Could your personal information soon be stolen?
The possibility cannot be dismissed. Sensitive financial and medical data pertaining to your life may not be as safe as you think, and thieves may turn to a vast resource to try and mine it – the Social Security Administration.
Consider three facts, which in combination seem especially troubling. One, Social Security’s databases contain sensitive personal information on hundreds of millions of Americans, both living and dead. Two, more than 34 million Americans interact with the SSA online. Three, nearly 100% of Social Security benefits are disbursed electronically.1
The more you reflect on all this, the more you realize that cybercrooks could take advantage of you by creating a bogus online Social Security account in your name, in order to steal your benefits and/or your personal data.
Creating and maintaining a MySSA account may lessen the threat.
Last year, Social Security advised all current and future benefit recipients to set up and actively use an online profile. The agency’s blog noted that this simple move could “take away the risk of someone else trying to create [an account] in your name, even if they obtain your Social Security number.” This is a case where you want to be first rather than second.1
Setting up a MySSA account is easy; the first step is to visit ssa.gov. Whether you have an existing account or not, you will want to review your mailing address, date of birth, and other essential pieces of information. If they are not correct, they demand attention.
Are you working full time in your late sixties?
Then be vigilant. If you have reached Full Retirement Age (66 or 67) without filing for retirement benefits, your Social Security profile may be especially tantalizing to a cyberthief. In this circumstance, you are eligible to receive up to six months of benefits retroactively, as a lump sum. That could mean a payday of more than $10,000 for a criminal who assumes your identity.2
Make no mistake, cybercrooks have exploited Social Security accounts.
While the SSA told Reuters this year that the incidence of fraud is “very rare,” a 2016 audit by the Office of the Inspector General found that during 2013, around $20 million in Social Security payments were directed to the wrong parties. That swindling involved about 12,200 MySSA accounts – less than 2% of the total in 2013, but certainly enough to raise eyebrows.1,2
The SSA tightened authentication standards in 2017.
It added security codes to help certify the legitimacy of MySSA account users. It regularly analyzes MySSA transactions for fraud.1
What should you do if you suspect fraud?
If you log in and it appears your monthly benefit has not been sent to you, contact the SSA at 1-800-772-1213 or call your local SSA field office. In addition, you can activate the “Block Electronic Access” option on your MySSA account; that will prevent anyone, you included, from accessing your Social Security records via computer or phone. Electronic access is only restored when you get in touch with Social Security to confirm your identity.1
Establish an online Social Security account and keep checking it.
In logging on regularly, you may do your part to help the SSA detect and ward off criminals who could use your identity to collect or file for benefits.