Cyber Threats to Your Identity
While computes and the Internet offer huge benefits, they also offer cyber criminals’ opportunities to steal personal information. Cyber crooks have shown they can keep up with the fast-paced growth of technology. They constantly develop new tools and methods to trick and exploit people through computer and internet use. The more aware you are of the cyber threats, the more prepared you will be to avoid them.
“Malware” is a broad term for the many forms of malicious software designed to disrupt, harm, or hijack a computer system or data. It includes viruses and spyware. Secretly installed without your knowledge or consent, malware programs can damage your privacy and security of your device. They can capture your personal information in a variety of ways and secretly send it to identity thieves.
Computer and mobile devices are commonly infected with malware through email attachments, downloads, and the links within emails, instant messages, or pup-up windows.
Warning signs of a malware might include:
- Slow of sluggish performance
- Computer crashes
- Repeated error messages
- Being automatically sent to websites you didn’t mean to visit
- And unintended reset to a new Internet home page that can’t be undone
- Getting bombarded with pop-up ads and/or ads popping up when a browser is not open
- Finding a new toolbar added to your browser
- Seeing new icons on your desktop
- Your online search result pages only show ads
Decreased battery life, interrupted or dropped calls, and crashing apps on mobile devices are also warning signs of a malware infection.
Malware can be hard to remove. If you suspect it:
- Immediately stop all online activities that require you to enter any kind of personal information
- Update and then run your security software
- Get reliable tech support if possible
Be aware of other Internet threats that can endanger your personal information and identity.
Phishing: This is when cyber thieves send you emails that try to lure you into providing or confirming personal information. The emails look like they’re from legitimate organizations, often ones you know. They ordinarily use threats, warning, or enticements to create a sense of urgency. You’re usually asked to click on a link. If you do, it can lead to a spoof website. The site looks real enough to trick you into entering personal information.
Signs of Phishing Emails
- Request (usually urgent) for you to make contact thought a provided link
- Spelling or grammar mistakes
- Generic greeting, like “Dear User”
- Unsolicited attachments
Spear Phishing: This form of phishing target individuals or companies. The emails appear to be from an entity you know because spear phishers use information, they already have about you to create more personalized, real-looking emails.
Smishing & Vishing: Very similar to phishing, this is when criminals use automated dialing systems to call or test you with messages intended to trick you into sharing personal information. The message will direct you to a phone number or website that asks you for the information.
Texting + Phishing = Smishing
Voice + Phishing = Vishing
Avoid Phishing, Smishing, and Vishing
- Never click on links in pop-ups or those in emails and text messages from unknown sender. Be cautious about clicking email and text message links even from known senders.
- Don’t trust contact information provided in emails, text messages, or pop-ups. Check into its reliability on your own.
- Don’t respond to text or automated voice messages on your mobile phone if they’re from an unknown or blocked caller.
- Know that most legitimate companies and organizations won’t request personal information via email.
- Be cautious about downloading email attachments. Ensure you know and trust the sender.
- Sign up for cyber threat alerts at the U.S. Cyber Emergency Readiness Team website US-CERT.org.
Be Cyber Secure
- Make sure you have up-to-date and active security software that includes:
- Firewall protection. A firewall is basically a software program or a piece of hardware that helps to screen out malware and hackers that try and reach you through the Internet while you are on it.
- Anti-Virus programs and other anti-malware programs or protection. Don’t assume an anti-virus program offers protection against all kinds of malware. Other types, including the information-stealing malware known as spyware, may not be covered by an anti-virus program. Investigate security software programs and make sure yours is comprehensive.
- Update, update, update! Keeping your operating systems, security software programs, and browsers current can help secure your identity. Updates provide new patches for any security weaknesses.
- Evaluate your browser’s privacy setting, plus think about limiting or disabling cookies – those tiny bits of data used by Web servers to identify users. Some cookies are useful, but others can be use maliciously and collect information about you.
- Explore security options for all internet-connected devices, including gaming systems.
- Make sure mobile devices aren’t set to automatically connect to any nearby Wi-Fi, as this can expose you to insecure networks.
- When not in use, disable mobile device features that connect you to other devices.
- Configure mobile phones or tablets to lock automatically after 5 minutes or less of non-use.
- Laptops are popular target of identity thieves. Don’t store personal information on yours and consider using a laptop lock.
- Back up your data regularly. If your computer or device is compromised or stolen, you’ll still have access to important files.
- If you use an at-home wireless network, take steps to secure it. Otherwise unauthorized users may be able to access your personal information, see what you’re transmitting, or download malware.
- Make sure your wireless router’s encryption feature is turned on.
- If your wireless router comes with a built-in-firewall feature (most do), turn that on, too.
- Change the default name the manufacturer gave the router to one only you would know.
- Routers also come with a default password. Change it to one that’s hard to crack.
- Turn off your Wi-Fi network when you’re not using it for an extended period.
More Ways to Be Cyber Secure
- Create strong passwords that are at least 10-12 characters long and include a combination of capital and lowercase letters, digits, and special characters. Don’t make them predictable. Change them frequently.
- Don’t use the same password repeatedly. If identity-stealing hackers get it from one account, they will try it on many.
- Don’t open emails from unknown senders.
- Never email financial information or your Social Security number.
- Download software or email attachments only from sources you know are trustworthy.
- Read all disclosure information before downloading software, including apps.
- Always type authenticated Web addresses directly into your browser bar instead of clicking onto links.
- Limit wheat you share on social networking sites. Consider increasing your privacy settings.
- Don’t stay signed into accounts. When you are finished, log off and close your browser.
- Close all pop-up windows by clicking the X in the title bar. Consider using a pop-up blocker.
- Don’t put unknown flash drives into your computer.
- Before disposing of a computer, mobile device, or any Internet-connected item, completely and permanently remove all personal information from it.
Online Shopping & Activity Safety
Before you create an online account, shop, or enter any personal information on a website, check for signs that the organization and the site are secure and trustworthy.
Look for security indicators. The “https” at the beginning or the web address indicated that the page uses a secure form of encryption to protect the information you enter. Most browsers use other security indicators – a symbol, such as a padlock, and/or a color change. Learn how your browser reports website security levels. (Be aware that indicators aren’t foolproof.)
Learn about whom you’re dealing with. Do some research before buying from a seller for the first time. Investigate businesses at the Better Business Bureau’s site, bbb.org, or through an online search. Read reviews. Confirm the business or sellers physical address or phone number. Legitimate entities provide this so you can contact them with problems.
Protect Identities at Work
No matter how comfortable or familiar you may feel on the job, you need to protect against workplace-related identity theft risks. You also have a responsibility to protect the personal or sensitive information of you colleagues and employers. If you deal with personal information of customers or clients, your responsibility is even greater.
For everyone’s sake, including your own, make sure you understand and follow all organization security and privacy policies. Practice good online identity protection habits. These include the following routines.
- Lock up your purse or wallet when it’s not with you. Too often, payment cards, check, and other identity-related items are stolen at the workplace.
- Also lock up personal and employer-assigned mobile ID badges, and workplace access cards when not in use.
- Don’t put your personal information at risk in the case of a workplace security breach. Never reuse personal passwords for work, log into personal accounts from work, or store personal data or material on work computers or devices.
- Keep all work passwords and usernames confidential. Don’t write them down and store them in your work area.
- Securely store all documents and other items containing you or others’ personal information at the end of the workday.
- Verify the identity to anyone who claims to work you or with your workplace and asks you to share personal information in person, online, over the phone, or by mail.
- Be aware of who is around you when you input, share, or access sensitive information. Shield screens, keyboards, or keypads when necessary. If speaking, take eavesdropping precautions.
- Thoroughly shred unwanted documents containing other’ personal information.
- Log off and close all screen when you step away from your computer.
- Be extra vigilant about personal information safety when temporary workers, service professionals, delivery people, or other visitors are present.
- Watch out for spear phishing targeted to employees at your workplace.
- Don’t assume work computers, software, and Internet security systems will prevent you from accidentally introducing malware. You share in the responsibility of keep your organization’s system safe.
- Immediately report any signs or suspicions of malware or security breaches to your employer’s procedures.