Identity Theft Protection Tips
Educate yourself your family, friends and those you work with on the measures they can take to reduce their chances of becoming a victim of fraud or identity theft.
How to Reduce Your Chances of Becoming a Victim of Cyber Fraud or Identity Theft
Identity theft is the fraudulent use of Personally Identifiable Information (PII)
by a thief to obtain goods, services, and/or employment; commit a crime; gain a benefit; or prevent revealing the thief's real identity.
PII includes but may not be limited to a consumer's name, Social Security number, date of birth, address, driver's license number, telephone number, passport information, birth certificate, student transcript, or medical record.
Some real-life examples of how stolen PII is used to commit identity theft include, but are not limited to, the thief's use of:
- A name and Social Security number to obtain credit cards, cell phones, or utilities
- A Social Security number to obtain employment or file taxes
- An insurance identification number and name to obtain medical benefits
- A driver's license number to avoid trouble when stopped for a traffic violation
Some identity theft cannot be prevented, but your risk can be reduced by following some simple rules about keeping your personal information private. The following tips can reduce the likelihood that you will become a victim of fraud or identity theft.
- Keep Your Personally Identifiable Information to Yourself
- Be stingy with your personal information—always question when someone asks for it, whether in person, by phone, or by email.
- Don't Carry Sensitive Documents
- Leave at home any sensitive documents you will not need that day (credit/debit card, checkbook, etc.). Secure all other personal information in your home or office. Lock away account statements, check books, Social Security card, birth certificate, etc. Even if the physical card or document is not stolen, the information can be taken by a thief and used fraudulently.
- Shred Important Documents
- Cross-cut shred everything containing sensitive information before throwing away. This should make sensitive information unusable by a thief.
Review Cyber Security Reports Regularly
- Review reports for inaccuracies that may be indications of identity theft:
- Obtain and review copies of your credit reports from the three national Credit Reporting Agencie (CRAs)—Equifax, Experian and TransUnion—aka: the credit bureaus at least annually.
To obtain a free report (once every twelve months from each of the three CRAs as mandated by federal law) use the Annual Credit Report Request Service by visiting www.annualcreditreport.com or calling 877-322-8228.
- Review your annual earnings statement from the Social Security Administration (SSA) to determine if anyone has been working using your SSN. To request your Social Security statement online, visit the Social Security Administration website.
- Carefully review explanation of benefits statements provided by medical insurers.
- Be Secure in Social Networking Sites
- Use social networking sites carefully. Fully explore and activate the security features each site offers.
- Once Online – Always Online
- Don't reveal too much about yourself on the internet, whether through text or photos. Practice prudent posting, as web postings and social networking sites are libraries of PII for identity theft perpetrators. Much of what you post online is there forever.
- Protect Your Computer
- Use computer security software and keep the security definitions up-to-date. This means when you get a notice to patch or upgrade your definitions do not wait. The bad guys look for those who haven't updated their systems as a way to exploit your network and databases.
- Avoid Simple Passwords
- Place complex passwords on your credit card, bank, and phone accounts and all online accounts (email, social networking sites, etc.). Use a combination of at least 8 numbers and characters (i.e., pGa20!o7&).
- Don't Get Caught by "Phishers"
- Beware of phishing email. Believe or not 90% of database breeches start with a phishing scam. Anything that appears to be from a legitimate business and asks you to provide personal information by replying to the email, visiting a website, or calling a number could be fraudulent. Don't fall victim to their high pressure tactics.
- Don't Use your Car as a Safe
- Do not leave items of personal identification in your car. Many people leave purses, wallets, briefcases, laptop computers and similar items in their vehicle and become the victim of theft. Identity theft often follows because the thief made use of the personal identifying information obtained in the purse/wallet, etc. theft.
Security Risks with Public Wi-Fi
- Public Wi-Fi Networks
- Wi-Fi hotspots — like the ones in coffee shops, airports, and hotels — are convenient, but they often aren't secure. Here are some exploits and how to protect yourself against them.
- Man-in-the-Middle attacks
- One of the most common threats on these networks is called a Man-in-the-Middle (MitM) attack. Essentially, a MitM attack is a form of eavesdropping. When a computer makes a connection to the Internet, data is sent from point A (computer) to point B (service/website), and vulnerabilities can allow an attacker to get in between these transmissions and "read" them. So what you thought was private no longer is.
- Unencrypted networks
- Encryption means that the information that is sent between your computer and the wireless router are in the form of a "secret code," so that it cannot be read by anyone who doesn't have the key to decipher the code.
Most routers are shipped from the factory with encryption turned off by default, and it must be turned on when the network is set up. If an IT professional sets up the network, then chances are good that encryption has been enabled. However, there is no surefire way to tell if this has happened.
- Malware distribution
- Thanks to software vulnerabilities, there are also ways that attackers can slip malware onto your computer without you even knowing. A software vulnerability is a security hole or weakness found in an operating system or software program. Hackers can exploit this weakness by writing code to target a specific vulnerability, and then inject the malware onto your device.
- Snooping and sniffing
- Wi-Fi snooping and sniffing is what it sounds like. Cybercriminals can buy special software kits and even devices to help assist them with eavesdropping on Wi-Fi signals. This technique can allow the attackers to access everything that you are doing online — from viewing whole webpages you have visited (including any information you may have filled out while visiting that webpage) to being able to capture your login credentials, and even hijack your accounts.
- Malicious hotspots
- These "rogue access points" trick victims into connecting to what they think is a legitimate network because the name sounds reputable.
Say you're staying at the Goodnyght Inn and want to connect to the hotel's Wi-Fi. You may think you're selecting the correct one when you click on "GoodNyte Inn," but you haven't. Instead, you've just connected to a rogue hotspot set up by cybercriminals who can now view your sensitive information.
How to stay safe on public Wi-Fi
The best way to know your information is safe while using public Wi-Fi is to use a virtual private network (VPN), like Nord, when surfing on your PC, Mac, smartphone or tablet. However, if you must use public Wi-Fi, follow these tips to protect your information.
Cyber Security - What not to do:
- Allow your Wi-Fi to auto-connect to networks
- Log into any account via an app that contains sensitive information. Go to the website instead and verify it uses HTTPS before logging in
- Leave your Wi-Fi or Bluetooth on if you are not using them
- Access websites that hold your sensitive information, such as such as financial or healthcare accounts
- Log onto a network that isn't password protected
Cyber Security - What you should do:
- Disable file sharing
- Only visit sites using HTTPS
- Log out of accounts when done using them
- Use a VPN, like Nord, to make sure your public Wi-Fi connections are made private