print   email   Share

Identity Thieves Want Your Family's Data: Is Staff Keeping It Safe Enough?

The Social Security Administration (SSA) recently issued a warning concerning fraud scams targeting the personal information of Social Security beneficiaries.

In the most recent scam, fraudsters steal personal data in order to open up a "mySocialSecurity" account on the SSA website in their victim's name. The identity thieves then redirect their victim's Social Security direct deposit payments to a bank account that the fraudsters control.

The SSA states that, rather than discouraging use of the "my Social Security" online account, beneficiaries should create an account as soon as possible in light of this current scam, even if you don't plan to access benefits ever or until much later in your life. Creating your account now means that an identity thief cannot open an account in your name later.

If you receive a notice that you have opened up a "mySocialSecurity" account and you did not do so, immediately contact the SSA by calling or visiting your local SSA office, or by calling SSA's toll free customer service at 1-800-772-1213 (the TTY number for deaf or hearing-impaired individuals is 1-800-325-0778). Ryder Christ "Nationwide identity theft targets Social Security beneficiaries" (May 29, 2018).

Commentary and Checklist

Those receiving Social Security are not the only ones who need to watch out for identity thieves. Fraudsters use scam phone calls and emails to target individuals of all ages in order to steal their personal information.

Identity thieves often pose as representatives with legitimate organizations—the SSA, IRS, or another governmental institution, or your bank or credit card company—in order to get you to trust them with your personal data. They may also try to trick you into giving information by making you scared, such as by threatening you with jail, or excited, such as by telling you that you have won a contest.

Make sure your staff is trained to not fall prey to identity thieves’ tricks and disclose sensitive information. Here are tips for family employers to use to help protect sensitive information:

  • Have staff members sign nondisclosure agreements upon hire stating that they will not disclose your personal information to third parties without your expressed, written consent. Make sure your agreement states that it will remain in effect after staff resigns or is terminated.
  • Have staff members only perform work on work-issued devices and require them to return all work-issued devices upon resignation or termination. Prohibit staff from storing your personal information on their personal devices.
  • Prohibit staff from keeping data when they leave. Revoke their access to your online accounts and change all passwords.
  • Remind staff who leave your employment of your data security policy and the nondisclosure agreement. State that taking protected data or leaking private information will lead to legal action.
Finally, your opinion is important to us. Please complete the opinion survey: