How to Prevent Identity Theft in 2013

Facebook & TwitterYou have Facebook, Twitter, Email and Instant Messaging and you are constantly warned of impending threats to your accounts.  Posts warn of other accounts being hacked, emails warn of phishing attempts and random instant messages pop up claiming that your friend’s account was broken into and they had to create a new account.  What’s a person to do?

Phishing 101

So let’s talk about some of these online threats and ways to prevent becoming a victim. One of the most common forms of identity theft in existence today is Phishing.  This is accomplished usually by redirecting you to a website that looks legitimate but is actually a photocopy of the real site.  You are prompted to input your credentials for one reason or another and upon doing so you unwittingly send your credentials to evil doers who will not have access to your real account.  Some of the frequently mimicked sites include eBay, PayPal, Banks, Popular Email Services, and Facebook.

For example, you may receive an email from PayPal claiming that your account has been compromised and to login immediately to correct these changes.  I recently received an email stating that there was a problem with a $218 payment that I sent (I did not send such a payment) and they provided me with a link to click on to log in and update settings to fix this.  Many people would panic and immediately click the link to log in to prevent this $218 payment from processing.

Another recent example was someone sending a chat message on Facebook asking “Is this you” with a link.  Upon clicking on the link it prompts for your Facebook username and password.  Of course I ran away from this as fast as my internet connection allowed.

Maybe we should just give up on the internet all together, right? Wrong!  Just be alert and be careful.  Things to keep in mind:

  • Prevent Identity TheftLegitimate online vendors will not ask for your password via email
  • Always type the sites address in manually instead of clicking on a link in an email or instant message
  • If in doubt, call the owner of the website before proceeding.
  • Seemingly random messages should be ignored.
  • Look for misspellings in emails, very often you will notice grammar or spelling errors
  • Look at the reply to address; is it from the same domain as the site in question?
  • Never download programs that you did not ask to download, and research any program before downloading.

It is possible to have your identity stolen without ever going on the internet.   It’s actually rather simple using very common forms of social engineering or inexpensive devices used to steal credit card information.  Identity theft is a multi-billion dollar industry and as technology gets easier, it becomes easier to steal electronically.

Identity TheftOne such device is a simply a piece of plastic placed over card readers at ATMs or Gas pumps that will read the information from your card. The person placing this on the ATM or gas pump then returns and collects the plastic device that now has your credit card information on it. Memorize your pin and change it often, and only use ATMs other card readers in brightly lit and trusted areas with cameras. If you are not comfortable with the location of a card reader, use cash.

Dumpster diving is still very common. Getting old receipts, bills, statements and more out of the trash sometimes contains enough information for someone to be able to use to steal your identity. All of your trash should be cross shredded (or if your able to, burned) to prevent this.

 

Other things you can do to prevent identity theft

  • Check your mail every day
  • Report and delivery problems to the post office
  • Report stolen credit cards immediately
  • Check your credit report at least once a year, use a credit monitoring service
  • Never give your social security number or credit card information to unsolicited callers

SMishing

There are new methods of identity theft appearing all the time.  One method quickly on the rise is called Smishing,  which is using text message as a form of getting information out of the unknowing person.  Just as in email, never respond with personal information including usernames/passwords, social security or credit card information.

While there is no way to completely prevent identity theft, following the steps above and always being alert will help considerably.  If in doubt, you can always call the vendor to double-check. Never give out information electronically unless you manually enter the correct website into the address bar of your website.  Don’t download programs without first checking with an IT professional or at least researching.  There are great sites on the internet that allow you to check if a company is a scam.  www.ripoffreport.com is one such site.  You can search for reported scams involving the site or company in question.

In short, while spyware is one of the most known sources of identity theft, but it is not the only.  Simply installing an anti-spyware program is not enough these days. You have to be aware and alert.  You should visit well know security sites to learn about current and new threats.  The best consumer is a knowledgeable consumer.  Don’t become a victim of identity theft.

Identity Theft