How to Protect Your Personal Information Online
June 05, 2021
It's no secret that cybercrime is on the rise. According to the FBI, there was a more than 300% increase in cyber attacks and activity in the year 2020 – and it’s only expected to continue rising. It’s more important than ever to watch out for all types of online identity theft to keep your personal information safe.
In this article, we compiled 5 easy steps you can follow to protect your personal information online and make sure that it doesn't fall into the wrong hands.
1. Create strong passwords
Passwords are some of the easiest things for hackers and cybercriminals to breach, which is exactly why you need to take the creation of your passwords seriously. You can’t just use the same exact password that you have been using for years across all your accounts.
When you create passwords, don’t include any personal information, such as a birthday or a name closely associated with you (like a relative or spouse). In fact, you should not use any words or phrases in your password that are personally tied to you.
Instead, choose a combination of upper-case and lower-case letters, numbers, and special characters to make your passwords more difficult to figure out in the event of a data breach. You should also update your passwords periodically, at a minimum either annually or semi-annually. This is especially critical for your most important online accounts, like your bank accounts, social media accounts, and any others with personal or financial info.
Many of these sites and related apps may also provide the opportunity to use a two-factor authentication process, which we strongly recommend. This step increases the security of your banking app, for example, because you need to provide your password and then verify that it’s you through another means, such as a separate app on your smartphone.
Use a password manager
While it may sound easy enough to create strong and unique passwords, practically speaking it is not something that many people will remember to do. Plus, it’s easy to overlook password security if you haven’t been personally affected by online identity theft.
To mitigate this risk, use a password manager to store your various passwords. This is much more secure than just saving your passwords in Google Chrome, too, because a cybercriminal can hack those if they get into your Google account.
Some of the best password manager apps have free versions, as well as affordable paid options. A password manager will help to curtail a lot of the risk that comes with exposing your online accounts, and many password manager apps allow you to store all of your passwords securely. They also often encrypt your password database with a master password.
2. Limit what you share on social media
It has become increasingly clear to cybersecurity experts that social media is insecure. Facebook suffered a data breach in early April 2021 that exposed the personal data of more than 500 million users. Once this data is exposed, hackers and cybercriminals can use data like phone numbers, full names, location targeting, email accounts, and biographical information to commit fraud and identity theft.
With all of these risks, you may be wondering, “How can I protect my information online, especially on social media?” Your first step is to limit the information you provide and post to Facebook, Twitter, and other social media companies. While using social media is a personal decision and a great way to connect with people, it’s important to use these platforms responsibly.
Limiting what you share and post is a key step in making sure that both companies and cybercriminals don’t have access to your personal info. This keeps more of your data private and reduces the possibility of that information falling into the wrong hands.
3. Make sure your wireless connection is secure
Most free public WiFi connections, including those in coffee shops and shopping malls, have few if any protections in place, which is why you should use these wireless connections with caution.
While there is no harm in using these public WiFi connections for some light social media use or internet browsing, don’t use them for anything that requires your personal information, such as bank accounts and online shopping.
When using a wireless connection at home, make sure it has WiFi Protected Access (WPA), WPA2, or WPA3 security standards instead of Wired Equivalent Privacy (WEP) security standards.
WEP is the most widely used WiFi security protocol in the world, but it’s also the least secure. This is due to evolving security standards and numerous security flaws discovered within the WEP standard. Fortunately, most wireless routers manufactured after 2005 support WPA2, and newer wireless routers support WPA3.
Use a firewall
In addition to using a WPA-based connection, there are other things you can do to secure your WiFi. Consider setting up a firewall that works in tandem with both your computer’s firewall and your wireless router's firewall. To do so, you'll have to invest in a more advanced router with enhanced security features.
If you don't want to go this route, you can also use a Virtual Private Network (VPN) to create a private cloud-based network that masks your IP address for any connected devices. This is helpful because a publicly accessible IP address can reveal information to malicious software and bad actors, that can use it to exploit your device’s security.
Enable MAC authentication
You can limit access to your wireless network by enabling MAC (Message Authentication Code) authentication. By using MAC, only specific devices can connect to your network, which will exclude any unknown devices from connecting by default.
If you do this, you’ll use the unique serial number known as a MAC address that belongs to every device to access the network. You will also have to manually add any new device to the MAC authentication wireless network. It may sound like a lot of extra steps, but it’s worth it to keep your personal information private.
4. Never share your Social Security number
You should always be skeptical if any online business needs your Social Security number to complete a transaction. Even if the business says they need it, the first question you should ask is, “Why?” There are very few institutions other than banks, utility companies, and doctors’ offices that require SSNs for any reason. Online retailers and service providers don’t need to access your SSN, and if you do provide it to them, you have no guarantee they will safeguard your personal info online.
Unfortunately, there are many ways that companies don’t follow due diligence when it comes to your SSN. Negligence, such as data breaches, stolen laptops, and even identity theft within the company itself, can leak your SSN to the wrong hands.
Once a nefarious actor has your Social Security number and steals your identity, they have the potential to obtain your medical records, file fraudulent tax returns, and apply for a loan in your name. This is why it’s always better to err on the side of caution and not share your SSN on any publicly accessible website, over email, or in an instant message.
5. Always double-check email attachments
Email is one of the least secure platforms when it comes to your online information. This is because you can retrieve email when it’s sent from one email address to another over an unencrypted network. Email is also often stored on unsecured servers and devices, which makes it particularly vulnerable.
This is why financial and medical institutions don't send statements or medical records directly through email. Rather, they will let you know that a statement or medical record is available and then direct you to log into their secure online platform.
Always be skeptical
It’s important to be suspicious of any email attachments, but especially if they come from an unknown email address. This is what is known as a phishing attack, and they’re often disguised as communication from a reputable source such as a bank or medical institution, or even the government.
The goal of these attacks is to steal sensitive data from you, such as credit card information or the username and password for your accounts with these organizations. If you open the email attachment sent from a phishing account, it will likely install malware on your system and send your information to cybercriminals.
The simple way to stop this from happening to you is to not open or download any email attachments unless you know exactly who the sender is. Even then, you can always send a separate email to that person to verify that they actually sent the attachment.
Online identity theft is becoming an increasingly common and serious issue, and it may only become more prevalent in the years to come if cybersecurity efforts can’t keep pace with the sophistication of cyberattacks. This makes it all the more important to know how to keep your personal information safe online.
To keep your precious data and info secure, it’s best to create stronger passwords and use a password manager to store them, limit what you share on social networking sites, make sure that your wireless network is secure, and never give out any personal information online or download any suspicious email attachments. If you follow these basic principles, you’ll reduce your chances of falling victim to a cyberattack.
About the Author: Daniel Horowitz is a contributing writer for HP Tech Takes. Daniel is a New York-based author and has written for publications such as USA Today, Digital Trends, Unwinnable Magazine, and many other media outlets.
Article reposted with permission from HP Tech Takes