Tips for protecting your identity – part III in the Identity Theft series

Tips to protect your identity online

Avoid Identity Theft – learn how!

Identity Theft – it can be avoided!

This is the third and final post in our three post series about Identity Theft. In the first post we learned what Identity Theft is and what its damages can be. In the second post we learned about some of the various ways perpetrators use to steal identities. This post will list some tips and things to be on the look for, in order to avoid Identity Theft or at the very least minimize the chances of your identity being stolen.

Remain in control – take action to protect your identity

There are numerous things you can do to avoid becoming an identity theft victim. As we’ve seen already identity thieves use both online and offline methods to steal your details so your actions should also cover both these grounds.

Offline actions / attention to details:

  • Do not throw away redundant computer equipment (especially storage devices of any kind) without formatting first and then destroying it physically. While it might still be possible to restore information you have just made it a lot harder and way more expensive for the thief and it is likely many of them would simply not go to the trouble.

  • Do not throw away any receipts, bills or any other paper which has your details on it (any details) without shredding them. If you don’t have a shredder and cannot get one, tear them up to little pieces or better yet – use them to light up your BBQ the next time you’re having a party! If you cannot shred, tear or burn these papers make sure to go over them with a black marker and wipe out any identity details on them (name, social security number, credit card numbers – even if partial etc.)

  • Check your mailbox as often as you can. In our last post we did not refer to yet another method of stealing identities – mail theft. Many of us are too lazy and go to our mailbox once every couple of days at best. Don’t underestimate identity thieves – they will be watching and checking your mailbox when you’re not there. You’d be surprised how much one can learn about you from your mail!

  • Never ever sign and mail any blank document (let alone checks). Even if you’re positive the mail you just got is from the IRS and that you need to sign this blank form they sent you to get your tax returns.

  • Do not leave any personal papers (especially tax or bank related) in your car, on your kitchen counter or on top of your desk at home. These are the easiest places for thieves to get to. Make sure you collect everything and keep it in a drawer or a filing cabinet.

Online actions / attention to details:

  • Do not use the same password for all services. Use a different password for different websites and online services, especially where it matters most: email, bank account, government offices (IRS, Social Security etc.). Many people use one password all over the net and if someone manages to get their hands on it or decode it…nothing is safe anymore.

  • Change your passwords often and make them hard to guess. Two key elements in password creations are their strength and expiration.

    • Strength – When you create a password think of something that will be strong, hard to guess and hard to decode by machines or key crackers. A good rule of thumb in password creation is to use a combination of letters and numbers. One way to do it is to simply use “hackers’ style” to write a word. “Hackers’ style” means replacing some letters with numbers that look similar (for example the letter ‘o’ with the number zero, the letter ‘e’ with the number 3 and so on). Here’s an example of how the word Encyclopedia will look in hacker’s style: 3ncycl0p3d14. For good password strength, never use your birth date or the birthday of anyone close to you, never use your name or the name of anyone close to you. Also don’t use dates of life events such as anniversaries because these are easy to find (most people publish those dates on Facebook for example).

    • Expiration – Try to refresh your passwords as often as possible. Some websites will demand that of you (banks usually ask you to change your password every 3 months). On websites that do not ask you to change your password, it is recommended you make a rule for yourself to change it every 3-6 months. This way you make it harder on scammers and hackers to guess your password and even if they succeed, chances are by the time they get it it is no longer valid.

  • Security Question – be creative! Many websites let you set a security question that can be used to access your account and retrieve or reset your password if you forget it. In most cases there is a set of questions to choose from but almost always there is an option to choose “other” or “set your own question”. If you have that option we recommend you opt for it and come up with a question the answer to which is not easy to guess or find. You see…. anyone can find your mom’s maiden name or your grandfather’s name or the name of your first grade teacher or your first pet… even people who don’t know can search for this information on the various social networks most of us use. It is enough if you put up a picture from a family event and tag it “Me and grandpa Jim” so that a hacker can get your grandfather’s name… It is better if you craft your own question in a way that the answer is not a mundane detail that can be revealed easily. A good example can be: “what’s the secret ingredient to grandma’s chocolate cake?” or “What’s your dad’s favorite song?”

  • Don’t click on links from people you don’t know or trust or anything that looks strange. We get a lot of links and offers in email and on social media. Anything that comes from unknown entities (people or companies we do not know) or anything that is about topics seemingly unrelated to us should raise an alarm. There are many websites online where you can check for scams and hoaxes. If you get an email like that or an invitation for a cool new app on Facebook (showing who viewed your profile or promising a bunch of credits for games or a cool new skin for your timeline etc.) DO NOT click it. Check it first by searching on Google  Most chances are these are hoaxes that lead to malware infections (click2infect).  If you receive a winning message from a lottery in a country you don’t live in and where you’ve never purchased a lottery ticket…. we’re sorry to burst your bubble, but it is probably hoax. If you get an email from an estates attorney in some obscure country telling you that someone with a name similar to yours has passed away and left you millions of dollars – that’s a hoax too… we will create a separate post and video teaching you how to avoid hoax and phishing emails.

  • Never ever give your passwords or any other log-in details to anyone.  No website will ever ask you for this. If you forget your password there are ways to retrieve or reset it but no legitimate website will ever email you to ask you for your details (especially since they have it on their database already!). If you get a message asking for details don’t reply to it and never provide any details!

  • Do not Panic! Most scams, hoaxes and phishing messages rely on your emotion and mainly on hysteria to be effective.The first thing you need to remember in all of this is never to panic. No matter how emotional the

    Don;t Panic

    Don’t Panic!
    Image source: http://puls3clan.com

    post on Facebook (about a child dying or a sick dog), no matter how scared you are (if you get an email telling you that that you’ve been hacked) and no matter how happy you are at the notion of maybe having won lot’s of money…. always take a deep breath and think about it calmly before acting. If it’s not someone you know, if it’s not something that is likely to be true, if it is too good to be true – proceed with caution and check first!

  • Secure your computer! Make sure you have a good antivirus software installed, firewall turned on and that you have an additional layer of defense, like Magen, to alert you of anything that slipped by your antivirus and firewall. Make sure your computer is up to date (always install important Windows Update) and that you have a clean restore point (an “image” of your computer and software at a point in time where you know it was clean from malware) so if you still get hacked or clicked a malware link by accident, you have a good point to go back to.

 

If you’re still worried about Identity theft and malware, feel free to join us on Facebook or Google+ and contact our experts for advice!

 

Stay safe online and have fun!