Protect Yourself Against Social Security Identity Theft

Last fall, after the Equifax breach, Jim Borland, acting deputy commissioner for communications at the Social Security Administration wrote a blog post on the agency website headlined “Protecting Your Social Security.”  He said: “A my Social Security account is your gateway to many of our online services. Create your account today and take away the risk of someone else trying to create one in your name, even if they obtain your Social Security number.”

Credit: Adobe Stock

I took Borland’s advice, since anyone 18 or older with a Social Security number, an email address and a mailing address can open a mySocialSecurity online account and maintain it for decades before claiming benefits. But fewer than nine months after I opened the my Social Security account, I received an unexpected email from the Social Security Administration. It said: My account was being deactivated at my request.

I was mystified since I hadn’t contacted the agency. And no one else had access to personal details to change my password. So I called the next morning and requested a direct deposit block on my Social Security account to prevent any additional suspicious activity. (Even though I don’t collect Social Security benefits yet, a block offers two apparent safeguards: It prevents changes to direct deposit information through a financial institution or through the Social Security site. And it prevents someone else from changing my mailing address through the Social Security site.)

I also asked the Social Security Administration to notify its Inspector General about suspected fraud.

Then I tried to find out what happened.

The U.S. PIRG (Public Interest Research Group) website offered a possible clue. “With full name, birth date and Social Security number a thief can try to open a  my Social Security account in your name and change your direct deposit information to his or her checking account.”

It continued, “Coupled with other information that can easily be found online such as place of birth, a thief can try to claim your benefits over the phone.”

My compromised account, it turns out, was not alone.

In its 2018 Identity Fraud Report, the Javelin Strategy and Research firm found nearly a third (30 percent) of U.S. consumers were notified of a breach in 2017, up from 12 percent in 2016, to the tune of $16.8 billion dollars. And for the first time, Social Security numbers were compromised more than credit card numbers in breaches. What this means, according to Javelin, is that 35 percent of individuals who were notified that their personal information was involved in a breach in 2017 had their Social Security numbers compromised.

One reason Social Security number theft is up: scammers seem to have shifted tactics. “Over the past couple of months, our helpline has received fewer reports of the IRS scam [a con artist pretending to be from the Internal Revenue Service, demanding money] while complaints about scammers impersonating the Social Security Administration have been on the increase,” said Amy Nofziger, an AARP expert on frauds and scams.

“I am aware advisories have been put out for consumers to beware of impersonation schemes,” said Mike Litt, Consumer Campaign Director at U.S. PIRG based in Washington, D.C.

How do you safeguard your Social Security benefits if you are months or even years away from collecting them?

Perhaps its counterintuitive, but experts recommend signing up for a my Social Security account and closely monitoring it.

The way to do that, says Mike Litt, consumer campaign director at U.S. PIRG, is by logging into your Social Security account regularly and checking your personal information, such as your address or date of birth. If you see changes to the information you entered when you opened the account or information that doesn’t belong to you, contact the Social Security Administration (800-772- 1213 or by email: https://secure.ssa.gov/emailus).

“It may mean someone has tried to claim your benefits, perhaps by telephone,” Litt said.

To report possible fraud or identity theft, Nofziger suggests casting a wide net. “The more reporting entries the better,” she said. Besides the Social Security Administration Office of the Inspector General, the Federal Trade Commission and the Senate Select Committee on Aging fraud hotline 800-303- 9470 are options. (Note: The Federal Trade Commission is currently closed due to the lapse of government funding.)

The Social Security Administration says that if you have password problems with your my Social Security account, call Social Security and answer “helpdesk” when the auto prompt asks the nature of your call.

The Social Security Administration uses Equifax credit reports for personal identification verification. “If a person has a security freeze, fraud alert or both with Equifax, a my Social Security account could not be created,” the agency said in an email.

While reporting this story I checked back with the Office of the Inspector General to find out why my account was closed without my authorization. “Due to privacy and law enforcement concerns, we cannot comment on any investigative action we take on the allegation going forward,” communications director Andrew Cannarsa wrote in an email.

After checking my credit report and making sure it was accurate, I then opened another my Social Security account. The block is still in place and Social Security sent me a confirmation. But if I call to request direct deposit or mailing address agencies, the agency said, I may be asked to visit my local Social Security office to confirm my identity.