Over the past few years, there have been a number of high-profile data breaches at familiar companies such as Anthem, eBay, Home Depot, LinkedIn, Target and Yahoo. With all of this data being leaked, it may not come as much of a surprise that the Bureau of Justice estimated that about 17.6 million Americans were victims of identity theft in 2014. So what can you do to protect yourself? Here are a number of steps you can take to avoid becoming another identity theft statistic:
1. Create strong and unique passwords
This seems like a no-brainer and we hear it all the time, but how many people actually do this? You can find countless articles on the internet with tips on creating a strong password. Some of the basics include:
- Password length – the longer the better but aim for at least 12-14 characters.
- A mix of different types of characters – use lower-case letters, capital letters, numbers and symbols.
- Avoid real words – if you can find it in the dictionary, it should not be a part of your password.
- Stay away from obvious substitutions – P@ssw0rd probably isn’t fooling anyone.
OK, so I’m sure we’d all agree that 3^N$B3dDxq is more effective than Fluffycat72, but how are you supposed to remember the former? Moreover, we know that it is preferable to use a different password for each online account, but the reality is that it’s just too hard to keep track of long, complicated and unique passwords for multiple websites. This is why most people tend to use the same passwords over and over again, which can lead to big trouble when a company has a data breach and lists containing email addresses and passwords get posted online.
The use of a password manager software solution can help you manage this arduous task. A good password manager uses powerful encryption software to allow you to securely store all of your login information in one place. The password manager can also generate randomized passwords for each account. Some tools will even identify weak passwords and automatically change them for you. Many also offer added security features such as two-factor authentication and fingerprint identity sensor support. There are a number of third-party providers in the marketplace including LastPass, Dashlane 4, RoboForm and 1Password.
2. Regularly monitor your bank accounts and credit cards for fraudulent activity
I spend about five minutes every couple of days reviewing my account activity online. While my wife would be the first to tell you that this is probably overkill, I would recommend that you do this on a weekly basis. At the very least, you should carefully review your monthly account statements and keep an eye out for any unfamiliar transactions.
3. Report any suspicious activity immediately to the affected institution in order to minimize the potential damage
Most banks and credit card companies will not hold you accountable for unauthorized charges, but you generally need to take action within a certain time period (i.e. 60 days). If you see a transaction that looks fishy, contact the impacted institution right away so they can place an alert on your account and issue new credit/debit cards if necessary.
4. Consider making your social media accounts private and avoid “oversharing”
Run a “Privacy Checkup” on your Facebook account and update your settings so that only your “Friends” can view your posts. It’s also a good idea to limit the details in your profile section. The more information that you post about yourself online, the better chance an identity thief has at successfully gaining access to your personal information. Ill-intentioned individuals could potentially piece together enough useful information to answer the “challenge” questions that are used to reset passwords or otherwise gain access to your accounts. While Facebook is clearly the biggest social media network, the same logic applies to all of the other popular sites.
5. Review your active email sessions and recent activity
Most email providers allow you to view a log of your recent account activity. If you identify anything that looks suspicious, you can sign out of any active sessions and change your password immediately to secure your account.
6. Stay away from public Wi-Fi or hotspots
While it’s tempting to use free Wi-Fi on our mobile devices to avoid cellular data overages, these networks are notoriously insecure. If you’re just using the Wi-Fi to view the weather forecast or to check the score of the Warriors game (they won by the way), you’re probably in the clear. But if you need to visit websites containing sensitive private information, your cellular network is a much more secure option.
7. Secure your computers and other devices
Be sure to secure your computers, smartphones and tablets with a passcode and/or fingerprint authorization. If left unprotected, these devices can be a gold mine of information for an identity thief, rendering all of the other safeguards moot.
With all of the personal information that is already out there these days, it is nearly impossible to prevent identity theft from occurring. The key is to make things as difficult as possible for potential thieves, identify problems early and limit the damage to the extent possible. By implementing the above security precautions, you are helping to put the odds in your favor.
If you ever believe that you may have been a victim of identity theft, you should contact your team at B|O|S immediately. You can also visit IdentityTheft.gov to file a report and get started on a recovery plan.