This is preemptive action. My wife thinks she left her purse in the cart at Target. She's headed back there now.
This is what I'm doing so far:
Anything that I'm missing? And I'll be doing this even if everything is exactly where she left it, because it is too easy to take pictures of everything.
The paranoia is strong in this one!
Why do folks live in fear?
My BIL will not leave his house as he is afraid squatters will occupy his property.
This is not a healthy place and feeds on itself.
To be fair, someone yoinking the credit cards from a forgotten purse is far more likely than squatters occupying someone's house over the weekend.
Mtn: I think you'd be ok with just requesting the new cards. I'm not following why you're changing all the passwords. Does your wife keep them in her purse?
thatsnowinnebago said:To be fair, someone yoinking the credit cards from a forgotten purse is far more likely than squatters occupying someone's house over the weekend.
Mtn: I think you'd be ok with just requesting the new cards. I'm not following why you're changing all the passwords. Does your wife keep them in her purse?
Think about how you change your password to anything. Hopefully there is a text and an email sent, and you have to act on both. But what if it is just an email? Ok, well, what happens if you've forgotten your email password? They'll ask you a series of questions that are specific to you, and not that hard to figure out from information in a purse. For instance, you could see what college my wife went to in the purse, and you could take a guess that the city you met your spouse in was the city you went to college in, and find your address and potentially your parents address (she just picked up mail delivered to her parents address with her name on it) so all of a sudden, they have your current address, your childhood address, and they can get into a shocking amount of information on you from just what is in a purse.
It sounds alarmist, but I have seen fraudsters do more with less.
bentwrench said:Why do folks live in fear?
Usually it's because they, or people close to them, have had bad things happen to them. But yes, like everything, it's possible to take it too far.
With how miserable identity theft can be, I don't think taking basic steps to protect yourself from it constitutes living in fear. I think what the OP has done so far is pretty reasonable. Changing passwords regularly and having credit frozen are both good standard practices nowadays anyway. Reporting cards as lost is usually a quick and easy process, but updating stuff on auto-pay can be a pain. I'm in for any additional info.
When answering security questions like what high school you went to, lie and say something like purple. It makes them impossible to find out through research.
I would lock your credit and put all the cards on hold until further notice.
mtn said:thatsnowinnebago said:To be fair, someone yoinking the credit cards from a forgotten purse is far more likely than squatters occupying someone's house over the weekend.
Mtn: I think you'd be ok with just requesting the new cards. I'm not following why you're changing all the passwords. Does your wife keep them in her purse?
Think about how you change your password to anything. Hopefully there is a text and an email sent, and you have to act on both. But what if it is just an email? Ok, well, what happens if you've forgotten your email password? They'll ask you a series of questions that are specific to you, and not that hard to figure out from information in a purse. For instance, you could see what college my wife went to in the purse, and you could take a guess that the city you met your spouse in was the city you went to college in, and find your address and potentially your parents address (she just picked up mail delivered to her parents address with her name on it) so all of a sudden, they have your current address, your childhood address, and they can get into a shocking amount of information on you from just what is in a purse.
It sounds alarmist, but I have seen fraudsters do more with less.
So this doesn't work.
A: The criminal doesn't know the old password and goes through the guesses based on the purses information.
B: The criminal doesn't know the new password and goes through the guesses based on the purses information.
So you would have to change all of the security questions to things which would never be ascertained from the purses contents.
Note that credit card fraud and identity theft are two very different things. Nobody is liable for identity theft but you, so nobody but you is doing anything to prevent it. Freezing the credit reports is pretty much a good idea no matter what or when - your information HAS been leaked, probably in that massive Equifax leak a few years back and maybe in the past week by Experian.
Lost purse? Cancel the cards, any fraudulent charges are the bank's liability and they'll pass them along to the vendors. Which is why vendors work so hard to make sure they don't take any bad cards. Reporting the cards lost will help those vendors.
Make sure your email password is secure, because that's the password that rules them all. You'll get notifications of any changed passwords elsewhere, and social engineering your way past questions etc is a high effort game so it's pretty low risk overall.
Also, if you use real answers to security questions, don't play stupid Facebook games like "your porn name is your middle name and your first car". Better to use nonsensical answers and a password manager anyhow. Mother's maiden name? 1941. First car? Elephant. Nobody's going to social engineer those.
Not listed yet but a good one is to file your taxes early. If you're the first one to file taxes in a given year for your social, the IRS asks fewer questions.
Keith Tanner said:Better to use nonsensical answers and a password manager anyhow.
Good advice here. Use lastpass, keepass or whatever password manager you choose. Use it to generate long, random, unique passwords. Then use the autocomplete feature to avoid phishing attacks
Also get Google authenticator on your phone and enable 2FA on every website supporting it
In reply to Toyman01 + Sized and :
Purple. That's brilliant.
2_3 said:Keith Tanner said:Better to use nonsensical answers and a password manager anyhow.
Good advice here. Use lastpass, keepass or whatever password manager you choose. Use it to generate long, random, unique passwords. Then use the autocomplete feature to avoid phishing attacks
Also get Google authenticator on your phone and enable 2FA on every website supporting it
As much as I want to love Google Authenticator, it has a bad failure mode. I got locked out of an AWS account because my phone with Authenticator got destroyed and there was no other way to prove I was the owner of the account - all of their options were unworkable for one reason or another, like having a corporate phone system instead of a secretary answering the main line. I eventually had to cancel the card it was being charged to and allow the account to be suspended for non-payment.
2FA using SMS is not completely secure for sure, but it's better than no 2FA at all and it's fairly easily managed for anyone who is not a security professional.
2_3 said:Keith Tanner said:Better to use nonsensical answers and a password manager anyhow.
Good advice here. Use lastpass, keepass or whatever password manager you choose. Use it to generate long, random, unique passwords. Then use the autocomplete feature to avoid phishing attacks
Also get Google authenticator on your phone and enable 2FA on every website supporting it
Plus 100 for using keepass or something and nonsensical answer for security questions. I use keepass and there's a handy little note field on each account's password where I keep those answers.
I know it's not helpful now, but could be useful in the future.
Did she find her purse ?
Keith Tanner said:As much as I want to love Google Authenticator, it has a bad failure mode. I got locked out of an AWS account because my phone with Authenticator got destroyed and there was no other way to prove I was the owner of the account - all of their options were unworkable for one reason or another, like having a corporate phone system instead of a secretary answering the main line. I eventually had to cancel the card it was being charged to and allow the account to be suspended for non-payment.
2FA using SMS is not completely secure for sure, but it's better than no 2FA at all and it's fairly easily managed for anyone who is not a security professional.
You might already know this, but you can usually generate one use tokens and save them for those situations. SMS is also good, just use some kind of 2fa for any accounts you care about
californiamilleghia said:Did she find her purse ?
Yep
mtn said:californiamilleghia said:Did she find her purse ?
Yep
What street did she grow up on?
I'm glad she found it. Hopefully all the contents still in place.
I keep my credit reports locked by default. I very very rarely take out loans, and if I do I'll temporarily unlock them while I'm in the process of doing so.
I really like the fake answers to the security questions. That seems like a smart move.
Another option, my checking account which I rarely use has the option to lock the debit card right on the app. That renders the card useless until you open the app ans hit the unlock button. Something to think about.
You'll need to log in to post.
