The concept of identity theft denotes unauthorised use of someone’s personal information. Having obtained your sensitive data by fraudulent means, a perpetrator can leverage it to perform various financial operations. For instance, they can take loans in your name, diminish your credit score, withdraw funds if they get lucky, and do lots of other things you won’t appreciate, to put it mildly. To top it off, a crook may commit non-financial criminal felonies while impersonating a compromised person.
Identity theft is an extremely widespread form of illegal activity. About 12 million people fall victim to these frauds annually in the U.S. alone. The losses exceed $26 billion. One of the worst things is that most victims are clueless about how criminals got their confidential data.
How to thwart identity theft
It is extremely problematic to remediate the damage after an identity theft has occurred. Therefore, the rule of thumb is to focus on prevention. The countermeasures can be split into two categories: online and physical. Let’s dwell on the former vector first.
Steer clear of online menaces
1. Use strong passwords
A good password for an online account should be at least 10 characters long. Think out of the box when creating one. Use a combo of uppercase and lowercase letters, symbols, and numbers. To make it hard to guess, refrain from using your phone number, birth date, names of your family members or your pet.
Do not reuse the same password for different accounts. Consider utilising a password manager to streamline the login routine. Enable multi-factor authentication if available.
2. Mind what you post online
Do not post personally identifiable information on publicly available resources, such as social media or personal blog. Never provide personal details in your posts, private messages, comments or titles for the photos you upload. These things can speak volumes about your private life and current location.
3. Be on the lookout for phishing
Phishing is an old school type of scam, but it still works just as effectively as years ago. Threat actors are constantly refining their modus operandi, so phishing is getting increasingly subtle and harder to identify. People are most exposed to these scams when they shop online, work with email and use social networks. Therefore, some paranoia during these activities will play into your hands.
4. Exercise caution when shopping online
Opt for reputable e-commerce sites you know well and trust. Ascertain that the connection with the web page is encrypted by checking whether there is a green lock icon next to the address bar and the URL starts with ‘HTTPS’ versus ‘HTTP’. Use an extra confirmation option, where you will receive a secret code on your telephone before completing the order.
Another helpful tip is to use a separate card for online shopping. When you are up to buying something, just transfer the right amount of money to it.
5. Use your browser wisely
Be sure to apply browser updates once available. This way, you get all recently discovered security vulnerabilities in your web browser patched. Also, open a private window whenever you go online from a public computer. Consider using Tor Browser or VPN (Virtual Private Network) software to anonymise your Internet traffic.
6. Use reliable security software
There are numerous malicious instruments in cybercriminals’ portfolio. These include remote administration tools, exploit kits, keyloggers, and spyware, to name a few. By using them, threat actors can retrieve your personal data beyond your awareness. Some of these tools can slip under the radar of regular antivirus detection. So choose a security suite effective enough to spot the sneakiest malware and zero-day threats.
7. Keep your OS and software up to date
This tip may sound prosaic but it is critical for avoiding identity theft. Be sure to run system updates and third-party software updates once they are rolled out. Vendors include patches of security vulnerabilities in their updates along with functional improvements, so you will get an extra layer of protection.
Ways to avoid physical threats
Identity theft isn’t restricted to online dangers alone. Perpetrators can also leverage real-world, physical techniques to get hold of your sensitive data. The steps below cover methods to prevent this vector of compromise.
1. Watch out for shoulder surfing
Always look around you before entering your credit card PIN in ATM machines or when paying with your card in a store. Make sure nobody is close enough to see those details.
2. Keep an eye on things you carry with you
First off, prioritise what you carry with you when going out. You are much better off not taking all your credit cards. Just take what you need and nothing more. Don’t leave your bag or wallet unattended in a public place. Have a plan for the scenario where your personal stuff might be stolen. Make sure you have the phone number to call your bank and block your card if necessary.
3. Get rid of unnecessary documents
Do not keep any confidential papers in your home if you don’t need them anymore. Before throwing them away, though, be sure to destroy them so that no one can read the information.
4. Keep your mailbox safe
Your regular mailbox may contain a plethora of information about you. Utility bills and other important documents you receive this way can hold personally identifiable data you certainly don’t want to disclose. So, you should lock up your mailbox as reliably as possible or switch to email for receiving those documents.
5. Look out for impostors
A threat actor may call you on the phone, impersonating a bank employee or representative of some company quite plausibly and trying to wheedle out financial details or other sensitive information. Never provide any confidential data over the phone unless you know for sure who it is on the other end.
6. Erase unneeded digital information
Although the bulk of our data resides in the cloud these days, most of us probably still keep CDs and external hard drives containing quite a bit of valuable information. If you are up to throwing away these artifacts, be sure to destroy all the data on them beyond recovery.
This also applies to malfunctioning hard disks your PC can no longer read. Identity thieves may use specially crafted forensic software to recover information on such buggy hardware. By overwriting the contents of storage media several times, you should be good to go.
7. Safeguard your SSN
In case fraudsters obtain your Social Security Number, things may get completely out of hand. The black hats can apply for a loan in your name, get a new credit card and do quite a few other wicked things with it
So, you should abstain from taking your SSN with you unless you really need it. Also, do not send it via email, never use it as a password for an online account, and refrain from storing it on your computer or any device that can be hacked.
8. Secure your smartphone
Your smartphone contains so much personal data that it can be literally weaponised against you if it falls into the wrong hands. Therefore, you should protect it from every angle imaginable. Download apps from official sources only otherwise you run the risk of catching spyware under the guise of a benign free applet. Always keep your phone in sight. Protect it with a hard-to-guess password or use biometric authentication if available.
9. Stay on top of your bank transactions
When it comes to safeguarding your bank account, it is very handy to enable notifications where you receive messages whenever any amount of money is spent or withdrawn. And make sure you know what to do if a malefactor gets hold of your credit card details and tries to purchase something using them. Again, add your bank phone number to your contacts so that you can block your card in a scenario like that.
10. Have a plan B
Get yourself a personal incident response plan for potential identity theft. Do not put all your eggs in one basket, so refrain from keeping all your funds on one credit card. Do not carry all your IDs with you – one will do just fine in most cases.
There aren’t many frauds out there as detrimental as identity theft. It makes people lose a lot of money and get their reputation seriously affected. The tips above highlight different facets of this malicious activity – online and physical – from a prevention perspective. Whereas positive thinking is certainly the right mindset, being prepared for the worst-case scenario in terms of identity theft is a must.
Roman Chou, Editor, BestVPN
Image Credit: Maksim Kabakou / Shutterstock