Protecting Your Account
Since you can control the information you choose to release, you are the best person to protect your personal information. There are some easy ways do this by keeping anything with any personal or account information in a safe place, providing your information only to trusted sources, and by reducing the amount of mail you receive with your information on it.
It is okay to be skeptical when providing your personal information. If you can’t verify the legitimacy of the business or person that you may be providing your information to, or if you do not understand why a certain piece of information is needed, you may want to think twice about giving out the information.
Take care of your personal information
Your personal information is present on mail, credit cards, and identification. Protecting these pieces of information is the first step in reducing your risk of identity theft and fraud.
- Carry only necessary identification with you. Don’t carry your Social Security card.
- Treat your credit cards, debit cards and checks like cash.
- Retrieve incoming mail from your mailbox quickly. Do not leave outgoing mail in an unsecured mailbox or any other location or switch to paperless statements if possible.
- Make copies of all of the financial information that you carry with you daily and store the copies in a safe place.
Provide information only to trusted sources
You should share your information only with trusted sources. If you can’t verify the identity of the source asking for your personal information, you should be very cautious about the disclosing any information.
- Never provide personal information unless you have initiated the contact and have confirmed the business or person’s identity.
- Be cautious of telephone and door-to-door solicitations.
- Be skeptical of offers that seem “too good to be true”. They usually are.
For more information about how to protect your personal information or if you have fallen victim to identity theft, please visit the Federal Trade Commission website
Spam is the electronic equivalent of junk mail. The term refers to unsolicited, bulk – and often unwanted – email. Here are ways to reduce spam:
- Enable filters on your email programs: Most ISPs (Internet Service Providers) and email providers offer spam filters. However, depending on the level you set, you may wind up blocking emails you want. It’s a good idea to occasionally check your junk folder to ensure the filters are working properly.
- Report spam: Most email clients offer ways to mark an email as spam or report instances of spam. Reporting spam will also help to prevent the messages from being directly delivered to your inbox.
- Own your online presence: Consider hiding your email address from online profiles and social networking sites or only allowing certain people to view your personal information.
Phishing attacks use email or malicious websites (clicking on a link) to collect personal and financial information or infect your machine with malware and viruses. Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.
Spear Phishing Email
Spear phishing is highly specialized attacks against a specific target or small group of targets to collect information or gain access to systems.
For example, a cybercriminal may launch a spear phishing attack against a business to gain credentials to access a list of customers. From that attack, they may launch a phishing attack against the customers of the business. Since they have gained access to the network, the email they send may look even more authentic and because the recipient is already a customer of the business, the email may more easily make it through filters and the recipient may be more likely to open the email.
The cybercriminal can use even more devious social engineering efforts such as indicating there is an important technical update or new lower pricing to lure people.
Phone scams are no joke. Scammers target millions of Americans every year via robo dialers and many people fall victim as they are threatened with arrest warrants or guaranteed free vacations.
Typical phone scams often involve free vacations and prizes, computer hacking and repair services, scams involving loans, phony debt collectors, fake charities, medical alert/scams targeting seniors, warrant threats and IRS calls.
Phone calls from criminals impersonating IRS agents remain an ongoing threat to taxpayers. The IRS has seen a surge of these phone scams in recent years as scam artists threaten taxpayers with police arrest, deportation and license revocation, among other things.
When in doubt, throw it out: Links in email, tweets, posts and online advertising are often how cybercriminals try to compromise your information. If it looks suspicious, even if you know the source, it’s best to delete or, if appropriate, mark it as junk.
Think before you act: Be wary of communications that implores you to act immediately, offers something that sounds too good to be true or asks for personal information.
Make your password a sentence: A strong password is a sentence that is at least 12 characters long.
Unique account, unique password: Having separate passwords for every account helps to thwart cybercriminals. At a minimum, separate your work and personal accounts and make sure that your critical accounts have the strongest passwords.
Get two steps ahead: Turn on two-step authentication – also known as two-step verification or multi-factor authentication – on accounts where available. Two-factor authentication can use anything from a text message to your phone to a token to a biometric like your fingerprint to provide enhanced account security.
Pay attention to the website’s URL: Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
Keep a clean machine: Having the latest operating system, software, web browsers, anti-virus protection and apps are the best defenses against viruses, malware, and other online threats.