Broker Check

Have You Been Hacked?

December 22, 2021


Identity theft and data breaches seem to have become part of the fabric of our lives in today’s world. So much so, that maybe we are becoming immune and … dare I say … accepting of its potential impact on us.

We cannot simply give up because we may feel overwhelmed by the technical aspects of cybersecurity. And we should not delude ourselves into thinking that paying a monitoring service a nominal fee is the only thing we need to do. The former simply places wealth at risk immediately and the latter may merely let us know when the risk has been realized.

So, what do we do? Certainly, we should all be vigilant and take steps to prevent the disclosure of our personal information…things like using strong passwords that are changed on a regular basis and making sure that malware protection on our devices is up to date. 

But truthfully, for many of us, much of our personal data is already available on the “dark web,” often through no fault of our own. How did this happen? It happened over the years of large corporate data breaches such as the T-Mobile data breach exposed just this year, the Wawa data breach exposed in 2019, the Marriott data breach exposed in 2018 and the Equifax data breach exposed in 2017… to name just a few.

The current issue of the Yahoo Tech newsletter1 reports that a Stanford University researcher said he could buy a mother’s maiden name, Social Security number and current address for $10.

I don’t have the ability to get into the technical weeds of cybersecurity; neither is my purpose here to discuss cybersecurity philosophically. Rather, my goal is to define the current reality and describe a few effective action steps.


  • It is likely that personal information about you is already available to hackers.
  • With that personal information, a hacker may be able to access your accounts or obtain credit in your name.
  • Therefore, an important goal of cybersecurity protection is preventing the use of the already available personal information from harming you in addition to alerting you after it has been used.


  • Freeze your credit reports.

If hackers can access your credit reports with the personal information available about you, they might be able to establish new credit accounts in your name or gain access to existing ones.

A “frozen” credit report requires a PIN to open it and adds another layer of protection.  Knowing your name, Social Security number, address and mother’s maiden name won’t be enough without the PIN. Freezing your credit reports is free. Unfreezing them to allow a bona fide creditor access to your reports when you apply for credit is also free.  And it can all be accomplished simply and quickly online.

The reports from all three major credit reporting bureaus (Equifax, Experian and TransUnion) should be frozen.

  • Create a “banking-only” email address.

When you arrange online access to your bank accounts and credit cards, you generally need to provide the financial institution with a contact email address. We suggest that you create a separate email address just for this purpose.

This special banking-only email should not contain any identifying information. It should not be used for any non-financial purpose, and it should not be shared with others. This special use email address can reduce the digital footprint available to hackers.

  • Use the E.M.A.I.L. rule.

Very simply, E.M.A.I.L. stands for Examine Mail and Inspect Links. Email attachments and links can contain viruses and other malware and provide entrée to hackers to your computer and/or email account.

Prior to opening an attachment or clicking on a link in an email, we suggest that you verify the source of the email and the address to which a link may be taking you. This may be accomplished by hovering your mouse over the “from” address to see the true source and by hovering the mouse over the link to view the address of the link destination.

Hackers have become very sophisticated in their ability to mimic the logos and content of common financial and commercial websites. Therefore, it is always prudent to follow the E.M.A.I.L. rule and take action to reduce the chance of becoming a victim.

You don’t intentionally leave the doors to your house open. Why leave your digital doors open?  Please contact us to discuss additional cybersecurity actions you can take or if you want more information about how freezing a credit report, using a banking-only email address or implementing the E.M.A.I.L. rule. 

Remember, we are here to help.