Your Personally Identifiable Information (PII) is one of the top targets of cyber-criminals. This information is valuable because it can be used for identity, fraud, tax refund fraud, loans and credit card applications, money transfers, phishing and spam campaigns, blackmail and extortion, fraudulent medical insurance claims, online shopping, and so much more. This information is packaged and sold on the Dark Web, and often comes from data breaches such as the Equifax breach of the credit history information almost everyone.
How can you protect your information? Unfortunately there is not a lot you can do to prevent data loss from companies such as Equifax, but there are things you can do to protect yourself. The FTC recently came out with tips to help you defend against cyber-attacks.
- Limit information sharing, and be careful with your personal information on social networks. Sharing travel information online is one of my pet peaves. (“Here we are at DisneyWorld, please steal my stuff back at home.”) Be especially careful with Social Security number and drivers license numbers.
- Secure your online accounts with longer, stronger passwords and two factor authentication. Top targets are email accounts, Facebook, Twitter, and LinkedIn accounts, your Google, Microsoft, or Apple accounts, and online shopping accounts such as Amazon.
- Watch out for free and open WiFi networks. If you do not need a passcode to connect, your session can be captured in plain text and read.
- Secure your phone by setting it up to lock automatically. Use a six-digit or longer passcode to unlock it. Update your phone promptly, this is how the manufacturer and cell phone provider patch security vulnerabilities.
- Secure your computer with anti-malware software and keep it updated. Most people will be adequately protected by Microsoft’s pre-installed Windows Defender product.
These tips are easily implemented and should help protect your information.
ShareNOV
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com