Identity theft used to be a relatively rare crime that few worried about. The combination of the advent of social networks containing rich databases of publicly available personal information and the scale of economy provided by fast computing horsepower and blazing Internet speeds has created the conditions for a very lucrative market regularly exploited by cybercriminals. These criminals employ data gleaned through these channels to apply creative social engineering tactics via email, phone, and social networks to steal identities, access financial and media accounts and gain access to other assets. Your assets.
What are some of the basic things that I can do to prevent identity theft?
While there are some very sophisticated identity thieves, tactics, and scams, knowing some basic safeguards can be very effective in preventing their success.
At home or the office:
- Shred documents containing personal information before disposing of them
- Regularly order and review your credit reports
- Keep your computer systems up to date with security patches and updates
- Use a well-regarded commercial anti-virus program and firewall
Social Networking:
- Limit the personal information you share on social networks
- Ensure that your account profiles are not shared publicly and share only with people you know
- Never disclose when you will be away from your home, on vacation, or when your home will otherwise be empty
- Do not participate in or post public surveys that share personal information that could be used to guess account recovery security questions
Phone Security
- Don’t give personal information out to any caller unless you are certain of their identity, no matter what they are offering or what they are asking you to do
- High pressure tactics should always be a red flag that something is wrong
- Validating information over the phone to an unknown caller increases the likelihood the next phone call will be more authentic and harder for you to detect as a scam. Sophisticated criminals share information.
- Change your cell phone voicemail password from the default value provided by the carrier
Email Security
- Validate the legitimacy of email you receive
- Does the email address match the real sender’s address?
- Are they making an odd or high-pressure request?
- Is there a vague message and an attached document or link? It’s probably best to pick up the phone and call the sender to validate they really sent the message, or to ensure they meant to send it
- Were you expecting an email from a Nigerian prince with an attachment or link asking for your help? No? Then don’t open the attachment or click the link.
With some basic knowledge to identify the tools and tactics cybercriminals use to obtain your personal information, you can safeguard your identity and make the criminal’s job much more difficult.