With identity theft being a steadily escalating threat for both individuals and business globally, here is a round-up of the ways to keep sensitive data safe.
The impact of a typical malware attack is usually isolated to the victim’s device: ransomware encrypts data stored inside a computer, adware displays redundant ads in the browser, and crypto-miners exhaust CPU power behind your back. In contrast to this, identity theft entails adverse real-world consequences way beyond software or hardware damage. This is always a serious predicament because you cannot remediate the issue by simply removing a virus or rectifying your system’s settings.
Identity thieves zero in on your personal information in order to take over your existing accounts or create new ones, impersonate you to initiate financial transactions, and do other felonious things in your name. They can perpetrate their attacks when you are shopping or banking online, withdrawing cash in an ATM, surfing the web via public Wi-Fi – in fact, there are numerous scenarios where extra vigilance is a must.
The aftermath of present-day identity theft can span further than emptying your bank account or abusing your hard-earned credit record to take a loan and run off with the money. A peculiar type of this fraud called doxxing, or doxing, aims to ruin a target’s reputation by making the harvested personal data publicly available. This activity is usually done for extortion, harassment, unfair competition, or retaliation. Doxxing poses a particularly high risk to celebrities, such as popular singers or sportspeople, as well as law enforcement and government officials.
Obviously, the harm stemming from identity theft can be huge for individuals, businesses, and high-profile influencers in various spheres. These crimes are on the rise, with almost 6 million victims losing billions of dollars to online frauds annually in the U.S. alone. Under the circumstances, it’s now more important than ever before to proactively safeguard your personal information. Here are the top 10 tips to prevent your sensitive data from being low-hanging fruit.
- Shop online with caution
When you are up to buying something from an ecommerce site, ascertain that it uses a secure connection. This is a no-brainer to check: take a look at the URL, and if it’s plain “http” instead of “https”, then navigate away. Your personal data can be easily intercepted unless the connection is encrypted. Also, look for typos in the website’s address to make sure it’s genuine.
- Stick to trusted apps
Make sure you’re using software that has a valid Code Signing Certificate. Otherwise, you run the risk of installing a malicious replica that was intentionally modified to tamper with your communications. A booby-trapped app like this provides remote attackers with backdoor access to your mobile device or desktop. A nearly sure-shot way to stay in the clear is to go for official software marketplaces. For instance, Apple has rigid controls in place for everything uploaded to their App Store. When trying to open a suspicious unsigned application on your Mac, you will get an alert stating that the program will damage your computer.
- Refrain from oversharing on social networks
Ever heard of OSINT? It stands for open source intelligence, and it’s one of the common instruments in identity thieves’ repertoire. The fraudsters can scour your social media profiles for potentially telltale information that can be used for account takeover and scams. Therefore, mind what data you post on social networks and don’t give away too many personal details.
- Beware of phishing
Phishing is a form of online fraud where criminals lure users into visiting a copycat login page and handing over their credentials. Most of these attacks start with a fake email masqueraded as a message from a trustworthy service provider asking you to update your account information. Do not click on suspicious links received via email or messengers, especially if the sender claims to be a bank, store, or government entity. Getting off the hook afterwards is easier said than done.
- Follow safe password practices
Make sure every password you use is a hard nut to crack. Randomness is your best ally in this regard, so include a combo of numbers as well as lowercase, uppercase and special characters to turn your password into a puzzle nobody else can solve.
Passwords shouldn’t be associated with any information about you or your family that other people can obtain from open sources, such as your birth date, address, pet’s name, or similar. Importantly, do not reuse passwords for multiple accounts, otherwise you will be susceptible to a single point of failure (SPOF) quandary. Consider using password management software to generate reliable passwords and store them securely.
- Stick with a secure network
Do not access your personal accounts or enter credit card information into websites when using a public Wi-Fi connection. The security of these networks is notoriously low, therefore cybercriminals may easily snoop on your browsing sessions and intercept your personal data as it is being transmitted.
- Use VPN
VPN (virtual private network) allows you to hide your real IP address when surfing the Internet and thereby prevents cybercriminals from linking your online activities with you. In addition to anonymizing your web traffic, VPN tools encrypt it and thus render hacker attacks futile.
- Protect your devices
To prevent scammers from accessing personal data you store on your computer and smartphone, keep the firewall enabled at all times and leverage reliable antivirus software. Opt for a solution equipped with antispyware features and can identify phishing attacks as well as suspicious network activity. A rule of thumb is to apply spyware definition updates once available.
- Benefit from 2FA
2FA (two-factor authentication) is the best thing since sliced bread when it comes to securing the way you log into sites and personal accounts. Unlike regular sign-in, it adds an additional verification layer to the process, such as OTP (one time password) sent to your smartphone that’s valid for a limited time. With 2FA turned on, you will stay on the safe side even if an attacker manages to steal your password.
- Watch out for skimmers
If you notice any extra device attached to an ATM or card reader, then you are better off not inserting your card into it. Also known as skimmers, these dodgy contrivances retrieve data off the magnetic stripe of your card and make it easy for identity thieves to clone the card and pilfer funds from your bank account.
- Inspect your accounts once in a while
Scrutinize all transactions related to your bank or credit card account on a monthly basis. In case you notice purchases or any changes you didn’t initiate, get in touch with the bank and sort things out with them right away. Additionally, order a free credit report once a year and check it for signs of fraud, such as debts you may be clueless about.
The bottom line
The scourge of identity theft is a serious concern that causes eyebrow-raising losses to millions of individuals and numerous companies around the world year after year. To top it off, crooks are constantly refining their tactics and may combine old-school methods, such as dumpster-diving and shoulder-surfing, with technically advanced ones. The recommendations above probably won’t fend off every ID theft attempt imaginable, but they can at least make you a moving target.