5 ways to give thieves your personal information
Someone’s bank account was wiped out. A corporate figure’s email account was hijacked and his private email sent to reporters. Theft of personal information is rampant in our technological society. The trade of credit card numbers, social security numbers, and other personal information is a rapidly growing black market. News broadcasts cover it every day, it might have happened to one of your friends or co-workers. Even worse, someone doesn’t have to get just your SSN, mother’s maiden name or your credit card number to make your life rough.
You keep your social security card locked up at home and never write your debit card PIN number down, you’re safe, right? right? Your identity might not get stolen easily, but someone can make your life rough if you make just one of these mistakes.
Five ways to give thieves your personal information
1. Use unsecured wireless networks, at home or away from home
Using a wireless network away from home can be extremely risky. The first thing you need to do, is configure your wireless network settings to prevent the default action of connecting to any available network. This allows you to choose what network to conneect to. Second, you need to configure it to allow only infrastructure networks, and not to connect to ad-hoc networks(computer-to-computer). The simple reason for this is that “enterprising” individuals regularly find an open wireless hotspot and setup their computer to act as an access point. When another computer gets into range, it connects to that “rogue” access point and all of the network traffic from connected computers flows through it. When connecting to a wireless network while traveling, assume that all of your web browsing will be watched by someone else.
Most people know to secure their wireless network in their home. If they don’t know to, they will probably be having someone else install it for them, anyway. Providing some level of encryption, even if it is known to be breakable, is better than not securing your wireless network at all. It will keep over 90% of the bad guys from bothering, they’ll move on to easier targets. That said, here are some tips for securing your wireless network:
- it is preferable to use WPA/WPA2 as an encryption method over WEP, if your hardware supports it. If you don’t understand what these terms mean, have your local computer repair specialists check out your network for you.
- setup MAC address filtering. This allows your wireless network to only accept data from known computers, but it does nothing to keep your trusted computer’s traffic secure. (this alone is not secure, it’s good practice)
- set a password on your wireless access point’s management website. No password or a default password here means someone else can configure it to allow them access to anything.
See the following point for additional email security notes
2. Use public access computers to check your email
Public internet access is a great convenience while traveling or visiting your local library, but in addition to the wireless security topic above, you also have to consider the security of an unknown computer. Unless you are using a secured website (address begins with https://), your username and password for an email client or webmail interface will be sent in plain text from the computer you are using to the email server. This applies when using your own computer above as well, but with public access come the additional threat of keyloggers possibly being installed by a previous user. Keylogging software can be setup many ways, but generally, the software sits in the background recording keystrokes and logging everything typed on the computer.
“Big deal” , you think, someone has my email password. Well if it were that simple, it wouldn’t be too bad, but here’s what happens. Someone captures your email password. They start watching your email using the web interface for days, weeks, months, or years. They don’t change the password, that would alert you. They just watch. They read the password reminder email that ebay sent you. They now have your ebay password too. They make a copy of your tax information returned by your accountant. Now things get complicated. The easiest thing to do is be overly cautious to prevent it from happening.
3. Leave your mail in your mailbox at the road overnight
Electronic email snooping isnt the only way to lose personal information. Here’s the scenario:
You get home late from work and decide to check your mail in the morning, leaving it in the box overnight. The next day you go out and get your mail, opening your favorite magazine on the way into the house. A month later, a credit card company calls asking if you really did buy a new $4000 computer with your new credit card. What new card? A month earlier someone checked your mail for you overnight and took the credit card offer from your mailbox. They signed up for a credit card in your name. Now you have to straighten the mess out.
An additional tip on this topic: Get suspicious if you suddenly stop receiving mail in your mailbox for two or three days straight, when you usually get mail everyday. In the past, crooks have visited local post offices and filled out a change of address form to get peoples mail re-routed to another address that they can more easily monitor.
4. Order something online without checking out the source
First, let me say this. You are more likely to have your credit card information stolen by a waiter/waitress at a restaurant than you are to have it stolen from an online purchase that’s properly completed.
Now, the first thing you need to do before buying online is do an internet search on the company you are buying from. Do they have a laundry list of complaints about them? Are the complaints widespread, or in a single locality? Have they resolved the complaints? Do thorough research using tools like google.com or the BBB.
Second, use common sense. If they ask for more than your credit card and shipping information, be suspicious. Don’t enter your credit card or other personally identifiable information into a website when the session isn’t secure. Here’s how to know your session is secured in Firefox. Your address bar will turn gold and a padlock will appear as seen below.
In Internet Explorer, the bottom right portion of the status bar will display a padlock like this.
The session security prevents data from being easily read when traveling between your computer and the website.
5. Discard your old hard disk without destroying it
Has your computer’s hard disk died? Have you recently purchased a new computer? Your old data is still on the old hard disk. Sending the PC to the scrap heap without erasing and destroying the drive is like throwing your personal information out unshredded. If the PC will be re-used by someone, the best practice would be to use a tool such as DBAN to repeatedly wipe the drive of all data prior to giving the computer away. If the drive has failed, the data is most likely still retrievable with enough effort. Best practice for handling failed disks is crushing/folding them with a small sledge hammer.
Have more mistakes people make with their personal information? Leave them in the comments!
Write a comment
You need to login to post comments!