Though some of us may remember life before the internet, the thought of giving up the convenience and connectivity at this point would almost be unthinkable. Because of the World Wide Web, our lives have become easier, with everything we could possibly need available at the click of a button. Unfortunately, this convenience comes with risk. Just think: in about the same amount of time it would take you to send your grandma a selfie from your vacation, a thief could get all the information he or she needs to steal your identity.
Identity theft can happen to anyone at any time, and often, a victim isn’t even aware until it’s too late. Most of us believe we won’t ever become a target since we’re just ‘regular’ people; however, that’s often where the problem starts. The fact is, identity thieves cast a wide net to ensnare people in ways they least suspect. Filling your tank at the gas station, shopping at the mall, or posting pictures from your vacation online can potentially expose you to having your identity compromised.
To help us all learn how to better protect ourselves, we spoke with Ranjika Manamperi, a Cybersecurity expert and Director of Corporate Risk and Information Security at Allstate Canada.
What are thieves looking for?
According to Ranjika, thieves only need one thing in order to steal your identity and create a “new you”– information. She explained this information can come in many different shapes and forms, including:
- Social Insurance Number
- Driver’s License
- Health Card
- Bank Statement
- Credit Card bills
- Tax Information
- Vehicle Registration
- Utility Bills
- Insurance Documents
- Prescription receipts and medication bottles
This list is by no means exhaustive. Some of these pieces on their own may not give a thief enough data to steal your identity, but identity thieves will go to great lengths to piece together the components of a new identity that they can use for fraudulent purposes. “Identity thieves will troll social media accounts, try to access your email, and engage in phishing schemes,” says Ranjika.
And of course, identity thieves are most commonly known for lurking online, using malware (spyware and other viruses) to help themselves to your online passwords and track your activity.
“Identity thieves have stepped up their efforts to get our information,” says Ranjika. “This means we have to step up our game when it comes to protecting ourselves”
Protecting yourself offline:
Keep documents “safe”: Ranjika suggests keeping all physical files stored safely in a secure location. This includes personal identification like passports and SIN cards, lease information, ownership certificates, insurance documents and tax documents. She points out that if you have a safe in your home, it’s probably the best place to keep those documents as they’ll be protected from fire, flooding and prying eyes.
Beware of “social engineers”: This technique involves someone calling (or sometimes emailing) and asking for sensitive personal information while pretending to represent a company you do business with. She explained that “if someone contacts you and asks for personal information, it’s okay to say no. You can then contact the company directly yourself to verify the call. Legitimate businesses will never ask for you for personal information, particularly account numbers.”
Make caution a habit: It’s not enough to only be wary in particular situations. Ranjika suggests making securing your personal information a part of your routine.
- Regularly monitor your accounts, credit score and banking statements for suspicious activity. If your accounts have been compromised, it helps to find out sooner rather than later.
- Get your phone number added to the Do Not Call List to cut down on anonymous calls. If you’re contacted by phone by organizations you don’t know, there are ways to report them.
Stay cyber secure online:
Protect your passwords and security answers: Password management is key to protecting your information online. In the age of social media and excessive online sharing it becomes even easier for identity thieves to crack the code on not only your passwords but answers to your security questions. “Think about what information you’re putting out there, and the implications of it,” says Ranjika. “What may seem like a simple photo of you and your friends hanging out could reveal a lot about you – like where you live, where you go to school, or the car you drive.”
Another example: if you were to post on Instagram that today is your 30th birthday, a hacker would then know your birth date, year and age. If you geotag your photos, hackers will also be able to narrow down your city, if not postal code.
In order to keep yourself protected, Ranjika suggests that for sites that aren’t finance or government related, to provide answers to questions for password recovery that actually have nothing to do with you. For example, use a friend’s birthdate instead of your own.
Most importantly make sure your passwords contain various letters, characters and numbers. And to make your life easier, since we all have what seems like countless passwords to remember, Ranjika suggests using secure software to manage your passwords such as Password Manager that stores them for you. That way, you’ll just need to remember one complex and hard-to-guess password instead of ten.
Don’t leave your devices unattended: If you have to leave your laptop, phone or tablet out of your sight, make sure the device is locked. This also goes for any flash drives or external drives that may contain sensitive information.
Beware of attachments: Attachments can contain harmful malware that can track your activity online for all the wrong people. If you’re suspicious of an email or its sender, don’t open its attachment. If the email is from someone you know, but the title or message has poor grammar, obvious spelling mistakes or is about a subject you don’t discuss, check to make sure your contact actually sent the email. The same applies to emails with suspicious looking URLs. When in doubt, don’t click.
Watch where you browse: When you’re going to do any banking or shopping online, make sure you’re doing it on a device you trust, and on a secure network. Public computers, networks or public Wi-Fi connections can expose your information.
Don’t hook up with strange hardware: Be careful about what you decide to plug in to your computer. Malware can be spread through infected flash drives, external hard drives, and even smartphones.
Do you have questions or any tips about keeping your information safe? We’d love to hear about them in the comments!