Keeping Your Identity Safe - Part 2: Staying Safe Online

Posted on 16th Jul 2019

View All Posts

Protecting your personal information, often referred to as PII (Personally Identifiable Information), is critical to maintaining your personal security. PII is information like:

  • Your Address
  • Your Phone Number
  • Your Social Security Number
  • Your Credit Card Number

When your PII is discovered by cybercriminals, it can be used to steal your identify, file false tax returns, among a host of other serious crimes. More often than not, large organizations are tasked with protecting this information. Unfortunately that doesn’t always go so well.

In the first 4 months of 2019, an estimated 1.34 billion records were stolen. At a cost of $148 per record, that equates to about $200 billion dollars of losses.

Beyond the extraordinary cost of cyberattacks, often a more personal cost is incurred as a result of these incidents. In our last blog, we explored the potential effects of the loss of information and its effect on your credit. Today, we will explore the signs of identity theft, and more tips to prevent identity theft.

How do I know my identity has been stolen?

  • You see withdrawals from your bank account that you can’t explain.
  • You don’t get your bills or other mail.
  • Merchants refuse your checks.
  • Debt collectors call you about debts that aren’t yours.
  • You find unfamiliar accounts or charges on your credit report.
  • Medical providers bill you for services you didn’t use.
  • Your health plan rejects your legitimate medical claim because the records show you’ve reached your benefits limit.
  • A health plan won’t cover you because your medical records show a condition you don’t have.
  • The IRS notifies you that more than one tax return was filed in your name, or that you have income from an employer you don’t work for.
  • You get notice that your information was compromised by a data breach at a company where you do business or have an account.

How to Keep Your Personal Information Secure Online

Know who you share your information with. Store and dispose of your personal information securely.

Be Alert to Impersonators

Make sure you know who is getting your personal or financial information. Don’t give out personal information on the phone, through the mail or over the Internet unless you’ve initiated the contact or know who you’re dealing with. If a company that claims to have an account with you sends email asking for personal information, don’t click on links in the email. Instead, type the company name into your web browser, go to their site, and contact them through customer service. Or, call the customer service number listed on your account statement. Ask whether the company really sent a request.

Safely Dispose of Personal Information

Before you dispose of a computer, get rid of all the personal information it stores. Use a wipe utility program to overwrite the entire hard drive.

Before you dispose of a mobile device, check your owner’s manual, the service provider’s website, or the device manufacturer’s website for information on how to delete information permanently, and how to save or transfer information to a new device. Remove the memory or subscriber identity module (SIM) card from a mobile device. Remove the phone book, lists of calls made and received, voicemails, messages sent and received, organizer folders, web search history, and photos.

Encrypt Your Data

Keep your browser secure. To guard your online transactions, use encryption software that scrambles information you send over the internet. A “lock” icon on the status bar of your internet browser means your information will be safe when it’s transmitted. Look for the lock before you send personal or financial information online.

Keep Passwords Private

Use strong passwords with your laptop, credit, bank, and other accounts. Be creative: think of a special phrase and use the first letter of each word as your password. Substitute numbers for some words or letters. For example, “I want to see the Pacific Ocean” could become 1W2CtPo.

Don’t Overshare on Social Networking Sites

If you post too much information about yourself, an identity thief can find information about your life, use it to answer ‘challenge’ questions on your accounts, and get access to your money and personal information. Consider limiting access to your networking page to a small group of people. Never post your full name, Social Security number, address, phone number, or account numbers in publicly accessible sites.

Securing Your Social Security Number

Keep a close hold on your Social Security number and ask questions before deciding to share it. Ask if you can use a different kind of identification. If someone asks you to share your SSN or your child’s, ask:

  • why they need it
  • how it will be used
  • how they will protect it
  • what happens if you don’t share the number

The decision to share is yours. A business may not provide you with a service or benefit if you don’t provide your number. Sometimes you will have to share your number. Your employer and financial institutions need your SSN for wage and tax reporting purposes. A business may ask for your SSN so they can check your credit when you apply for a loan, rent an apartment, or sign up for utility service.

Keeping Your Devices Secure

Use Security Software

Install anti-virus software, operating system updates, and avoid downloading strange software. Set your preference to update these protections often. Protect against intrusions and infections that can compromise your computer files or passwords by installing security patches for your operating system and other software programs.

Avoid Phishing Emails

Don’t open files, click on links, or download programs sent by strangers. Opening a file from someone you don’t know could expose your system to a computer virus or spyware that captures your passwords or other information you type.

Be Wise About Wi-Fi

Before you send personal information over your laptop or smartphone on a public wireless network in a coffee shop, library, airport, hotel, or other public place, see if your information will be protected. If you use an encrypted website, it protects only the information you send to and from that site. If you use a secure wireless network, all the information you send on that network is protected.

Lock Up Your Laptop

Keep financial information on your laptop only when necessary. Don’t use an automatic login feature that saves your user name and password, and always log off when you’re finished. That way, if your laptop is stolen, it will be harder for a thief to get at your personal information. Avoid writing down your passwords, as this may aid an attacker in gaining access to your system.

Read Privacy Policies

Yes, they can be long and complex, but they tell you how the site maintains accuracy, access, security, and control of the personal information it collects; how it uses the information, and whether it provides information to third parties. If you don’t see or understand a site’s privacy policy, consider doing business elsewhere.

 

 

 

Sources:

FTC, IBM, Varonis


Austin Harman, President & CEO
Author
Austin Harman, Associate of CISSP, CAP, Security+
President & CEO