CPA David Young of the New York State Society of CPAs shared seven steps everyone should be taking to protect their identity Monday during News 8 at Sunrise.

1, Monitor your accounts – With apps like Mint, Personal Capital, and YNAB that allow you to check all accounts from one place, it’s easier than ever to quickly monitor your accounts. Get into a habit of checking your accounts regularly, and if you have joint accounts, don’t assume your account co-owner made a purchase or initiated a change if you notice activity you don’t recognize.

Be sure to regularly complete updates to your computer and other electronic devices. It turns out the Equifax breach stemmed from failure to patch a bug that was easily fixed with an update. Don’t let your devices put you at risk.

2. Be Smart and on guard – Be on notice if you get an IRS notice – One example of tax identity theft involves a scammer using your Social Security number to file a false return and then collecting a tax refund he or she doesn’t deserve. For that reason, you may learn you’re a victim of tax identity theft when you receive a notice from the Internal Revenue Service stating more than one tax return was filed with your information. Your best response is to respond immediately by following the instructions in the notice. If you believe you are at risk of identity theft due to lost or stolen personal information, you should immediately contact the IRS Identity Protection Specialized Unit at (800) 908-4490 so the agency can take action to secure your tax account. The IRS will issue you a six digit pin each year once your IRS account has been breached.

Don’t send private personal information in your email. – Use secure portals and/or encrypted email.

3. Change your passwords – If you fear your information has been compromised, change your password. Choose a solid password — not just a different iteration of the previous one, like changing your password from Password1 to Password2. Don’t create passwords that can be easily guessed from your personal information, like the names of family members, your birthday, or your anniversary.

While it’s tempting, don’t reuse passwords.

4. Use Two Factor Authentication – Two Factor Authentication, also known as 2FA, two step verification or TFA (as an acronym), is an extra layer of security that is known as “multi factor authentication” that requires not only a password and username but also something that only that user has on them, such as a piece of information only they have or their cell phone or fob.

5. Check your credit report – Even though Equifax’s breach may make you wary of credit reporting agencies, it’s still important to regularly monitor your credit report for new accounts that you did not open.

You can receive a free credit report once a year from each of the three credit reporting agencies — Equifax, TransUnion, and Experian — by visiting If you create a calendar reminder and space out these reports, you can check your credit report for free every four months.

If you have a perk through your bank or credit card that allows you to access your credit score, check your score regularly. If you see it start to drop, check your credit report to make sure no one has fraudulently used your information.

6. Use third-party monitoring – Third-party credit monitoring informs you if something changes on your credit report. Some credit monitoring companies will also notify you if suspicious activity occurs on your credit card or your bank account.

Equifax is now offering a free year of credit monitoring with TrustedID Premier and has removed the legalese that waived your right to future legal action if you register for the program.

You may sign up for this monitoring whether you were affected by the breach or not. TrustedID Premier will monitor your credit report and Social Security number, but it will not inform you of suspicious charges to your credit card accounts or changes in your bank or investment accounts. TrustedID Premier will provide a credit report lock and $1 million in identity theft insurance.

If you’re concerned that your information has been compromised, you may want to register for both Equifax’s free TrustedID Premier Program and credit monitoring from a company that also reviews activity in your credit and bank accounts.

7. Consider a fraud alert or credit freeze – Another option to proactively protect yourself from having credit taken out in your name is to use a fraud alert or credit freeze.

You may place a fraud alert on your accounts by contacting any of the three credit bureaus (the one you contact must notify the other two). This alert will signal to any creditor that you are at risk for identity fraud, and they must take additional steps to verify your identity before extending new credit or making changes to a current credit account. A fraud alert lasts for 90 days.

A credit freeze is a more extreme measure to protect your credit. If you put a credit freeze on your account, it prevents anyone from accessing your credit report without permission. If you want to open a new credit account, you must contact the credit reporting agency to temporarily lift the freeze. There is also a fee to initiate and lift the freeze.

A fraud alert and a credit freeze may be effective in preventing someone from opening new credit in your name, but these measures will not prevent someone from accessing current accounts.

If you are certain you are a victim of identity theft, time is of the essence. Immediately visit the U.S. government website and follow its guidelines to mitigate the damage.