Top 10 Tips to Protect Your Personally Identifiable Information (PII) for Data Privacy Day
Tax season is upon us—and there is nothing more critical than taking steps to protect your personally identifiable information (PII). Last May, cybercriminals used Social Security numbers, birth dates, and other PII to file nearly $50 million in fraudulent tax returns.
But it is not just taxes we need to worry about. Protecting PII is important year round. Every day, criminals harvest personal details to access banking websites, hack loyalty programs, and launch sophisticated phishing and spear-phishing campaigns.
In honor of Data Privacy Day, we’re sharing the top ten ways to protect your PII. Use them to protect yourself, your colleagues, and your family from fraud.
1. Be careful about sharing your social security number.
The next time you are asked to share your Social Security details, stop and think. Is the person requesting your information from a bank, a credit bureau, or some other entity required to report to the IRS? If not, do not share your information. Identity theft relies on a valid Social Security number—the more organizations that have it, the less protected you are. If you are not sure why a bank or organization is requesting your Social Security number, call them and ask.
2. Lock down your social media accounts.
There is an incredible amount of personal information available on social media profiles, including birth date, relationship status, location, schools attended, employment information, and more. Cybercriminals use this information for social engineering purposes: they answer security questions, hack into companies, and launch highly personalized phishing campaigns. Make sure that your Facebook, Twitter, and other social media privacy settings are locked down with two-factor authentication and resist the urge to share private information online.
3. Be wary of public Wi-Fi.
Public Wi-Fi can make traveling easier, but be careful about how you use it. It’s pretty easy for criminals to set up a “free Wi-Fi” network, so before joining, confirm the name and password with the staff of the coffee shop or library. A VPN (virtual private network), which encrypts traffic between your device and the VPN server, is one of the best ways to keep your browsing session private. In addition, force your browser to use HTTPS. You can do this through an extension like HTTPS Everywhere. Finally, make sure you log off any services you were signed into and tell your device to “forget” the Wi-Fi network after you conclude your session.
4. Get creative with security questions.
The best way to keep bad guys from guessing answers to your security questions is to set up answers that you, and you alone, will know. Some sites allow you to customize your security questions. In this case, use a private memory or milestone—a phrase or word that will mean something to you but is not findable online. If you cannot customize your security answer, lie. You will not be denied access if you answer “what is your mother’s maiden name” incorrectly—just be consistent.
5. Use strong passwords.
Strong passwords are essential in protecting your security and identity online. But the characteristics that make passwords strong—twelve characters or more, symbols, numbers, capital letters, etc.—also makes them hard to remember. Here are some tips to help you:
- Use a password generator, like the Norton Identity Safe Password Generator.
- Use a password manager plug-in to handle password capture and replay. Here’s a list to choose from.
6. Browse privately.
While private browsing does not make you entirely anonymous on the internet, it does help protect you online, especially if you are not using your private device. Private browsing deletes cookies, temporary internet files, and browsing history after you close the window. The best way to stay anonymous online is to hide your IP address using a web proxy, a VPN, or Tor, an open network that routes your traffic through a series of servers before sending it to your destination. But remember: it is never a good idea to use public or shared computers to login to sensitive sites like banking and social media.
7. Watch out for phishing scams.
Phishing scams are getting extremely advanced—97% of people around the world cannot identify a sophisticated phishing message. There are some key things to watch out for, however, including analyzing the salutation, being wary of attachments, and identifying embedded URLs. For a complete phishing email checklist, click here.
8. Monitor your credit reports and financial activity.
Review your bank and credit card statements daily for suspicious transactions. Also, scan your credit reports for abnormal activity, such as accounts or credit cards that you did not open along with any unexpected credit checks.
9. Don’t give up your data easily.
10. Install the latest antivirus software.
To protect your computer from viruses, spyware, trojans, and other malicious programs, install the latest antivirus software on your device. There are plenty of free as well as paid versions available from trusted companies. According to PCMag.com’s tests, AVG, and Ad-Aware’s free anti-virus programs scored the highest in their malware cleanup and malware blocking tests. Webroot, Norton, and Kaspersky’s anti-virus products are all good paid options.
While you may feel powerless against cybercriminals, taking steps like these can be extremely effective in protecting yourself against fraud. Have any more tips? Please add them to the comments section below.
For more posts like these, be sure to subscribe to our blog.
About Dennis Dayman
Dennis Dayman has more than 20 years of experience combating spam, security/privacy issues, data governance issues, and improving email delivery through industry policy, ISP relations and technical solutions. As Return Path’s chief privacy and security officer, Dayman leverages his experience and key relationships to provide best practices to Return Path, its customers, and ensures the compliance of their communications data flows. He is also responsible for coordinating and managing Return Path’s international electronic commerce, privacy and Internet related policy issues.