Every year, tens of millions of people are victims of identity theft, the numbers having grown exponentially due to widespread data breaches, internet scams, and malicious apps that record and sell your private data to the highest bidder.
To avoid becoming a statistic requires vigilance, smart internet security habits, and a general idea of how your identity can be stolen. Even if you aren’t a tech guru and the word “hackers” makes you think of flying green text like in The Matrix, you can still protect yourself following some basic, simple steps for managing your personal information online. In this article, we’re going to look at several key methods on how to protect your identity online.
Use anonymous handles: Internet anonymity used to be a real thing. Before social media, hardly anybody used their real name online. For those of us growing up in the 90s, when the internet was a vast unknown wild west, our parents often cautioned us to never tell anyone our real name online. Now we allow all kinds of websites and apps to use our Facebook as a login method. Pretend it’s the 90’s and use screen names when signing up for websites and discussion boards.
Use a VPN on public wifi: While many think VPNs are solely for getting around Netflix geographic restrictions, they actually serve a purpose in protecting your identity online. The most secure VPN will encrypt and tunnel your outbound data to prevent your data from being stolen as it leaves your laptop, for example, which will prevent identity thieves from intercepting your data over a public WiFi. Here is a much better explanation of how VPNs work.
Use private browsing mode: Most browsers offer a private browsing (incognito) mode. Private browsing doesn’t really offer too much privacy protection from your ISP, government surveillance, or hacking attempts, but it doesn’t keep records of your browsing history, form fill information, and no cookies are stored locally on your device. It’s a good method of preventing websites from tracking you, and can prevent your personal information contained in cookies from being leaked by third-party apps, for example.
Don’t store credentials in the browser: it can be tempting to allow your browser to save login information, but it’s really quite unsafe. These passwords are typically saved to database files, which are easily found on your computer. While the database files are encrypted, there are tons of resources and tools for decrypting them.
Check if you’ve been cloned: malicious entities can create clones of your social media page, especially if you leave a lot of your photos open to the public. This is known as cloning scams, as the perpetrators will use these fake accounts to send scam letters and virus attachments to people on your friend list. You can mostly prevent this by restricting your photos and posts to friends only, and searching for yourself once in a while to see if any social media accounts are using your name and photo.
Avoid shopping on public WiFi: even when using a VPN, i would still recommend against shopping or entering any personal information while connected to a public wifi. There are numerous methods of gaining entry into a device over a shared wifi network, and less technical techniques like a criminal using the zoom on their camera to record you typing information.
Use throwaway email accounts: similar to using anonymous handles, you should have a handful of throwaway email accounts you can use for signing up for websites. Think of it this way. The more websites you provide with your email, the more spam you’ll probably receive, which increases the odds of being sent scams and phishing emails. Use your personal email for personal business and use the throwaway accounts for everything else.
Check if you’ve been compromised in data breaches: you can check if any of your emails or passwords have been compromised, such as being found in stolen account lists from leaked data breaches. You can do this on a website like Have I Been Pwned, which was in fact integrated into Firefox browser and 1Pass password manager via API.