Keeping Your Personal Information Secure

Certain personal records are a gold mine for cyber-criminals and identity thieves.  Highly targeted personal information include your medical records, tax information, social security number, driver’s license, and even odd bits such as utility bills, and retail or airline loyalty rewards points.  Any of this information can be sold on the Dark Web, or used directly to get free health care, false tax refunds, merchandise, or airline tickets.

The first thing you can do to protect yourself from this sort of data loss is don’t create the information in the first place.  When filling out web forms, only fill in the mandatory fields.  Another good tip is to destroy old information that has no useful purpose or is outdated.  If it is deleted, it cannot be stolen, either.  Do not become an information hoarder.

  • If you find you cannot file taxes because they have already been filed, your tax refund has probably been stolen.  File your taxes as early as possible, to beat possible tax refund fraudsters and identity thieves to the punch.
    • See if you can qualify for an IRS IP PIN.  An IP PIN is a six-digit number assigned to eligible taxpayers that helps prevent the misuse of their Social Security number on fraudulent federal income tax returns.  This will prevent new tax fraud.  Unfortunately, to get one, you have to be a victim first.
    • We have seen an up-tick in spear-phishing campaigns where emails originate from compromised emails accounts of company officers.  The target is these campaigns are the HR department.  The requested information are the W-2 records of the employees.  This is used by tax fraudsters to file for multiple refunds.  If you work in Human Resources, you need to be looking for this type of attack.
  • Medical records are protected by your medical providers, under HIPAA regulations.  Hopefully, this is enough, because there is not much more that we can do as individuals.
  • Do not carry your Social Security card, or share your Social Security Number unnecessarily.
  • Utility bills are sometimes used to prove residency or in place of formal identity cards like a Driver’s License.  Use a shredder on any bills or documents that contain personal information before disposal.
  • You might want to keep an eye on any loyalty programs your are enrolled in.  These points have become a popular target for thieves, too.

In our next post, we will discuss the importance of protecting your professional information.

0

About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Senior Cybersecurity Engineer at Computer Integration Technologies, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment