Counterattack: 10 Steps to Take if You Think You've Been Hacked

Have you ever had the sinking feeling that you just replied to a phishing email – one purporting to be from a trusted source which isn’t?

1. Keep your digital life healthy—and separate
Create an email account that will be used only for your financial accounts.  Don’t use the same email account that you use for online shopping sites, social media or other sites.

2. Is it from USAA? Look for the USAA Security Zone
USAA emails display the USAA Security Zone stamp in the upper right hand corner of the email. Security Zone contains your first and last name and the last four digits of your member number.  This is your assurance that the email is legitimately from USAA. If you’ve received a suspicious USAA email, send the information to abuse@usaa.com then delete.

3. Strengthen logins
Opt for multifactor authentication methods wherever it’s offered, including your email, social media and financial accounts.  This requires more than one method of authentication (such as one-time code to your mobile phone plus your password) to verify your identity. Change passwords often.

4. Protect your whole household
Fraudsters can gain information about you, your spouse and kids through their accounts. Remind them to monitor their accounts and take the same security precautions as you have.

5. Set up and respond to alerts
USAA and most financial institutions will alert you when suspicious activity is detected on your accounts. Promptly review and respond to these alerts to help ensure that fraud is prevented or detected early.

6. Monitor your credit report and scores
Sign up for USAA’s free Experian CreditCheck to monitor your credit score and changes to your credit profile.

7. Report suspicious activity to counteract threats and get your accounts locked down
USAA can take action to secure and restore your accounts.  Review and respond to security alerts and if you suspect fraud, report it here.

8. Complete an Identity Theft Affidavit
Complete and print an Identity Theft Affidavit at identitytheft.gov or call the Federal Trade Commission at 1-877-438-4338. Then you can have the fraud alert extended for seven years. This will notify potential creditors or lenders that you are a victim of identity theft and that they must take extra precautions to verify your identity to gain access to your information.

9. Be proactive
If you are not a victim of identity theft but would like to proactively protect your information, you can place a credit freeze by contacting each credit bureau

10. Active Duty Alert for service members
Service members who are deploying are strongly recommended to place an Active Duty Alert on their credit report which means businesses must take extra steps before granting credit in your name. This alert is renewable for the term of your deployment.
Going forward, Aguirre says, “It’s really about being vigilant and taking the right steps to protect and monitor your accounts.” Visit USAA’s Security Center to learn more.