It’s amazing how easy it is for a thief or malicious person to access our personal banking information. Once they get that, they can get your Social Security number, copies of bank statements, and even copies of every check that was written on the account. They then post this information on the Internet so that hackers and others can access my accounts, steal money, or harass you.

What the banks don’t tell you when they ask for your mother’s maiden name is that this is a key password they use to grant access to anyone who calls and claims to be you. This name was fine before the internet and data miners could aggregate your personal information and make it available online with the lift of a finger. Now, with a simple Internet search using sites like Intellius, Peoplesearch, and others that list your date of birth, previous residential addresses, and family members going back generations, criminals have what they need to gain access to your most confidential.

Try calling your bank to see what information they ask for when they want to identify you. If they ask you your mother’s maiden name, you know you are vulnerable. If they ask for your three previous addresses where you lived, you are vulnerable. If they ask you for your date of birth you are vulnerable. Banks, schools, universities, and mortgage companies are the most vulnerable to being hacked or tricked into giving up our personal information.

Many years ago I dated a woman for a few months. There was something about her that wasn’t quite right, my friends said she was crazy. I distanced myself from her and started dating someone else. He did not know the nightmare he would be subject to for many years.

Feeling abandoned, she conspired to destroy me personally and financially. She lured me in by promising to refer clients to me. From those interactions, she gained enough information about me over time that she was able to put her plan into action. Being very smart, she hid in the shadows of the internet where she searched and found my mother’s maiden name. Then she was able to get my previous residential addresses from other sites. My entire life was for sale on the Internet for less than $75.

Then I needed a male voice to impersonate me. For that she got the cooperation of her sister’s boyfriend, who willingly impersonated me, even if it’s a federal crime. He then obtained a Voice Over Internet phone number that was untraceable and easily and quickly changed. Then one day they called after hours until he found where I had my bank accounts. The first thing the person at the Philippians call center asked the impersonator was “What is her mother’s maiden name?” (Since I had no idea this was a key security question when I opened my accounts years ago, I answered honestly. Big mistake!) My impersonator answered with the correct information. The next question was “what are the previous addresses where you lived”? Again, using information gleaned from Internet searches, the impostor answered correctly. He had also used a part of my old email address to log in online, another big mistake! The bank’s call center person assigned the imposter a new password so he could access my account online. Once she got into my account, they went into my personal profile and took my social security number, copies of my bank statements, and copies of the checks I wrote. That way, they knew everyone I wrote checks for, so when they called back they could reference a check number, amount, and the payee’s name as an identifier. Then he put this information on the Internet and my problems began.

What I learned is that even if you know who did this to you, the banks will fight not to give you the records of their intrusion because they don’t want to be sued; the police won’t do anything because they consider identity theft a non-violent crime; the courts won’t do anything for the same reason, especially if they didn’t take more than $500 and Social Security won’t give you a new Social Security number unless you go to witness protection or nearly died.

To protect yourself against identity theft, go to your bank and change your mother’s maiden name to another name that isn’t part of your multi-generational family history. For example, if your mother’s maiden name is Johnson, change it to Brown if there was never a Brown in your family. Then ask your bank if they will allow you to create a second security password to identify yourself. If they do, create a password that is a combination of a name/word you can easily remember and four numbers. Do not use your street number and street name for obvious reasons.

After I made those changes, they tried to impersonate me again, but this time they didn’t know that I changed the maiden name or the second password on the account, and it wasn’t part of my father’s or mother’s family estate, so they were prevented me from accessing my accounts. If they had managed to figure out the maiden name, they would have stumbled upon the second security question, which is a name/word and a number that had no relation to where I had lived, birth dates, or anything else in my life. that they could find out. online.

We can’t protect against bank hacking, we can’t protect against having our loan applications on laptops stolen from bank employees, we can’t protect against call center employees who don’t screen callers carefully But what we can do is make these two simple changes to our account profile that will stop much of the identity theft that can hurt us for decades.

Also, check to see if any real estate you own is listed online under your name. In many states, they post the addresses of the property you own and your name as the owner, making it easy for people to retitle your property, refinance it, and steal thousands of dollars before you know it. You only find out you’ve been scammed when the bank starts foreclosure proceedings against your house for not paying the new mortgage.

If you are a small business owner, be sure to check your business listing online every week. Crooks are creating accounts in the names of small businesses that then appear on major search engines. They rent a PO Box at a shipping store and then file a change of address form at the post office to redirect your payments to a fake bank account where they cash your checks or impersonate you. If you find your business information has changed, please contact the search engine and database owner and report the fraud immediately and remove the fake listing.

Make these simple changes this week to protect yourself, you’ll be glad you did.