Only spectacular hacks on corporations and celebrities usually make the headlines. But many cybercriminals avoid high-value and well-protected targets, preferring to look for vulnerable and poorly secured data. And are often found among home users who don’t care enough about the security of their data.
"Why would hackers steal my data? After all, I am not an important person."This is how many users think.
But cybercriminals have a completely different approach: they often pick easy targets that they can successfully attack without much effort. Careless private users are ideal for this. The seemingly unimportant personal data can then be used to do many things: spread false information in their name, buy products or send blackmail e-mails (the story of an identity theft and its consequences could be read recently in the SZ magazine). Whether it’s financial or reputational damage, it often costs thousands of dollars and takes months for the victim’s nightmare to end.
So it can’t be said often enough: protect your name and your money with a few simple measures that will make it harder for hackers to do their thing. And this is often enough for them to look for other easier targets. Because fraudsters don’t like obstacles, and the more stumbling blocks you put in their way, the better.
The following measures have proven effective in protecting against identity theft:
1. Use a password manager
On average, every user has 70 to 80 passwords. No wonder that – according to a Harris survey – two out of three people use the same passwords across multiple accounts. But this means: If cybercriminals can only read the credentials at one provider, they can be used for multiple accounts.
Therefore, you should use a password manager. This allows you to create strong, unique passwords for any account. It encrypts them and stores them in a secure virtual vault. You only have to remember one master password and you are not allowed to save it on the device.
It is possible for an attacker to hack a password manager, but your encrypted passwords will be useless to them.
Whether using a password manager or not, create unique passwords that use the maximum number of characters allowed. Don’t allow your browser to remember passwords for accounts. Never use your credentials from one website or social media to log in to other websites or create an account. Wherever possible, use usernames and passwords that do not include your real name, email address, or references to your date of birth.
In addition, you should of course change a password immediately if the provider informs you about a successful data theft.
2. Be frugal with online shares
Online storage is convenient and secure. But this only applies if you don’t share your data with the whole world. Think carefully about who should have access to which data. Nothing makes you an easier target for identity thieves than a wealth of voluntarily posted personal information. In addition, it’s a good idea to keep personal information – such as date and place of birth, maiden name, mother’s maiden name, address, phone number, pet’s name, hobbies, etc. – on social media and network accounts.
Use only the strictest privacy settings and choose your "friends" carefully, especially in case of unknown or duplicate friend requests. Resist quizzes or games on social media, which are usually only used to collect personal data. Do not download apps from unknown sources and be wary of links and/or ads in your social media feed, including known people, as their accounts may have been hacked. Disable location detection and avoid sharing content like photos when you’re away from home. Consider what data you really want to publish and whether it could be used for criminal purposes.
3. Protect your data at home as well
When setting up home networks, many users are careless because they feel protected within their own four walls. This may be true for real life when the front door is locked, but not online.
Therefore, secure your home wireless network as best you can and only use IoT devices where you can change the password and manage security settings. Safely dispose of old phones, laptops and storage devices.
In addition, some non-technical measures are important. This includes emptying your mailbox daily, not sending direct mail, and using a cross-cut or micro-cut shredder to dispose of any documents containing personal information in a privacy-compliant manner.
Always be careful not to leave personal items such as your ID, passport, wallet, smartphone or laptop in your car or in publicly accessible places.
4. Protect your privacy in public
No one would call out their name or date of birth aloud in a public place. But in public WLANs this happens virtually after all.
Never use public access points in squares, trains, cafes or hotels for online banking, shopping or medical and health-related services. Don’t enter private information such as credit card numbers, date of birth, social security number or any membership numbers. You should also protect PINs and other identifiers if you use point-of-sale systems.
5. Use multifactor authentication
Many users shy away from multifactor authentication because they find it cumbersome. But usually you only have to enter a code after entering a user name and password, which is sent via text message. Benefit from this effective, additional layer of security with every account that offers this possibility.
Users are often baffled by the possibilities of cheats and hackers. But even with a few simple precautions, you can make their machinations more difficult. Avoid becoming an easy target. And remain vigilant and cautious in all online and offline activities. Then criminals usually look for easier targets.