If you took 20 minutes to search for yourself on the Internet, what information would you find? Probably more than you are comfortable with. We put more information about ourselves online than ever before. We pay our bills online. We check the balance of our checking accounts on our phones. We file our taxes online. We post our photos online. We share information about our lives with friends online through Facebook. We share what we’re doing through Twitter. We go shopping online.
As a result, we are moving rapidly into an era when protecting personal information is not only good practice, but a crucial element in securing our personal identity. Today, protecting yourself online goes far beyond not sending information to people you do not know. Online hackers are actively and aggressively seeking information about individuals online. And as more and more personal information is being stored online, cyber criminals are having great successes. While Congress and the Federal Trade Commission (FTC) have continuous work to do in evaluating and creating industry requirements and standards on personal safety, we as individuals also have a responsibility to protect our family’s personal information.
I have compiled information from the IRS, Federal Bureau of Investigation (FBI), Electronic Frontier Foundation, TRUSTe and the FTC to create a checklist to help you make sure you are protecting your personal information online. The checklist includes not only best practices, but practical steps you can begin to take today to keep your information secure.
Beyond the Basics: Six Steps to Protect Your Privacy
- Check your password strength. Having a strong password is the first step in securing online safety. Passwords should be at least 14 characters long and include a combination of uppercase and lowercase letters, numbers, punctuation, and symbols. Change your passwords frequently and don’t use the same password across multiple sites. One tip from TRUSTe is to use a simple formula to vary your passwords for different sites. For example, use the first two letters of the site you are on (like Yahoo or Dominion Power) + your pet’s name + your birth year = yakitty59 or dokitty59.
- Learn how to identify spoofed Web sites. Cyber criminals often use spoofs of legitimate Web sites to attempt to get you to disclose personal information. This technique is called “spoofing,” and the spoofed Web sites can be difficult to detect if you are not paying careful attention. Here are ways cyber criminals get you to log on to spoofed Web sites:
- Spelling. Cybercriminals often use misspelled versions of popular Web sites. For example, www.microsoft.com could appear as www.mircosoft.com. Verify the spelling of any site before you add personal information.
- E-mail links. Be leery of e-mails or text messages you receive with e-mail links, as they could direct you to a spoofed Web site. The FBI suggests comparing the link in the e-mail to the link you are actually directed to and determine if they match and will lead you to a legitimate site. If you need to update personal information online, open a new browser window and type in the Web site address of the legitimate company’s account maintenance page.
- If you’ve been victimized by a spoofed e-mail or Web site, you should contact your local police or sheriff’s department, and file a complaint with the FBI’s Internet Fraud Complaint Center.
- Look for the lock. When paying bills or purchasing products online, never submit a credit card number or other highly sensitive personal information without first making sure your connection is secure, usually noted by a lock icon either at the bottom (Windows) or near the top (Mac) of the browser window. In addition, you can look for “https” in front of the Web site address signifying a secure site.
- Obtain a copy of your credit report regularly. With the amount of credit card and bank account information we store online, it is good practice to monitor your credit report for suspicious activity. If you do not already subscribe to a monthly credit monitoring service through your bank or insurance agency, request a free copy of your credit report each year. The Fair Credit Reporting Act guarantees you access to your credit report for free from each of the three nationwide credit reporting companies — Experian, Equifax, and TransUnion — every 12 months. AnnualCreditReport.com is the only authorized source for the free annual credit report that’s yours by law.
- Don’t share your entire life story on Facebook (or other social sites). An article in The New York Times highlighted a study that examined correlations between various online accounts like Facebook and Twitter. The New York Times reported that “scientists showed that they could identify more than 30 percent of the users of both Twitter, the microblogging service, and Flickr, an online photo-sharing service, even though the accounts had been stripped of identifying information like account names and e-mail addresses.”
The truth is we put a lot of information about ourselves on social networking sites. Be a “detective” on yourself and see what kind of information cyber criminals could identify about you across various social media accounts. Do you mention your address in the photo album showcasing your new house? Are your account settings so liberal that anyone can see where you work? Is your phone number posted on your blog? These personal identifiers make it easier for cyber criminals to steal identities. In fact, your social security number, your phone numbers and your home address are considered to be the top three things you should never post publicly online. In addition, you should actively use the controls provided on social networking sites provide to better protect your information.