Disclaimer: The following story was curated by R.L. Adams, a former author for Forbes. All events depicted in this anecdote are taken directly from his experiences.
“I was recently the victim of a hack. My identity was impersonated and the information was used to steal my personal data from GoDaddy. How could this happen I asked myself? The cybercriminal got hold of my social security number, used it to locate my credit card number from my bank, then used that credit card number to access my GoDaddy profile by socially engineering a customer service representative embedded at the hosting giant’s offices.
Don’t get me wrong here. I’m a huge GoDaddy fan. In fact, I’ve been with the company for over a decade. And, to GoDaddy’s claim, they did give me a massive account credit to use towards any purchase. Clearly, I won’t have to pay for domains or hosting for a very long time to come. However, it doesn’t feel good to be the victim of identity theft. When it’s a one-off situation, it feels even worse. This wasn’t part of some greater scheme that infiltrated the company to release millions of records of consumers; it was a very personal and private attack.
Now, if you’re thinking that I was silly by not utilizing two-factor authentication, you’d be wrong. My GoDaddy account was two-factor enabled. So what happened here? Aside from a major misstep on the part of GoDaddy to protect my data, which they’ve stated “was an isolated incident caused by human error when a representative failed to follow standard operating procedures,” according to Todd Redfoot, Chief Information Security Officer, there’s a larger question at play here.
The question is, how do you protect your identity from hackers and cyber thieves who are hell-bent on penetrating and stealing your financial or personal records in an effort to profit or get rich from that data?”
Identity Theft Protection
With the increase of your public presence being online, no one’s personal data is ever fully secure. Even the most sheltered information can be obtained by a cybercriminal trying to steal your identity. Businesses and individuals alike fall victim to identity theft either through data breaches or infiltration of your personal information such as Social Security Number (SSN), bank accounts, and credit card information.
However, that’s not to say that there aren’t steps you can take to try and protect your sensitive data from a hacker. Here are some of the best ways to protect your private information online:
#1 Hide Your IP Address
The IP address on your phone, laptop, or desktop computer reveals more information about you than you may think. An IP address is a unique address that identifies a device on the internet or a local network. It provides very sensitive information such as the user’s location and online identity. Malicious websites and software can track your movements around the internet, collecting data in the form of cookies that are shared amongst unscrupulous sites.
Fortunately, there are services available such as a Virtual Private Network (VPN) that shields your IP address from being intercepted by hackers. The VPN ensures that all of your data traffic is routed through an encrypted virtual tunnel, making its location untraceable to others while in use. This is the best way to hide your IP address and keep it out of harm’s reach.
#2 Use Strong Passwords
Using a simple password to protect your accounts is a huge contributing factor to online identity theft. You’ve probably seen in movies and TV shows how easy it is to guess someone’s password based on general information about them. Even complicated passwords can be guessed through brute force attacks, which is why it’s so important to create a strong password that varies for each site you use.
To do this, you can change the letters, the casing, numbers, and special characters in them. Make them as strong as possible to avoid one of the most common hacks around.
#3 Search for Encryption on Websites
Another easy way to ensure your information is kept private is to check the website that you’re using is secure. To do this, you’ll want to look for signs of encryption within the site. Start by looking at the search bar where the URL is displayed. If the security lock symbol is present before the web address bar and there is an “s” on the end of “http” in the URL, then the site is properly encrypted. This keeps your name, phone number, address, credit card number, and other sensitive information from being seen by anyone else.
#4 Use Two-Factor Authentication
Most online service providers, banks, web services, and other larger companies have two-factor authentication these days. Two-factor authentication requires that people trying to gain access to their account go through multiple steps to verify their identity and is used as an added layer of protection and security to your private information. You can also install an authenticator application on your computer or phone to ensure optimal security.
#5 Install Security Programs
Security programs such as firewalls and other protection software can easily be installed to prevent a data breach. These security suites, as they’re called, keep scammers and hackers from infecting your hardware and stealing your information. This includes blocking harmful software such as spyware, viruses, and phishing scams that can be installed secretly when you are online.
#6 Try to Avoid Phishing Scams
A phishing scam involves sending a fraudulent message to someone via email, social media, and more in order to obtain their personal information. The message typically looks like it is from a verified site or legitimate organization that is requesting sensitive information for a proposed purpose. However, the information is then used maliciously to gain access to private accounts, documents, and more.
To avoid being the victim of a phishing scam never open emails or attachments when the sender is unknown and don’t click on unsecured links from strange emails. Additionally, avoid anyone offering money, unfamiliar job opportunities, or requests for donations to charities as this might be a plot to obtain your personal information and online identity.
#7 Enable Cookies Only When Required
If you’ve ever visited a website that asks you to enable or accept their cookies, you are essentially allowing that site access to your IP information. While they are mostly used to collect data about the type of content you’re looking at, they also store this data in their own web server which can then be easily accessed by anyone associated with the website. So, while you do want cookies enabled on your browser, you should limit this to websites that require cookies in order to access it. Otherwise, you’re giving away too much personal information to a variety of sites that may not be totally secure.
#8 Avoid Using Public Wi-Fi
Public wi-fi and free wi-fi are typically not secured, meaning any hacker can put themselves in between you and whatever information you’re trying to access. So, say you go to check your bank account information from your phone before you go to buy those new pair of shoes, but you do so on a public network. A cybercriminal can easily sneak into the network and intercept the connection, gaining access to very valuable information. To avoid this kind of identity theft, avoid using public wi-fi networks altogether.
#9 Adjust Social Media Privacy Settings
Your social media profiles also offer up very valuable, sensitive information to potential hackers and cyber sleuths looking to steal your identity. To ensure you don’t fall victim to identity theft caused by your social media accounts, be sure to set the privacy settings on all platforms such as Facebook, Instagram, Snapchat, and Twitter. Also, be careful with what you post or share on social media as anyone can gain access to this information and use it to steal your personal data.
#10 Use an At-Home Shredder For Sensitive Documents
Be very careful what you throw into the trash. One very easy way that criminals can specifically target you is by going through your trash. If you don’t shred documents that have personally identifiable information on them such as bank account statements, credit reports, and others, then you’re taking a big risk. You’re effectively luring in criminals to target you by obtaining very personal information about your financial activity.
Secure Solution Data & Document Destruction
American Document Destruction is a HIPAA compliant document shredding company that has been loyally serving Northern Nevada and Lake Tahoe since 1997. We handle all types of on-site and off-site shredding and also provide data breach reporting solutions with out CSR readiness service. Reach out to us if you have any specific questions about hard drive destruction or identity theft protection – we’re here for you!