Protect Your Social Security from Cyber Criminals

Social Security Fraud Blog for PayTaxesLater.com
As many of you know, I am a strong proponent of waiting until age 70 to apply for Social Security, because I want both you and your surviving spouse to receive the highest benefit possible during your lifetimes. And one of the technical points about Social Security that I’ve never covered in detail in my books – because it’s only been in rare cases that I have recommended that my clients do it – involves applying for benefits retroactively. But in order to make you understand how your future Social Security benefits could be at risk from cyber criminals, I find myself in the strange position of having to give you a quick lesson on how retroactive benefits work.

Suppose that you could have applied for Social Security at your Full Retirement Age (FRA) of 66, but you took my advice and waited so that you can receive the highest benefit possible at age 70. When you turn 67, you go to your doctor for your annual physical. There, the doctor gives you some terrible news – you have six months to live! Now you’re cursing at me because you missed out on all of this Social Security money that you could have collected since you were 66 – or did you? Not necessarily. In certain instances, Social Security will allow you to apply for retirement benefits retroactively. If you qualify, Social Security will send you up to six months of retroactive benefits, paid as a lump sum.

A True Horror Story of a Social Security Fraud Victim

I won’t waste time telling you how you can qualify for retroactive benefits because it’s a complicated topic, and I will not recommend you do it because it will result in lower monthly benefits for the rest of your life. I am going to tell you something very important that you need to understand about retroactive benefits: if you are at least Full Retirement Age but are waiting until age 70 to file for Social Security so that you can earn Delayed Retirement Credits, your account may be compromised by cyber criminals who are trying to get their hands on any lump sum retroactive benefits to which you might be entitled, but have no intention of ever claiming. Here’s a real-life example of what I’m talking about:

I have a client who received an unexpected letter from the Social Security Administration. She and her husband had intended to hold off applying for benefits so that they could earn Delayed Retirement Credits. The letter they received, however, stated that Social Security had approved their request for a lump-sum retroactive benefit payment, which amounted to almost $12,000. Immediately my client and her husband went to their local Social Security office, and in the several hours spent there, discovered that the criminal(s) had called the office and pretended to be her husband. During the conversation, which was on a recorded line, the criminal simply said that he had changed his mind and wanted to apply for benefits retroactively! And the Social Security office complied with his request!

It Seems to Have Become Easier for Criminals

I found this situation to be so unbelievable that I called the Social Security office myself and asked how it could happen. What I learned might shock you. In order to access my client’s Social Security account, the criminals had to provide them with only the husband’s full name, date and place of birth, mother’s maiden name, and his current address and phone number. Personal information like this is widely available online through sites such as Facebook and Ancestry.com, not to mention what is available on the dark web thanks to the infamous Equifax hack in 2017.

My client spent hours at the Social Security office trying to put a hold on the “lump sum withdrawal,” and were assured that everything had been resolved. We thought that the criminals had been thwarted and everything was fine, but yesterday they received a 1099 from the Social Security Administration saying that they had received $12,000 in benefits that they needed to report on their tax return! So now we’re back to square one, and are still trying to get this mess sorted out. It’s bad enough that the IRS has been notified that they need to pay tax on money they never received, but now I’m wondering whether my client is still earning Delayed Retirement Credits after these criminals filed for benefits under his name!

How Can You Protect Yourself?

The bottom line is that you need to treat your Social Security account like a bank or investment account. Even though you might not think of it as being an asset, it is – because if a criminal manages to take control of it, the consequences could be costly and far-reaching. One way to protect yourself is to open an account with Social Security online, at this website: https://www.ssa.gov/myaccount/. Even if you do not plan to file for benefits in the near future, this action can prevent someone else from opening an account in your name without your knowledge. For your security you will be required to create a user name and password, and they’ll send a one-time security code to your email or phone.

Once you’ve established your account, you should check it periodically to make sure that information such as your name, address and phone number is correct. They also have a feature called “Block Electronic Access,” which prevents anyone (including you) from changing your personal information online or over the telephone. If you block access to your account and then change your mind, you have to ask Social Security to unblock it for you.
Years ago, the fear of Social Security theft was largely confined to the possibility of armed thugs waiting outside the bank for retirees who had just cashed their monthly checks. Unfortunately, criminals are constantly looking for ways to liberate you from your money, and their creativity can be surprising. Remember, protect yourself and your spouse by making sure that your benefits are safe – even if you don’t plan to apply in the near future!

Are you interested in learning more about Social Security maximization strategies? Visit our Social Security section of our website here for more information.

Special Alert About the Equifax Data Breach

The Equifax Data Breach:
All You Need To Know

The Equifax Data Breach – What Should You Do

The recent data breach at Equifax has sparked a lot of discussion about how vulnerable the personal information of all Americans may be to theft.  Is there anything you can do to protect yourself in our computer-driven society?  While the Equifax hack was by far the largest in history, it’s not the first and will not be the last.  In 2017 alone, Verizon, Blue Cross Blue Shield/Anthem, Dun and Bradstreet, Chipotle, Washington State University, and even the IRS have discovered that they’ve been hacked – exposing the personal information of millions of Americans to thieves.  The breach at Equifax was so far-reaching that several corporate officers have retired, and many on Capitol Hill are calling for a complete investigation.  With over 143 million Americans at risk of being involved in this massive breach, you could very easily be affected.

What You Can Do If Your Information Has Been Compromised

So what can you do to protect yourself?  You probably know that Equifax has set up a website where you can check to see if your number has been exposed.  If your information was exposed in the breach, you can get free credit monitoring for one year.   In my opinion, that’s like closing the barn door after the horse has gotten out.  They’re happy to let you know that someone has opened up a fraudulent account in your name, but it’s still up to you to clean up the mess if they do!  And what happens when your year of free credit monitoring is over?  If you don’t pay for credit monitoring every year for the rest of your life, you may never know if someone is using your identity at some point down the road.

What Does Freezing Your Credit Report Do?

Some experts are recommending that you place a freeze on your credit files.  A freeze prevents lenders from even accessing your credit report.  The advantage to freezing your file is that, if they do not know your credit history, lenders will not offer credit to a thief who is trying to use your identity.   What are the disadvantages of freezing your credit files?  First, it’s not an easy process.  There are three major credit reporting bureaus, and you will have to place three separate freezes.  You can do so by using these links:

Equifax freeze

Transunion freeze

Experian freeze

If you are a Pennsylvania resident, the law permits the credit bureau to charge you $10 to freeze your file.  Equifax has agreed to waive their fee, but only after public pressure.

Unfortunately, the data breach at Equifax has caused all three credit reporting agencies to be overwhelmed with requests to freeze accounts.  Many consumers are complaining that they can’t even get into the websites or if they do get in, that the site crashes after they fill out the application form.  If you have not already frozen your account, you may have a better chance of getting through if you try before 7:00 a.m., or after 11:00 p.m.  Another disadvantage of freezing your credit files is that if you need to apply for credit yourself – for a car loan, a home equity loan or even a medical credit card – you must first remove the freeze from your files.  You will need a PIN number to remove the freeze and, if you lose your PIN number, you will be facing a time-consuming and difficult process to get another one.

The Equifax Data Breach and Your Tax Return

Opening phony credit accounts in your name, unfortunately, could be just the tip of the iceberg.  The Internal Revenue Service (IRS), which has issued more than $20 billion in fraudulent tax refunds over the past few years, could be plundered unless there is intervention by Congress.  By law, the IRS must process your tax return within a specified period – generally 45 days – or they have to pay you interest on your refund.  To meet those guidelines, they’ve adopted a “pay first, ask questions later” philosophy.  In our practice, it’s not uncommon to see a client get a tax refund check and then an audit notice a year later! The IRS’s system requires little more than a name, date of birth and Social Security number to process tax returns – information which was exposed in the Equifax data breach – and they accept returns as soon as January 1st.   On the other hand, employers aren’t required to submit updated employment information to the IRS until March.  By that time, about half of all of the refund checks have already been issued!

Protecting Yourself After the Equifax Hack

So what can you do to protect yourself?  If you don’t want to freeze your credit files, then you should be checking your credit reports regularly for fraudulent activity.  Most of the major credit card companies allow you to request that you be notified if a charge is processed on your account that exceeds a certain dollar amount.  You should consider placing an alert for an amount that exceeds your normal spending threshold.   If you are traditionally a procrastinator when it comes to filing your tax return, don’t wait – get it filed as soon as possible.  Even if you owe, you don’t have to pay the IRS until April 15th.  If you have any credit card debt, get it paid off.  Financial institutions that fall victim to fraudsters because of the Equifax data breach will have to pass the cost of their losses on to their customers – and you don’t want to be one of the unlucky ones footing the bill.

Last but not least – whatever you do to protect yourself, make sure that you do the same for those who might not, including children and elderly parents!

Stay safe out there!

Jim