4 Things You Should Never Text or Email

Most of us in our “instant gratification isn’t enough” society assume that the potential fallout from transmitting sensitive information via text, fax or email is outweighed by the convenience of getting something where it needs to be fast. After all, becoming the victim of an identity-related crime isn’t the end of the world, right?

Define “End of the World”

While it’s not technically the end of the world, you may find yourself wishing for it. There is nothing quite like that maddening feeling you get while reading a notice from a collection agency informing you that you owe money for goods or services that you never purchased.

The next order of business is where people tend to really lose it: Getting a credit report riddled with identity theft-related errors. If you are lucky, whoever used your information to make the purchases that eventually hit your mailbox in the form of a collection notice only perpetrated that one incursion on your financial reality. That said, look closely at your credit report(s) because indices of identity-related fraud can be similar to spotting a cockroach — for every one you see, there may be more you don’t. (You can pull your credit reports for free each year via AnnualCreditReport.com and view a free credit report summary, updated each month, for free on Credit.com.)

Whether your identity has been ransacked or cherry-picked, that collection notice is often the starting gun for a marathon of annoyance and emotional turmoil that can take months or even years to finish. The mess left behind by an identity thief is like a home burglary, minus the physical clutter. Someone has invaded your private space, in this case the parts associated with finance, and committed crimes using what they found. And, while identity theft is a third certainty in life, you can make it harder for fraudsters to get ahold of your personal information.

Don’t Make It Easy

So, you are about to send some sensitive piece of information — something that can be used to steal your identity — by way of email, text, voicemail or fax. It needs to get there, and your only other option is to go in person, or try to get someone on the phone.

Can you send it? Of course you can, but understand the risk: You don’t know what’s happening on the other end with your information. Who has access to the mail that comes in, the voicemail, the fax machine, the email (include in here hackers who have successfully phished malware onto the computer on the receiving end)?

Let’s make it more nerve-wracking: When you call to provide that information, who are you talking to?

Always ask yourself these questions.

While it may sound simplistic, when you’re on the phone with a representative of a large organization and you know the number that you called is correct, you’ve done pretty much everything you can to be careful. Increasingly, large organizations are practicing safer information storage and have a number of procedures in place to protect you from fraud. These practices are not fail-safe, but they are as much as you can expect.

But let’s say you’re sending that information to your general practitioner, an M.D. who works solo or in a small group. And let’s not pick on your doctor. There are countless professionals, organizations and small businesses out there who have enough of our personally identifiable information to open us up to the risk of identity theft.

A short list would include: your doctor, your dentist, your lawyer, your accountant, your children’s school, your church, your favorite charities, your gym, your alma mater, and many of the services and people you hire to make life easier.

How do you know that they are practicing good information security? The answer: You don’t. That’s why it’s a good idea to be stingy with your sensitive personal information.

Things You Should Not Send

1. Social Security number. This is the skeleton key to your financial life. It can be used to open accounts, steal tax refunds and commit many other kinds of fraud.

2. Your credit card information. There is too much malware out there for this to be a safe practice. Don’t send this information via email or any other electronic means that is not secure (look for https:// and the Padlock on websites before hitting submit).

3. A copy of your driver’s license. Remember, fraudsters are not big on in-person transactions, but they are very good at talking their way around security protocols. If they have your Social Security number already (this can often be found online through shady websites), and they have enough other pieces of your personal information to convince you they are an official organization, they can dupe you into sending your photo ID — or steal it from someplace you do business — they can do a lot of damage.

4. Your PIN codes or passwords. These should never be shared, period, but if you are sharing that information in a pinch to someone close to you, do it on the phone . Malware is too prevalent to risk communicating that information electronically.

While all of this may sound like common sense, the myriad mistakes people make on a daily basis is beyond the ken of understanding. The key to staying safe is staying vigilant. Always practice the Three Ms: Minimize your exposure, monitor your accounts and manage the damage the minute you discover a problem.

While there is no preventing identity-related crime, you can avoid becoming an unwitting volunteer.

Image: MartinPrescott

The post 4 Things You Should Never Text or Email appeared first on Credit.com.

8 Ways to Protect Your Privacy Online

The only sure thing in the world of information security is that there is no such thing as a failsafe solution. It’s crucial not only to keep abreast of the latest threats out there, but to also act as though the mission is to find your way to safety from the middle of a lawless demilitarized zone that’s lousy with enemy snipers.

Sound extreme? Remember that Cold War classic “A Few Good Men” when Colonel Jessup (played by Jack Nicholson) tells Tom Cruise’s character “You have the luxury of not knowing what I know”? It applies here. I’m not saying I have all the answers, mind you. If anything I think the opposite. But I do know that I don’t know what’s going to happen next in the land of Data Insecurity, and that gives me a better chance of staying safe.

Still Not Worried?

Symantec just reported more than 500 million digital identities were stolen in 2015 while fake tech support scams increased by 200% and ransomware attacks increased exponentially as well. Hackers are getting better at their game—ensuring better results with better techniques and technology.

Want more? Dell SecureWorks annual report was recently released. The takeaway? Hackers are getting organized and entrepreneurial. Want to get access to a U.S.-based email account? It doesn’t matter if it is Yahoo, Google, or Hotmail, they’re all available for a pretty decent price: $129. (Note the market-appeal pricing!) According to the report, it costs a little more to get into a corporate account—understandably—and a little less to get into a Russian email account.

Also on the menu: access to Facebook and Twitter accounts — and for the same price as an email hack! There’s a panoply of services on offer out there — ranging from malware that aids snooping to doxxing — that opens up the possibility for all kinds of identity-related crimes.

So What Can You Do?

There is plenty you can do. The first thing is to change your life. I mean it. You have to completely change the way you approach your life as it intersects with things digital.

I’ve mapped out a way to do this in my book Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves, which provides different discussions and strategies for specific situations ranging from identity-related tax fraud and medical identity theft to phishing and child identity theft.

But if you read nothing else on the topic, there are three simple things you should bear in mind, which I call the Three Ms.

  1. Minimize your exposure. Don’t authenticate yourself to anyone unless you are in control of the interaction. Don’t over-share on social media. Be a good steward of your passwords, safeguard any documents that can be used to hijack your identity and consider freezing your credit.
  1. Monitor your accounts. Check your credit report religiously, keep track of your credit score, and review major accounts daily if possible. (You can view two of your credit scores for free every month on Credit.com.) If you prefer a more laid-back approach, sign up for free transaction alerts from financial services institutions and credit card companies, or purchase a sophisticated credit and identity monitoring program.
  1. Manage the damage. Make sure you get on top of any incursion into your identity quickly and/or enroll in a program where professionals help you navigate and resolve identity compromises — oftentimes available for free, or at minimal cost, through insurance companies, financial services institutions and HR departments.

Beyond the Three Ms, here are a few common-sense changes you can make to your daily digital life that will make you a moving target for identity thieves.

  1. Beware phishing. Never click on a link sent to you via text or email from a stranger. If you get a link from someone you know, first check if that person actually did send it, because they may not even know that they got hacked and have become a font of malware. Assume the worst!
  1. Be smart about passwords. Never use the same password for different accounts, and do not keep all your passwords saved behind a single password (like on your computer). Make your passwords complex, long and make sure they contain punctuation marks, numbers and other random symbols. 
  1. Use multiple-factor authentication. You may have received a notice recently from your email provider asking for a phone number that can be used to contact you in case your account is hacked — that’s multiple-factor authentication. If you are given this option, use it. Security is sacrificed on the altar of convenience way too often, and a little extra effort can make a huge difference in vulnerability.
  1. Consider encryption. It’s not as hard as you may think to start using a pretty good privacy-based encrypted mail system, and the upshot is that you will be much harder to hack.
  1. Tighten your privacy settings on social media accounts. Never post anything that will make it easier for a fraudster to guess things about you, because that could compromise any account that’s protected by security questions.

We all occupy a digital privacy landscape that is treacherous. It’s a no man’s land where criminals not just figuratively, but in actuality, hold sway over the good orderly direction of daily life. Whether you become a statistic may be out of your hands, but there are ways to improve your odds of staying safe, and it’s very much worth your time.

More on Identity Theft:

Image: moodboard

The post 8 Ways to Protect Your Privacy Online appeared first on Credit.com.