Keeping Your Personal Information Secure

Certain personal records are a gold mine for cyber-criminals and identity thieves.  Highly targeted personal information include your medical records, tax information, social security number, driver’s license, and even odd bits such as utility bills, and retail or airline loyalty rewards points.  Any of this information can be sold on the Dark Web, or used directly to get free health care, false tax refunds, merchandise, or airline tickets.

The first thing you can do to protect yourself from this sort of data loss is don’t create the information in the first place.  When filling out web forms, only fill in the mandatory fields.  Another good tip is to destroy old information that has no useful purpose or is outdated.  If it is deleted, it cannot be stolen, either.  Do not become an information hoarder.

  • If you find you cannot file taxes because they have already been filed, your tax refund has probably been stolen.  File your taxes as early as possible, to beat possible tax refund fraudsters and identity thieves to the punch.
    • See if you can qualify for an IRS IP PIN.  An IP PIN is a six-digit number assigned to eligible taxpayers that helps prevent the misuse of their Social Security number on fraudulent federal income tax returns.  This will prevent new tax fraud.  Unfortunately, to get one, you have to be a victim first.
    • We have seen an up-tick in spear-phishing campaigns where emails originate from compromised emails accounts of company officers.  The target is these campaigns are the HR department.  The requested information are the W-2 records of the employees.  This is used by tax fraudsters to file for multiple refunds.  If you work in Human Resources, you need to be looking for this type of attack.
  • Medical records are protected by your medical providers, under HIPAA regulations.  Hopefully, this is enough, because there is not much more that we can do as individuals.
  • Do not carry your Social Security card, or share your Social Security Number unnecessarily.
  • Utility bills are sometimes used to prove residency or in place of formal identity cards like a Driver’s License.  Use a shredder on any bills or documents that contain personal information before disposal.
  • You might want to keep an eye on any loyalty programs your are enrolled in.  These points have become a popular target for thieves, too.

In our next post, we will discuss the importance of protecting your professional information.


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.