Avoid identity theft - How to freeze (or temporarily unfreeze) your credit, opt-out of unsolicited pre-approved offers, and secure your cell phone number

Posted by Paul Braren on Sep 1 2021 (updated on Sep 15 2023) in
  • Productivity

    • In September of 2018, credit freezes became free in the United States for Equifax, Experian, and Transunion. Credit locks often are not. The reasons why credit report reviews and freezes are a good idea are explained well by the FTC and Consumer Reports, with key excerpts below. The credit bureaus sell your data for marketing purposes, but by law they have to allow you to view your credit report and lock it from viewing by others. After that massive Equifax data breach in 2017, and the very recent T-Mobile data breach, it should be clear that there's no better time to take care of your identity than now.

    iphoneupgrade

    Table of Contents

    sn834
    Listen to this segment of the podcast about credit freezes.

    This article is intended to help provide you with convenient links to lock your identity down, greatly reducing the likelihood of somebody being able to easily steal it.

    ElqOyreW0AAQ5wy
    [Credit] freeze, get it? Photo credit Paul Braren.

    DISCLAIMER - If you run into issues, please reach out to the problematic bureau directly. Your security is your responsibility. I make no claims of being a security expert, this article is merely a collection of links and resources that I originally pulled together to help my family.

    After receiving yet another letter about a potential breach of a family member's data, I set out to renew my family's efforts to lock things down. While the URLs below may change over time, the basic process will likely stay the same for years to come. As an IT worker, also spurring me to write this article was WSJ's recent story about T-Mobile Hacker Who Stole Data on 50 Million Customers: ‘Their Security Is Awful’. At this point, I think most everybody in the US needs to assume they'll be breached, which greatly increases the odds of an identity theft.

    For me to take care of these credit reviews and credit freezes with my wife, we spent about two hours in all. Part of that time was spent very carefully keep everything carefully organized in a trust-no-one encrypted password manager, and making sure I could log off and log back into each account without issue. Given it takes less than 5 minutes to actually make the request to unfreeze/thaw each of these 4 bureaus reports, and under an hour for those requests to take effect, I feel it's well worth the minor inconvenience of having to temporarily unfreeze/thaw do this when financing something or asking for credit will outweigh the horrors of a identity theft clean-up. In most cases, the duration of the unfreeze/thaw can be specfied, so I generally won't have to remember to log back in to re-freeze these.

    Fraud alerts, credit monitoring, and credit repair are topics that are out of scope for this article. The focus here is on reducing the chance of a breach in the first place, without incurring monthly fees. As a reminder, you should also set a yearly calendar alert now, to remind you to check on your credit report on all 3 bureaus once a year, for free.

    STEP 1) Free Credit Report

    Annual-Credit-Report

    This is something you should do annually, and it can be done even if a credit freeze is in place. Be sure to review all of the information, to look for any inaccuracies that could very well affect your ability to receive credit that you apply for in the future.

    If you're not able to remember to review your credit reports annually, you may want to instead sign up for a paid credit monitoring service.

    Transunion free credit report requests link to the valid https://www.annualcreditreport.com/index.action site for pulling your free credit reports from Equifax, Experian, and Transunion, but I got errors when trying to pull my Experian reports this way. I suspect that was just a temporary issue, but just in case it's not, I've listed all 3 direct links separately.

      A. https://www.transunion.com/annual-credit-report
      B. https://www.equifax.com/personal/credit-report-services/free-credit-reports
      C. https://www.experian.com/consumer-products/free-credit-report.html

    STEP 2) Free Credit Freeze/Unfreeze

    Security-Freeze

    Whether it's freezing or locking your credit that you choose, it's widely recommended that you do this at all 3 credit bureaus. Each have these basic steps in common:

    • Create an account using an email address and password
    • Create some security questions and answers
    • Verify the account using an SMS message
      (while this method is far less secure than App based multi-factor authentication, it's all they offer)
    • Answer a barrage of financial and personal questions that only you would be likely to know, to help establish your identity
    • Now that you're identified and logged in, create a PIN number that only you know and make the freeze or lock request which only takes seconds.
    • Once you've created these accounts at each of these bureaus, you'll be getting several emails per week, so go ahead and unsubscribe to avoid most of the clutter in your inbox

      A. https://usa.experian.com/mfe/member/security-freeze
      B. https://my.equifax.com/membercenter/#/freeze/freeze-manage
      C. https://service.transunion.com/dss/freezeStatus.page

    Once frozen, unfreezing(thawing) will require you to provide your email, password, and lock/unlock PIN, and typically takes under 5 minutes to do, using these same links above.

    STEP 3) Opt-out of Pre-approved Offers

    This topic is related in that it's the credit bureaus that sell your information to allow for those unsolicited credit card and insurance offers. These pose a risk if intercepted in the mail, such as when you change addresses and the new tenant or owner gets some of your old mail. I've seen a family member affected by this sort of theft, and the clean-up wasn't exactly fun or easy.

    How about avoiding the sale of your data, along with the wasteful junkmail along with it? This FTC article has all the details on how to go about doing this.

    STEP 4) Lock your cell number portability

    LUuRdKYvo-2
    Listen to this segment of the podcast about cell phone carrier vulnerability to impersonation.

    Since SMS is often your second factor in two-factor (MFA) logins for banking for example, you really don't want somebody to take your cell number from you. Locking your cell number's portability lower the chances of unauthorized callers from impersonating you and requesting your number be migrated to another carrier. If you do this lock from these web pages below, you won't need to install the respective carrier's app.

    STEP 5) Lock your cell number account with two-factor authentication

    Verizon-Two-Factor

    This adds an extra layer of protection from somebody logging in to your cell carrier's website.

    STEP 6) Change your cell carrier PIN and make it long

    create-reset

    Sep 17 2021 Updates

    1. A fifth credit bureau called ChexSystems exists, and you might consider doing Report Request and Security Freeze there too. I'm not really sure how much value there is on concerning yourself with smaller bureaus like these.

    2. If you are in the US and are in the iPhone Upgrade Program, each time you go to upgrade your iPhone such as today's iPhone 13 / iPhone 13 Pro / iPhone 13 Pro Max, you'll see an email from "Welcome to Your iPhone Loan" from noreply@mailer.citizensone.com after you request your upgrade. This worked for me just fine today without thawing any of my security freezes, as I had an existing financial connection with this lending institution. This credit inquiry was approved instantly, with issue, details on the type of credit inquiry (soft or hard) here and here, and by Apple here.

    3. Added cell carrier PIN section above.
    2021-09-15_15-04-39
    Here's how I've configured my Outlook.com email to filter out Equifax emails and stow them into a subfolder called Credit.

    Once I signed up for credit freezes, all the of the major bureaus are sending me a lot of email hoping to up-sell me on paid for offerings. Not all of them can be unsubscribed from. One way to counter this is to create email filters to push such emails into an email folder, such as this method that works with outlook.com email.

    Sep 15 2023 Update

    I added the iPhone Upgrade Program information to this article.

    The URLs for freeze/thaw have changed, here's what they were when this article was originally published in September of 2021:

    Free credit reports:
    A. https://www.transunion.com/annual-credit-report
    B. https://www.equifax.com/personal/credit-report-services/free-credit-reports
    C. https://www.experian.com/consumer-products/free-credit-report.html
    D. https://innovis.com/personal/creditReport

    Freeze/Unfreeze (Thaw):
    A. https://www.equifax.com/personal/credit-report-services/credit-freeze
    B. https://www.experian.com/freeze/center.html
    C. https://www.transunion.com/credit-freeze
    D: https://innovis.com/personal/securityFreeze

    I also decided to deprecate Innovis, here was the original info:
    The fourth up-and-comer bureau that you should include is Innovis, and they require a request form be filled out, then you get a confirmation email that simply states

    Thank you for ordering your Innovis Credit Report. You can expect to receive your credit report in the mail within 7-10 business days.

    All URLs above re-checked and adjusted where needed.

    Title changed from:
    Identity theft countermeasures: How to freeze your credit, opt-out of unsolicited pre-approved offers, and secure your cell phone number
    to
    Avoid identity theft - How to freeze (or temporarily unfreeze) your credit, opt-out of unsolicited pre-approved offers, and secure your cell phone number

    See also at TinkerTry

    See also

    free-credit-freezes-are-here
    • Free credit freezes are here
      Sep 21 2018 by Andrew Smith and Gail Hillebrand at FTC

      Free credit freezes and year-long fraud alerts are here, starting September 21st, thanks to a new federal law. Here’s what you should know:

      Free credit freezes
      Security freezes, also known as credit freezes, restrict access to your credit file, making it harder for identity thieves to open new accounts in your name. Starting September 21, 2018, you can freeze and unfreeze your credit file for free. You also can get a free freeze for your children who are under 16. And if you are someone’s guardian, conservator or have a valid power of attorney, you can get a free freeze for that person, too.

      How will these freezes work? Contact all three of the nationwide credit reporting agencies – Equifax, Experian, and TransUnion. If you request a freeze online or by phone, the agency must place the freeze within one business day. If you request a lift of the freeze, the agency must lift it within one hour. If you make your request by mail, the agency must place or lift the freeze within three business days after it gets your request. You also can lift the freeze temporarily without a fee.

      Don’t confuse freezes with locks. They work in a similar way, but locks may have monthly fees. If you want a free freeze guaranteed by federal law, then opt for a freeze, not a lock.

    why-a-free-credit-freeze-is-better-than-a-credit-lock

    TinkerTry - PCs, EVs, home tech, efficiency and more, including virtualization. My opinions here, not my employer's.

    Paul Braren, MCSE in 1998, VCP #2681 in 2005, vExpert 2014 to 2024, Veeam Vanguard Emeritus, 2015 to 2019.

    Support TinkerTry

    PayPal | Patreon | VMware Store

    After 6 successful years testing then shipping well over 1,000 Xeon D Bundles, Wiredzone had to stop selling them in mid-2021 due to cost, supply, and logistics challenges. So far, Xeon D-1700/2700 (Ice Lake D) was a minor refresh for 2023, with Xeon D-1800/2800 (Granite Rapids D) refresh looking a little better for 2024. More cores, but still just PCIe Gen4 and DDR4. Looking ahead, I'm glad it's Pat Gelsinger at Intel's helm. I'm also grateful to have had the honor of working at VMware when Pat was the CIO there. I'll leave it at that, given the whole Broadcom thing.

    Easily update VMware ESXi at TinkerTry.com/easy-update-to-latest-esxi