When you hand your credit card to the waiter at an unfamiliar bistro, there's a possibility he'll copy the number and go on a spree with your card. It's not likely, though – there are too many chances for him to get caught (and fired)! Most of us, therefore, don't worry too much about letting a card out of our sight for a short time. But when you give your credit card number or any sort of personal information to a website, you're risking a much more serious chance of identity theft.
With that in mind, here are ten tips, in no particular order, to help keep your identity and personal information safe online – with a couple of bonus tips for the real world, too.
1. Clam up
If a site requires registration, fill in only the required fields. Look closely at any checkboxes relating to sharing your information – depending on how they're worded you'll need to check or uncheck the box to deny sharing permission. A common trick with multiple boxes is to have one requiring a tick to deny sharing, but if the other box is ticked, it allows sharing – to try and catch out people who assume that all the checkboxes will be the same, just going through ticking them all. Read everything carefully!
If the registration isn't part of an important ongoing business relationship, consider filling the required fields in with… shall we say… truth-challenged data. Or get ready-made registration information from Bugmenot.com.
3. Look for the lock
The green lock symbol and "https" in the URL (web address) bar show that you've got a secure connection. Look for it any time you're about to engage in a financial transaction. The lock isn't a guarantee of security, but its absence is a guarantee of NO security.
4. Sniff out phish
If you get an email about a problem with your bank or other financial institution, never click any links. Go directly to the bank's website and research the problem there. If there is no problem, inform the bank about this fraud attempt.
5. Search safely
Consider using a browser add-on which can flag up suspicious sites with red or yellow warnings (healthy sites get a green for go). Your security suite may well come with one of these, and it’s worth installing, or you could download one – for example, here’s the Avast Security and Web Reputation plug-in for Chrome.
6. Control yourself
The chances are good that your security suite includes a private data protection option. When the data you've chosen to protect is about to go out in a web form, email, or IM, it either prevents transmission or replaces the private data. This feature's not for everyone, but if you feel you need help controlling what you send out, give it a try.
7. Use one-shot credit cards
Check with your credit card company online – they may offer an option to create one-shot credit card numbers. When you exercise this option to make a purchase online, the number received by the merchant will be valid for just that transaction.
8. Educate your kids
You can be fanatically careful, but it won't do any good if your kids email or IM personal information to strangers. If they're old enough, get them on your team to protect your family's identity. If not, use parental controls or private data protection to limit their ability to blab family secrets.
9. Secure your system
Not every threat comes from the Internet. Also be wary of, say, colleagues, or your neighbour’s kid, who could try to use your system at some point – and could copy files onto a USB stick, if they were feeling malicious. Use strong passwords, and be sure to lock the desktop when you step away from the computer.
10. Think outside the box
Don't believe everything that comes in an envelope – and shred any paper-based sensitive information before recycling it. Again, identity theft isn't limited to the online world!