Widespread data hackings are increasingly common, whether it is a credit bureau (Equifax in 2017), a hotel (Marriott in 2018), an online game producer (Zynga in 2019) a federal government agency (OPM in 2015), or an Internet media company (Yahoo! in 2016). Another common scam is phone calls and e-mails claiming to be from a bank…or Social Security…or the IRS.
In each of these cases, customers’ personal data including:
- E-mail addresses
- Log-in credentials
- Credit card numbers
- Birth dates
- Social Security numbers
could be compromised. There may also be fraudulent requests to wire transfer money, reveal computer login credentials, or purchase gift cards and give fraudsters the numbers above the bar code.
What to do to avoid falling prey to scams? Below are seven suggestions to protect private information and reduce your chances of becoming a fraud victim:
Practice Cyber Hygiene
Successful fraudsters successfully reach victims through their “weakest link.” It might be something as simple as a weak password or someone revealing TMI (too much information) online.
Consider your potential fraud exposures (e.g., reusing the same password/user name combination). While nobody is 100% immune from fraud, the objective is to make yourself a harder target so fraudsters find victims elsewhere.
Mix Up Your Log-In Credentials
Fraudsters know that most people use the same username and password in multiple places. When they obtain personal information from a data breach or the Dark Web; they try to exploit it in multiple places using scripts, a process is known as “credential stuffing.” It will probably take several hours to create a multitude of unique passwords. Once you are done, be sure to record them in a digital assets inventory.
Some people accidently click on links, or even photos that take them to a website that requests personal data or installs malware on their computer that later obtains sensitive data.
Often, this happens as a result of a phishing e-mail.
A good cyber hygiene practice is to not click on any link if you do not know the sender and/or you receive a cryptic message (e.g., check this out!) and do not know what the link is for. Another hygiene practice is using strong passwords with a variety of types of characters.
Set Up Two-Factor Authentication
Every personal website should have a two-factor authentication process where a unique one-time password is sent via e-mail or a text message and is necessary to access an account. Personal websites such as:
- Investment accounts
- Social Security
Some accounts also have challenge questions for account access. Typically, two-factor access is a very simple process to set up through the “settings” and “privacy” functions on a website. Again, it’s all about not being an easy target.
Freeze Your Credit
A credit freeze blocks access to credit reports to prevent fraudsters from opening credit in a potential identity theft victim’s name. It, therefore, provides an extra layer of fraud prevention protection.
Freezes are done with each of the “big three” credit bureaus (Equifax, Experian, and TransUnion) individually.
They do not affect a person’s credit score. There is no cost to freeze credit or to “thaw” (unfreeze) it for a short time to apply for a bank account, line of credit, or utility service. A PIN or password is typically provided for this purpose.
Update Your Computer
Another piece of cyber hygiene is keeping an operating system current by installing updates as they become available. Ditto for anti-virus and anti-malware programs.
Some experts also advise using a password manager program with two-factor authentication as well as strict privacy settings for social media. Another common recommendation is text alerts or e-mails from financial institutions when making changes to an account.
Many pundits are predicting a future without passwords. Instead, there will be new authentication protocols such as facial biometric scans and fingerprint swiping.
Another promising protocol is behavioral monitoring of users’ typical spending patterns to identify “out of the ordinary” behavior. “Keeping current” also means paying attention to scams that feed off current events such as COVID-19, tax season, wars, and natural disasters.
For more information about keeping information safe, review this Consumer Financial Protection Bureau website.