unsolicited emails.
  • Never respond to requests made from unsolicited phone calls.

If confronted with a situation where a hacker may be involved, STOP, do nothing and call a friend (or your financial advisor). There is rarely anything so urgent that it can’t wait a few hours or until the next day. 
 

 

 

1 Brady, Sarah. “Is Identity Theft Protection Worth It?” Kiplinger, 9 Jan. 2025. 

 

Please remember that past performance may not be indicative of future results.  Different types of investments involve varying degrees of risk, and there can be no assurance that the future performance of any specific investment, investment strategy, or product (including the investments and/or investment strategies recommended or undertaken by S.F. Ehrlich Associates, Inc. (“SFEA”), or any non-investment related content, made reference to directly or indirectly in this newsletter will be profitable, equal any corresponding indicated historical performance level(s), be suitable for your portfolio or individual situation, or prove successful.  Due to various factors, including changing market conditions and/or applicable laws, the content may no longer be reflective of current opinions or positions. Moreover, you should not assume that any discussion or information contained in this newsletter serves as the receipt of, or as a substitute for, personalized investment advice from SFEA.  To the extent that a reader has any questions regarding the applicability of any specific issue discussed above to his/her individual situation, he/she is encouraged to consult with the professional advisor of his/her choosing.  SFEA is neither a law firm nor a certified public accounting firm and no portion of the newsletter content should be construed as legal or accounting advice.  A copy of SFEA’s current written disclosure Brochure discussing our advisory services and fees is available upon request. If you are a SFEA client, please remember to contact SFEA, in writing, if there are any changes in your personal/financial situation or investment objectives for the purpose of reviewing, evaluating, or revising our previous recommendations and/or services.