Identity theft is among the worst consequences of the rapid expansion of the internet. Thousands of people fall victim to it every year, and you cannot realistically imagine that you won’t become a target for criminals looking to make a quick profit (or use your credit to buy a flat screen). Yet in some cases it can be outright embarrassing depending on how you find yourself a victim. Falling victim to a basic phishing scam is something even most pre-teens know how to avoid in today’s world. You don’t want to have to deal with your peers thinking the world has left you behind.
Yet it is all right if you are not aware of all the ways you could become a victim, so long as you are seeking improvement in this realm. There are strategies and tools you can use to easily protect yourself from the most common problems, and they are usually easy to learn and implement in your everyday life.
Here are some of the worst possible ways to have your identity stolen and your defenses against technological embarrassment:
A Workplace Error
You are consistently tied to your workplace in terms of your financial health and the safety of your identity. Your employer requires information in order to prepare taxes and legally compensate you. If you were to somehow slip up in the workplace and cause a data leak on either a personal or company-wide level, it can prove disastrous not only to your identity but to your professional reputation. Would you trust someone who leaked your information or client data to hackers, intentionally or not? Even if you are not a direct cause of the theft of your identity, it could reflect poorly upon you.
You need to have good business cybersecurity practices whether they are officially instated at your place of employment or not (and they should be). Think about what you could do and consider the following to protect your identity:
- Are your business and personal accounts (email and otherwise) separate to the best of your knowledge? You don’t want to have to deal with two problems at once, and you should make every effort to separate these two aspects of your life. If you’re already mixing the two, take immediate steps to remove personally identifiable information from work documents and files. There is no need for it.
- Remember that, when it comes to cybersecurity, a company is only as strong as its weakest link. Make sure that your colleagues aren’t endangering the information of those around them and offer help or guidance to those who you fear aren’t technologically proficient enough to protect themselves online in the performance of their duties. See if you can make any systematic changes to avoid problems in the future and have a perpetually prepared office.
- Make sure that your employer is following proper legal requirements for keeping employee (and customer) data safe. Without sounding threatening, remind them that they are responsible in the event of a disaster that could have been prevented with foresight. Make your security in their best interests, as otherwise you might not be able to control the data in their hands.
Getting your phone stolen is a troubling and embarrassing situation to begin with. Your friends and family might get disturbing messages for a short time that they believe are coming from you. You lose whatever you haven’t backed up on another device in terms of data and information. You then have to go through the arduous process of changing all of your account information and buy a new phone (which can easily get expensive).
Yet you can also easily become a victim of identity theft through the theft of information contained on your phone. Do you use an app for mobile banking on your phone? Do you have automatic email access on your phone? Do notifications pop up on your lock screen that could potentially compromise your security? There are a great variety of methods hackers and patient criminals can use your phone against you. What is potentially embarrassing is that private information could go public due to the massive communications networks and social accounts our phones are linked to. Heaven forbid a criminal have a personal vendetta against you.
Here are some things you should do right now to minimize this risk:
- Use the best verification and authentication measures you can while you are setting up your smartphone. You can kiss your identity goodbye if all you need to do is swipe the touchscreen to gain access to the information on your phone. You will want to use either a PIN (6-10 digits will work nicely), a complex passcode or a biometric reading as your verification measure. Make sure to change codes frequently.
- Activate any tracking and remote wipe options available to you. They are becoming a mainstream option for anyone with a modern phone and can usually be activated online with a password. You can do this through the Android Device Manager or the iCloud, so long as your device is linked. Think of it as an insurance policy.
- Simply make sure that you know where your phone is at all times. It is much safer in your pocket than it is on a coffee table or counter where it could get stolen while you’re distracted. There have even been reports of smartphones getting snatched out of people’s hands while they’re taking selfies in a large city. Try to keep it as close to you as possible if you’re in an unfamiliar environment.
- Have an immediate response plan if your phone does get lost or stolen. The first few hours are the most important as the thief will likely have not cracked your phone by that point. You will want to contact any relevant accounts and banks to put them on notice of potential identity theft. It might save you paperwork and additional headaches in the long run.
- If you are worried about potential mix-ups or embarrassments with your contacts, let them know ahead as soon as possible about the situation. Theft happens to everyone, and most people will be understanding in this instance. Just make sure confusion doesn’t spring up leading to an embarrassing apology.
Your Regular Café Visit
People are constantly on the move with their technology, and you are probably not the exception. In addition to fueling you with caffeine, many coffee shops or cafes will offer free WiFi service to customers or visitors in the hopes of attracting customers. While this is successful, what you may not know is that these networks are a breeding ground for hackers and extremely dangerous to use for the transfer of any sensitive data.
The reason for this is that hackers can easily access tools known as “sniffer” programs that allow them to monitor traffic occurring on a network. There are few limits to what a person can access once they are able to see, and your account information could appear on their screen as easily as it does on yours. Your passwords and other identification information could be stolen right from under you. Not even your Social Security number or bank account numbers are safe from this threat. Imagine your embarrassment of having to explain that your lost account is the end result of checking your email while getting a latte!
You need to protect yourself. There are several ways to go about making sure this problem never affects you:
- You can avoid using public networks altogether, although this can really put a damper on the convenience of modern life. On top of this, many devices will automatically connect to the first network they can get a connection to. This means that your information (transmitted through automatic updates of social media accounts and the like) will potentially be at risk without your knowledge, and you’ll need to preemptively act and turn these settings off.
- You can simply use a data plan on your smartphone or another arrangement you’ve made, but this can get expensive very quickly. If someone else isn’t paying for this, it is probably best to seek other options for your data needs.
- One of the most common (and perhaps the best) methods for people to use is to equip their relevant devices with a Virtual Private Network (VPN). It is a tool that allows the user to connect their device to an offsite secure server via an encrypted connection. While many know of it as a tool to prevent IP tracking and allow for true anonymity online, it also protects users from the type of snooping that leads to identity theft on public networks. The only thing that potential users of this tool should know is that they are not alike and as such should take a look at what cybersecurity professionals recommend.
Falling for a Phishing Scam
The phishing scam, in one form or another, is one of the oldest tricks in the book for cybercriminals and scammers hoping to steal information and perform identity theft. At its most basic level, it is an email, message or advertisement that intends to trick you into giving up your personal information or password to an account. It usually looks urgent or official, and thousands of people every day still fall victim to them.
Falling for these types of scams and having your accounts and identity stolen via a phishing scheme can be extremely embarrassing and a source of shame considering the reputation these tricks have for being easy to avoid. You’ve probably encountered issues yourself with an email in incomprehensible English promising millions in exchange for a check. Yet not every phisher is a Nigerian prince. Many others are lottery operators or “tax officials” who pretend to work on behalf of your government. It’s especially amusing to get an email saying you owe taxes in a foreign country.
They’re cleverer than you think, and that’s why you need to be on the lookout for the following:
- It is quite possible that the email account of a friend or colleague got compromised. As such, you should be wary when someone you know inexplicably asks for some of your account information. The best thing you can do is to check with the friend in question via text message or another online account to see if it is really them and inquire as to the need for the information. This is also a great opportunity to let them know their account has been hacked if that is the case.
- You should be especially wary of apparent emails from websites such as Facebook and Twitter asking for your personal or account information. Impersonations are common, and there are always clear and stable channels for obtaining information other than email in the event of these titanic websites. Always investigate further before giving any information, and double check the exact email address of the sender. You’ll likely discover an error.
- Check for errors in grammar or spelling. Official websites and forms asking for your time and information are worked on by teams of professionals who wouldn’t let such a mistake occur on their watch. One mistake might slip on an extremely rare occasion. Poor grammar in general would never be tolerated.
- Do not be intimidated into sending information. A sense of urgency is the phisher’s best weapon to pressure you into poor decision making. They cannot take your account away or lock your financial assets. There are far more official channels than spam emails for that, and a lot of actions threatened by spammers would take actual legal mandates to happen. Do you think the court system of any modern country would rely solely on email?
- Look for legitimate contact information other than the email. Most businesses and professionals contain it in a signature, and if all you have is a name by the end of the email, you should probably just delete it immediately.
“Friends” and “Family”
You probably shouldn’t trust anyone except for your spouse and yourself when it comes to your identity. They’ve no need to know everything you’re doing online. You should probably be more concerned than you are, considering that in 2014 about 550,000 victims of fraud or identity theft reported that the culprit was someone that they knew.
Many have good reason to try. Some may figure that you won’t take legal action against you or that they deserve to use your good credit to get ahead. In many cases, it is children taking advantage of their parents without forewarning or knowledge (until it’s too late). Bad economic times can be too tempting for some, and desperation or a bad row between close people can bring out the worst in them.
Here are some precautions you can take right now to prevent future issues:
- If you think any friends and family have current access to your account or could guess your passwords, change those immediately. The same should go for any verifications questions you use and they should not be guessable by anyone you know. Try to keep these changes quiet, as you will then be warned if someone tries to access your account.
- If anyone asks you why you’re keeping your account private, simply give them the reason that you enjoy your privacy regarding matters of accounts and that it is hardly their business to ask. Do not let anyone shame you into giving them information.
- Keep any physical records and paperwork locked away from view of visitors. Keep them in a locked file drawer in your office or a safe in your bedroom. Don’t give anyone the combination or key (except perhaps your spouse, if applicable). There are few, if any, reasons why anyone else should have your private information. Don’t create a tempting situation for a loved one in a bad situation.
Identity theft is a crime that changes with technology and tactics. As cybercriminals and common scammers find that their old tricks don’t work, they will find new ones to try out. That being said, you can at least protect yourself as best you can by being aware of the above dangers. Don’t fall victim to a common scheme that most people already know about! Stay vigilant and make security a habit in order to keep your finances in order.
Do you know of any other potential methods of identity theft that people should know about? Are there any stories of your own that you would like to share with your fellow readers? If so, please leave a comment below to continue this important conversation and make the internet a safer place.