Identity theft is not a new thing and has been around for many years. This normally involved stealing mail or searching through bins for personal data – and still does – but online criminals now have access to a greater number of people via the online realm. Today we are going to look at ways of protecting yourself against identity theft.
1. Regularly change passwords
Never share passwords with anyone, do not note them down and use a different one for each system you access. Also, change passwords at least every three months, as those which remain the same are more open to hackers, and choose passwords that are not obvious and which consist of numeric and alphabetic characters.
2. Beware man-in-the-middle attacks
This is a scam that is particularly effective at cafes where people access a public Wi-Fi system as the user will be exposed to an open network. It puts your important data at the behest of the attacker and compromises important passwords, usernames and bank details. Conventional security tools provide little protection so it is advised that you use only encrypted network connections via VPN or HTTPS technology.
3. Be cautious of social engineering hacks
This relies on human vulnerabilities and is where people are manipulated into giving out confidential information. A hacker may call and pretend to be your credit card company wishing to verify (access) your information or pose as a social media friend to harvest private information. To protect yourself be aware of the tricks of the trade, remember that legit financial services will not ask for your confidential information over the phone, and call back your bank via the number you have if contacted by them.
4. Secure private documents
Make sure personal documents are stored in a safe place or consider storing them with your bank. Do not simple put receipts and bank statements in the bin, but instead use a shredder. If you believe your identity has been compromised report any lost or stolen documents straightaway.
5. Watch out for phishing scams
This is a scam that is similar to social engineering but deserves a slot of its own. It is where a person receives an email purporting to be from their bank or similar authority and given a reason why the urgently need to verify their details. A link will direct the person to a fake website where any personal information entered is directed to the hacker. The best way to prevent this is to remain vigilant and to report any fraudulent emails or websites.
6. Secure your Wi-Fi networks
Make sure that you set up your wireless network router so that it does not transmit your network name. Also ensure that ‘optimised’ passwords are mandatory for access and that any initial administrative passwords are immediately changed.
7. Control physical access to computers and relevant components
If someone is able to get their hands on your computer or network in a physical sense, and there is no proper security in place, this will place your personal information at danger of a potential hack. Have security measures in place and be aware of where your personal belongings are stored at all times.
8. Know your credit
Do not simply glance over bank or credit card statements and store or throw them away. Instead, closely examine the statement for anything you do not remember doing; it may be small withdrawals that simply mean the hacker is testing your account. Also make sure to check that credit score every three months.
9. Know what’s in your wallet
It is a horrible feeling when you realise that your wallet has been stolen, but it makes a difference if you know what was in there; car licence, bank cards, credit cards, etc. To increase safety against identity thefts photocopy the contents of your wallet or note them down and report any missing cards immediately.
10. Look for clues
The problem with identity theft is that it can be happening without the person being aware of the situation – so be vigilant and regularly check your accounts to make sure nothing is amiss.
Bethan Williams writes on behalf of CY4OR, a UK-based digital forensics firm specialising in quality information security services.