Security FAQs

• Equifax: Call (800) 349-9960 or go online. Check out the step-by-step Equifax credit freeze guide.
• Experian: Call (888) 397-3742 or go online. Here’s a detailed walk-through on a credit freeze with Experian.
• TransUnion: Call (888) 909-8872 or go online. Read TransUnion's credit freeze guide.

Freezing your credit is the best way to keep criminals from accessing it without your consent. A credit freeze makes your credit report off-limits to anyone who does not already have access to it. If you want to freeze your credit, you’ll need to contact each of the three major credit bureaus individually since each has a slightly different process. Generally, you need to provide your social security number, birthdate and other information to confirm your identity.

We recommend following these five best practices:

1. Install antivirus software and keep it updated. Antivirus software protects against all kinds of malicious software. In theory, you can set it and forget it. In practice, you should check your antivirus protection every now and then. Most antivirus utilities display a green banner or icon when everything is secure. If you open the utility and see yellow or red, follow the instructions to get back on track. Whether you choose a simple antivirus plan or a full-security suite, you'll need to renew it every year. Better yet, enroll in automatic renewal. With some security products, doing so enables a malware-free guarantee.
2. Use unique passwords for every login. One of the easiest ways hackers steal information is using a batch of username and password combinations from one source on another. The single best way to prevent one data breach from having a domino effect is to use a strong, unique password for every single online account you have.
3. Use two-factor authentication. While it slows you down, two-factor authentication makes your accounts more secure. It means you need to pass another layer of authentication – not just username and password – to get into your accounts. Two-factor authentication verifies your identity using at least two forms of authentication – something you are, have or know.
   • Something you are could mean authentication using a fingerprint or facial recognition
   • Something you have could be your mobile phone where you're asked to enter a code sent via text or tap a confirmation button on a mobile app; or a type of physical security key from Google or Microsoft
   • Something you know is the password
4. Clear your cache. In Chrome, Edge, Firefox, Internet Explorer, or Opera, press Ctrl+Shift+Del to bring up a dialog that lets you choose which elements of browser data you want to clear.
5. Turn off the “Save Password” feature in browsers.

Phishing is the fraudulent attempt to obtain sensitive information such as usernames, password and account information, often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. 

Here are five simple ways to protect yourself against phishing and other online scams:

1. Think before you click. It’s fine to click on links when you’re on trusted sites. But never just click on links that appear in random emails and instant messages. Hover over links that you're unsure of before clicking on them. Do they lead where they're supposed to lead? A phishing email may claim to be from a legitimate company and when you click the link to the website, it may look exactly like the real website. The email may ask you to fill in the information but the email may not contain your name. Most phishing emails will start with “Dear Customer,” so you should be on alert when you come across these emails. When in doubt, go directly to the source rather than clicking a potentially dangerous link.
2. Verify a site’s security. It’s natural to be a little wary about supplying sensitive financial information online. As long as you're on a secure website, however, you shouldn’t run into any trouble. Before submitting any information, make sure the site’s URL begins with “https” and a closed lock icon appears near the address bar. Check for the site’s security certificate as well. If you get a message stating a certain website may contain malicious files, do not open the website. Never download files from suspicious emails or websites.
3. Check your online accounts regularly. If you don’t visit an online account for a while, someone could be having a field day with it. Even if you don’t technically need to, check in with each of your online accounts on a regular basis. Get into the habit of changing your passwords regularly too. To prevent bank and credit card phishing scams, you should personally check your statements regularly. Get monthly statements for your financial accounts and check every entry carefully to ensure no fraudulent transactions have been made without your knowledge.
4. Keep your browser up to date. Security patches are released for popular browsers all the time, often in response to the security loopholes that phishers and other hackers inevitably discover and exploit. If you typically ignore messages about updating your browsers, don't. The minute an update is available, download and install it.
5. Use antivirus software. There are plenty of reasons to use antivirus software. Special signatures included with antivirus software guard against known technology workarounds and loopholes. Just be sure to keep your software up to date. New definitions are added all the time, because hackers dream up new scams all the time. Anti-spyware and firewall settings should be used to prevent phishing attacks and users should update the programs regularly. Firewall protection prevents access to malicious files by blocking the attacks. Antivirus software scans every file that comes through the internet to your computer, helping to prevent damage to your system.

Passwords can be inconvenient, but they’re important if you want to keep your information safe. Protecting your personal information starts with STOP. THINK. CONNECT.™ Take security precautions, think about the consequences of your actions online and enjoy the internet with peace of mind. Here are some simple ways to secure your accounts through better password practices.

1. Make your password a sentence. A strong password is a sentence at least 12 characters long. Focus on positive sentences or phrases you like to think about and find easy to remember (for example, “I L0v3 c0untry Musix!” or "Chocol@teCakeIsMyFavoriteDess3rt"). On many sites, you can even use spaces as characters. Note: Best practices call for passphrases that are easy for you to remember and hard for hackers to crack or guess.
2. Remember: unique account, unique password. Having separate passwords for every account helps thwart cybercriminals. At a minimum, separate your work and personal accounts and make sure your critical accounts have the strongest passwords. Avoid common or dictionary words. Use a combination of upper- and lowercase letters, numbers and special characters. Create passwords with at least 12 characters.
3. Keep it safe. Everyone can forget a password. Use a password manager to keep track of your passwords.