When we go about setting up a new business or personal relationship in a physical context, we will typically be quite selective about the credentials and information that we offer up.
We need to adopt the same healthy caution online. Passwords should not be the same (or a simple variant of the same) for all our various logins because that makes them more susceptible to compromise. Always avoid deploying “classic” password techniques such as using standard personal information, as that is easily mined.
Using your date of birth? Well, that’s a matter of public record, and probably on Facebook. Using your mother’s maiden name? Well, that’s possible to find through a genealogy website.
- Use anti-malware on all your devices and keep this up to date.
- Know where your privacy settings are on your device and ensure these are fully enabled.
- Set up an email address - separate from your social and business address – that is used solely for your bank and secure information, so that if fraudsters hack a social site they will not have the right email address to get hold of anything detrimental.
- Use different passwords for different sites that are at least 8 digits and alphanumeric – if you use the same password for your social sites as your banking then it’s much easier for criminals to obtain.
- Be very aware of the personal information that you post about yourself online, for example, try to avoid putting your birth date on your social media site and limit information such as where you live, email address, and phone information, to prevent fraudsters piecing a profile together.
- Think before you add any information, for example, adding the year you graduated from high school may seem harmless, but criminals can decipher your birthdate from this information. And “checking in” at that bar in Spain might help to show your friends what a great time you are having, but also advertises to a would-be criminal that you are away from home and the house may be empty.
- Keep your settings private and make sure people you become friends with on social site really are your friends - once they have access to your profile they can look around for pieces of personal info about you.
- Do not click on links or respond to e-mails that come from unknown or not trusted sources; nor those that seem to come from known parties but are worded in a strange way or are requesting exceptional action. That “friend” who is asking for help might actually be a criminal who has compromised your friend’s e-mail account.
The rise in identity fraud attacks on UK youngsters has a lot to do with the increase in and uptake of digital services. Young adults are keen to access and do more things remotely than they might ever have dreamed of just a few years ago, but remote access brings with it increased risks of insecurity. Many young people are unaware of the best ways to protect their identities from cyber criminals while taking advantage of the technology that’s improving their lives.
Additionally, fraudsters looking to harvest personal information have begun turning their attentions to the explosion of data available on social network profiles. More regularly than ever, we are listing our names, addresses, dates of birth, family members, work and friendship contacts, residence, and even work addresses. What’s more, it’s become so normal to swap data for services online, that many youngsters have become lulled into a false sense of security when it comes to providing details that fraudsters need to replicate your identity.
As technology savvy as young consumers are, many are not as aware of the potential pitfalls.
With less than a third installing anti-malware on their smartphone devices, while more payments gravitate to that medium, the attraction for criminals is becoming ever greater so people should be vigilant and protect their data.
Brian Kinch, fraud specialist at FICO
Photo Credit: Mikko Lemola/Shutterstock