Are You a Walking Target for Identity Theft?


Identity theft – the action in which another individual impersonates you in order to defraud an organization or yourself – is not a new concept by any stretch of the imagination.  In 1964 when the term “identity theft” was first coined, the majority of fraud incidents involved individuals who physically stole identification and documents in order to rob individuals.  While physical identity theft is still a growing concern that still deserves a great deal of respect and concern, the revolution of the Internet and instantaneous communications has led to a new revolution of identity theft that takes place over the Internet.  So how do you know if you are likely to become a victim of identity theft?

First off, one has to consider how they store their data.  While many of us store data locally and decrypted on our local computers, we neglect to take the proper precautions to protect that data.  Even if you have security precautions in place, it’s important to realize that system passwords can often-times be reset relatively easily, and that they are of no use when malware is brought into play.

Ideally speaking, everyone should consider using an encryption suite such as the cross-platform TrueCrypt utility to store their sensitive files such as financial and business data.  While encrypting (and decrypting) contents can be somewhat of a challenge, it ultimately helps to keep your information bullet-proof.  If you don’t want to put yourself through the hassle of messing with encrypted mechanisms for all of your data, you should at least evaluate your options in regards to protecting your most sensitive data.  After all, your music collection probably won’t mean much to a would-be identity thief.

Even if you choose to keep your local data completely unprotected, you should at very least encrypt backup copies of your data that are sent out to backup services.  While services such as DropBox encrypt the data on their end, it is still vital for you to personally make sure that the data is encrypted by yourself as well.  This eliminates the worry of snooping employees with your backup provider, and can give you a much greater piece of mind.

In this same light, you should be cautious about where you store your backups.  While shared web hosting is relatively inexpensive, you should avoid storing your backups on shared servers at all costs, simply because the shared aspect means that another user on the same server could potentially gain unauthorized access to your data.  Personally, I would recommend looking at services that focus entirely on backups.  Why?  Simply put, companies that focus on backups know that one of the most important factors (asides from the integrity of the data itself) is ensuring that the data is secure.  After all, if the data wasn’t secure on their end, they wouldn’t have any business and could be liable for a great deal of damage.

You’ll also want to ensure that you remove old backups on a regular basis, as keeping a minimal number of copies ultimately reduces your risk of someone stumbling upon your data.

But no matter how secure your backups and personal data are, that security can always be bypassed with your password.  We’ve written a few articles on password security in the past that showed people how secure their passwords were and how they could create more secure ones.  For the sake of this article, I’ll give you a brief recap by saying that your characters should be complex (not just long) and involve letters of both case, symbols, and numbers.  While memorizing all of these passwords may seem like a daunting task, password management solutions suck as LastPass, 1Password, and previously reviewed Passpack make this process even simpler than using one universal password.  Also, your passwords don’t need to be insanely complex, as hacker or identity thief would likely give up and move on to another target once they realized the complexity behind your password.  More importantly, however, having an array of unique passwords ensures that if someone is to compromise one of your accounts, they are limited to that account and that account only.

Knowing who you’re dealing with is another important aspect to look at when evaluating your security.  I’m not going to bore you with the traditional “look for the lock near the address bar” routine, because even though it’s important, I’m sure that you have heard it a hundred times already.  However, using third-party services such as OpenDNS, which allows you to block known identity theft sites and fake login pages, and products like McAfee’s SiteAdvisor allow you to avoid visiting scam sites to begin with.

Last but not least, you should ponder the security of your email account.  As I pointed out the other day, your email account is a gold-mine for an identity thief, as access to your email allows them to reset a great number of passwords on third-party sites.  For this reason, you should not only protect your email, but keep an eye on it as well.  While opened email is usually  a tell-tale sign of an electronic intruder, some services such as Gmail make it easy to view your login history to ensure that you are the only one accessing your account.

All in all, having any weakness in your electronic security could put you at risk for some form of identity theft.  Hackers will try to exploit any weakness they can find, so by making this process more challenging for them, you better your chances of remaining a secure individual online.

Do you have any identity theft prevention tips?  Let us know in the comments!