Every week, another story makes headlines about the latest victims of ID theft and fraud and the hackers are getting cleverer. Recognizing the inherent risk in our everyday digital lives and taking the proper action to protect personally identifiable information (PII) will pay off in the long run.
1. Don’t be fooled by malware based phishing.
Frequently criminals will embed harmful computer programs called malware into emails and other digital web-based entities. The program records key strokes as well as your internet browser history. The information is recorded and sent to the person behind the scenes with malicious intent to commit identity theft or fraud. You may receive an email that looks like it comes from a valid source; however once you open the message you are prompted to complete an action such as downloading or installing a program. Instead of perhaps downloading the latest anti-virus software as advertised, you have opened up your computer and PII to malware.
How to fight back: If you receive a suspicious email, investigate the source (if it’s from someone you may know) and delete the suspicious material immediately. If you have lingering questions about the authenticity of the email, place a phone call to the company or organization directly for confirmation. Do not reply to the email, as it would inadvertently provide the culprit with information he or she is seeking. To report suspicious or malicious activity, the Federal Trade Commission makes it easy for you to do so.
2. Beware of pharming and websites that have been tampered with.
Hackers will manipulate a website host file or domain name system to reroute online users to another site that has been created to steal your PII. Not knowing that the website poses a great risk, victims share their information and hackers can easily commit identity fraud and theft with data collected. Information typically includes social security numbers, credit card numbers, email addresses and physical addresses.
How to fight back: Check to make sure the website you are visiting has the padlock at the bottom of the page if you are looking to make a purchase at that site. If you are looking to make a donation, be sure to verify the validity of the organization prior to providing your credit card numbers or any other PII. The organization should provide contact information for you, don’t hesitate to reach out to them either by phone or email if you have any doubts. If after attempting to verify the organization you still feel uneasy, under no circumstances should you continue with your purchase or donation.
3. Criminals can easily access PII and sensitive information from social media accounts.
Social media accounts provide avenues to publicly disclose your full name; home town and previous locations; school names, locations and areas of study; hobbies and recreational activities; travel patterns and interests; and date of birth. Having this information publically available dramatically increases the risk of identity theft and fraud.
How to fight back: Limit the amount of PII and sensitive information that you provide to social media sites. Also, privacy settings can restrict what outsiders are able to access. When it comes to protecting yourself from identity fraud and theft, it is better to have tighter security settings with minimal information disclosed to outside parties. Limiting your profiles from search engine results will provide additional measures of protection.
4. Criminals frequent social media to check your status and whereabouts.
You just booked that week-long trip to Aruba and even though it’s six months away, you can’t stop chatting about it on social media. That chatter broadcasts to criminals when you will be away, for how long and opens up the opportunity for them to easily go through your mail and or trash for prepaid credit card offers, auto loans, etc. It is also tempting while in Aruba to post those stunning beach and adventure photos. Even if you don’t share your vacation plans in advance, if someone looking to break into your home sees that you’re currently in Aruba, it opens up a another window of opportunity.
How to fight back: While it may be tempting to share your upcoming plans with your friends on social media – don’t. And ask your friends and relatives not to mention your trip on their social accounts. Also, if you are making plans to be away, have someone keep an eye on your residence for any suspicious activity and either stop your mail and newspaper delivery or make alternate arrangements for a friend or neighbor to assist. When it comes to posting photos and status updates about your vacation, it can be difficult to keep quiet – after all sharing memories with those in your life seems only natural in today’s digital age. However, you will be much safer waiting to post photo galleries once you have returned from your trip.
5. If that email offer looks too good to be true – it probably is.
Spam email can be an enormous distraction and inconvenience. However, it can also be dangerous when you consider that the prospective business collaboration is really just baiting you to provide a criminal with your PII. If out of nowhere you receive a notification or that you have inherited money and it is waiting for you to collect, it is probably fraudulent. That is usually a good indication of how phishing is conducted through spam email.
How to fight back: Do not, under any circumstances reply to the email. Using your favorite search engine, conduct your own investigation to see if others have reported the same or similar scams. There are also resources available, such as www.antiphishing.org to help keep everyone current on the latest schemes. Again, just as with malware, do not hesitate to file a complaint with the FTC.
6. The high-price catfish victims pay.
In today’s world, just about everybody has a heavy digital shadow. A scam in recent years is where a fraudster will attempt to feign an identity to solicit sympathy through the development of an online relationship. That model you became friends with on Facebook, who continuously struggles to pay her rent, may not be who you think “she” is. It’s a scheme that can cause hefty emotional and financial damage.
How to fight back: If there is one current theme, be careful of what personal information you disclose online. If you’re a successful businessman or woman, you may attract unwanted attention from people with less than honorable intentions. Be aware of what information is available online about you. This includes biographies, work-related and financial information. Get a handle on how much information is “out there” for anyone to look up and potentially use against you. Don’t falsely believe someone’s identity to be who they say they are if you have never actually met them face-to-face.
Remember, when it comes to protecting yourself from identity fraud and theft, it is far more advantageous to take proactive measures to stay safe than it is to recover from the damage. Identity fraud and theft remediation can take an extensive amount of resources and time, while the consequences can be potentially devastating. Stay aware of your digital shadow and don’t hesitate to cut back on the amount of information accessible by outside audiences. Ultimately, balance and security are paramount.
By: Laura Mowry