You’ve probably seen horror stories on the news about identity theft recently, or seen the commercials in which you see the identity-theft victim talking in the thief’s voice about all the things the thief was able to buy and do with the stolen identity. It’s a very real problem, and in our technological age, with all our reliance on computers and the Internet, it’s getting worse. Fortunately, there’s no need to throw the baby out with the bathwater.
There are steps you can take to ensure the security of your identity while still taking full advantage of all the Internet has to offer.
- Protect your computer. You’d be surprised how many times per day the hackers try to access known vulnerabilities on your computer. If you run any version of Windows, as most people do, the operating system ships with dozens of known security flaws, and malicious people run automated scripts that scour the Internet looking for these holes. Once one is found, the fiend can give himself full access to your machine and install hidden programs that monitor your keystrokes when you type in passwords, rifle through your files (like your Quicken data file) and access your e-mail or worse. This is one way identities get stolen. You’ll definitely want to invest in a good antivirus package like Symantec’s, Norton’s or McAfee’s. You’ll also want to close down the Windows services that you aren’t using. Here’s a link to a website that will show you your computer’s vulnerabilities and help guide you in fixing them. Choose the ShieldsUp! online test program from here:http://www.grc.com/default.htm. Sometimes program installers and websites will install spyware or adware on your machine to follow your activities for marketing or other nefarious purposes. Get rid of that stuff forever by using SpyBot Search and Destroy and/or AdAware, two popular free programs that help you fight the menace of spyware. You can download these and find other invaluable information at the website of the Kim Komando computer-oriented radio show: http://www.komando.com.
- Pay attention online. You don’t want to blindly trust anything you see there. Any site that offers to accept your credit card information will have a secure digital certificate signed by a trusted agency like Verisign or Thawte. If you see certificate warnings on a site with whom you plan to do business, you should think twice before typing in that number. A secure connection will keep your data safe, but only if it’s a secure connection to whomever you’re actually supposed to be connecting! Also, most companies (especially Microsoft) do not send software updates by e-mail. Virus-laden e-mail spreads somewhat ironically, by making people think that they’re doing something proactive about spam or virii while they’re actually running a malicious script disguised as something else. Most companies will not be sending you e-mail requesting that you provide them with financial information on a web form somewhere. This includes, to give you recent examples of attempts I’ve received or heard about, the IRS, Citibank and PayPal.
- Keep your personal information secure. Your data is only as safe as your garbage — remember that. Don’t keep your passwords on a Post-It note hanging from your monitor or anywhere the fiend is likely to look. Don’t even write them down at all, if possible. If you use Passport or Apple’s Keychain or some other all-in-one password keeper, make sure you keep your master password in your head, and keep it changed fairly often. Don’t use the same password everywhere, either. Don’t throw away anything intact that you wouldn’t want found by the curb or blowing down the street behind the garbage truck — invest in a paper shredder and make use of it before throwing away anything that bears your account numbers, your social security number or any other personally-identifying information. Anthropologists piece together entire vanished cultures from the garbage they left behind in the ground — it isn’t that hard to pretend to be you once your bank statement or cell phone bill has fallen into the wrong hands. Former hacker and now computer security expert Kevin Mitnick wrote an entire book on social engineering — that is, the control of the weakest element in secure systems, human beings. People can be talked into doing things and providing information a computer would never dream of releasing — all it takes is a sad story, some industry-specific jargon or a little feigned frustrated anger, and the fiend is into your life.
- Immediately report any unusual activity to the appropriate authorities. Unusual credit-card charges or bank drafts should be reported to the financial institution at once. Most of them will monitor your accounts and help you find out if anything crazy is happening. Contact the Better Business Bureau or the local police if you think someone is trying to run a scam on you — they may already have a dozen reports of the same thing, and they can track down fraudulent activities much more easily than you can. Don’t attempt to “opt-out” of receiving spam by going to the link at the bottom of the e-mail…all that does is tell a spammer that you have an active e-mail address that you use. If possible, use a throw-away e-mail address (such as a free one at Hotmail or Yahoo!) to use when you sign up for things online. Get a call-back number from the salesman or the representative of the Fraternal Order of Police (another favorite scam) when they call you on the phone; and if they won’t give you one, then they don’t want your business –they just want your personal information.
Identity theft is very real, but the potential for it does not outweigh the good the Internet offers. I’ve been on the Internet since 1989, way before there was a World Wide Web, and I’ve never allowed myself to be victimized. It isn’t difficult to lock down your computer, and a bit of natural suspicion when dealing with unfamiliar companies online or on the phone will go a long way toward securing your personal identity from theft.
Learn more about other Frauds, Scams and Schemes.