You can do everything right and still have your identity stolen. If 2014 has taught us anything about security, it’s this: you cannot trust companies to keep your data safe. That doesn’t mean you should stop using their services, but you should be wary and learn how to protect yourself.
“It Won’t Happen To Me” Syndrome is one of the worst security habits and it can lead you into a lot of trouble if it goes unchecked. If you think identity theft won’t happen to you, please reconsider. These days, nobody is safe from online fraud.
The Customer Data Hackpocalypse
2014 was not a good year for companies and data security. Month after month, we’ve seen case after case of customer information — e.g. login credentials, personal details, and credit card numbers — ending up in the wrong hands. Sometimes it happens by way of a security loophole; other times, a rogue employee.
In January, Target reported a massive data breach that affected somewhere around 70 million users. What was stolen? On top of credit card numbers and PIN information, the thieves got away with full names, physical addresses, and phone numbers. The Target incident is one of the highest profile breaches in the past five years.
In February, hackers were able to get into Kickstarter’s databases and pull customer information, including usernames, passwords, email addresses, and phone numbers.
In March, eBay experienced a big setback when a significant portion of their customer database was hacked into and stolen. To pull this off, the hackers used compromised eBay employee login credentials to navigate the corporate network. Stolen data included full names, passwords, physical addresses, and phone numbers.
In April, AT&T reported being hacked by three of their contractors. These contractors gained access to a database of personal records which included social security numbers.
We could go on and on, but suffice it say: sensitive information is never as secure as you think it is. If you aren’t already taking measures to protect yourself against identity theft, consider this a wake-up call.
Protect Your Passwords
We’ve written at length regarding the importance of password security. In most cases, your password is the only thing standing between a malicious user and all of your sensitive data. If your password breaks, that’s game over. Two-factor authentication helps mitigate this to some extent, but not entirely.
Always pick a strong password. You cannot neglect this. Don’t succumb to laziness here. Passwords like “aaaaaa”, “qwerty”, and “asdf123” are so weak that you may as well be using no password at all. Here are some tips on creating strong and memorable passwords.
Never repeat a password. Using one password for everything is a common security mistake. As soon as one account is breached, all of your other accounts are immediately at risk. Use unique passwords for each account. (You can ignore this for accounts that aren’t too important, such as throwaway email addresses.)
Update passwords regularly. Ideally, you should update your important passwords once every few months. That way, if your account data is covertly stolen, that data quickly becomes outdated. If this sounds like a burden, password managers can make this process easier.
Diversify Emails & Payments
“Don’t put all your eggs in one basket,” they say. Unsurprisingly, some of that truth can also apply to your email addresses and payment methods. If you’re a little confused right now, that’s okay. Let me explain.
Use separate email accounts. It’s an important email security tip that seems like a hassle but can prove worthwhile in the long run.
For many of us, our inboxes are the gateway to our other online accounts. If a company is hacked and someone gains access to your inbox, they’re one step closer to everything else. Separate email accounts can mitigate this to a degree.
Use multiple payment methods. Splitting your funds between multiple sources (e.g. debit accounts and online wallets) can help protect you against losing everything at once. For example, if you purchase eBay goods with PayPal and eBay is hacked, only your PayPal account is at risk. This holds true for PayPal alternatives as well.
Obviously, this isn’t a catch-all solution. If you only have one credit card, then you don’t really have a choice but to use that particular card. Similarly, most people only have one home address or one social security number. But as a general rule, diversify whenever possible.
Stay Alert & Proactive
This form of identity theft — the kind where someone gains access to your information due to a company’s mistake — is completely out of your control. Therefore, your best line of defense (other than strict avoidance of the Internet altogether) is to be proactive.
Review your statements. Whether they’re bank statements, credit card statements, or PayPal statements, you should regularly check in on your balances and keep a lookout for strange activity. If anything seems out of place, contact customer service right away and make sure nothing is wrong.
Don’t save personal information. Despite the convenience of it, try to avoid storing your personal details (e.g. card numbers) on websites like Amazon, eBay, and bill payment services. Yes, it’s a pain in the neck to input that info every time you want to make a payment, but it’s also safer.
Watch out for scams. Deception happens all over the web. You’ve got eBay scams, Craigslist scams, and holiday scams. Read about them, learn how to detect them, and stay far away. Phishing is another kind of scam to watch out for.
How Do YOU Avoid Online Fraud?
It’s scary to consider just how much damage can be wrought by malicious users on the Internet. You could lose everything in the blink of an eye.
What are you doing to keep your identity safe? Have you ever had to deal with a stolen identity? Share your thoughts and experiences with us below!