Identity Theft Blog and Resources

This is Part 2 of a two-part article. Read Part 1 here. It’s impossible to be 100 percent accurate when it comes to predicting future identity theft, scam, and data breach trends. In our previous article, a variety of experts provided their predictions for 2019 identity theft, scam, and data breach trends. Simply knowing what potential trends may take place in 2019 can help you prepare for what lies ahead. Although you won’t be able to completely protect yourself against these threats, you can at least learn how to lessen your risk of becoming a victim. We asked the experts to provide some helpful preventative steps you can follow if you are unsure of what you can do to avoid the potential 2019 identity theft and scam crimes. Here’s what they said. Be cautious with your email “When checking your email, stay suspicious and on alert. Often times a fraudulent email will try to scare you by saying something was stolen or that you’ve won a prize. Rather than clicking on links from your email, just go directly to the actual website and sign in how you normally would. You should also have some form of internet security installed. Norton AntiVirus or McAfee SiteAdvisor are two helpful tools that can prevent disaster in the event you do open a malicious email.” — Brian Gill, CEO of Gillware Data Recovery“The key defense is to remember my motto: trust me, you can't trust anyone. Never click on any link or download any attachment unless you have independently confirmed that the communication was legitimate.” — Steve Wiseman, Professor at Bentley University, Author and Blog Writer for Scamicide Monitor your bank accounts and use strong passwords “In order to protect your personal information you should consistently monitor your bank/email accounts and financial reports. Make sure to report any suspicious incident to the right authority. Don’t hesitate to call the companies involved and to file an identity theft complaint with the FTC. Also, in order to prevent online identity theft, you should use a secure mailbox, strong and unique passwords, set up two-factor authentication for as many online services as possible, a VPN (there are several free solutions you could use) and don’t forget to connect through https over http, especially when you use an online payment service.” — Mihai Corbuleac, Senior IT Consultant at ComputerSupport“Don’t ever share banking information or passwords online. Most companies won’t require this information from you. If you’re unsure about transmitting your information online, do the transaction over the phone with a real person. Make sure you always have an active virus and malware scanner running.” — Ian McClarty, President and CEO of PhoenixNAP Global IT Services“Be sure to change your passwords every six months and use strong password combos with numbers and symbols when possible and at least 12 characters in length so they are difficult to hack. These are some of the most hackable passwords and password combinations: 123456 Password Letmein Qwerty — or mnbvcx (or any keys in sequence on your keyboard) Your initials followed by your age Telephone numbers Pet or kid names Repeating dictionary words, like appleapple or dogdog Passwords that have remained the same since you established an email account. Also, be sure to enable two-factor authentication, or multi-factor authentication on your accounts and devices when it’s available. MFA makes it extremely difficult for hackers to compromise the security of computer networks, because they must infiltrate multiple layers of defense, instead of just decoding one password. If hackers do succeed in guessing a password, they must still breach additional authentication types before they can reach their target. One of the best benefits of using an MFA process is the long-term security it provides due to ensuring only individual account owners can access their login credentials.Consider using a password manager app. Look for a password manager that is cloud-based and stores passwords in a vault in an encrypted form. That way, even when a breach occurs and data is stolen, criminals must break the encryption to see a user’s passwords. This can be nearly impossible with industry-standard encryption like the Advanced Encryption Standard, or AES.Make sure the password manager offers two-factor authentication. 2FA does a good job of allowing only individual account owners access to their login credentials. If hackers do succeed in guessing a password, they must still breach additional authentication steps before they can reach important data. Use a strong master password, but change it every 60 to 90 days.” — Mark Foust, Chief Product Evangelist for Optimal IdMUse encrypted passwords, change your passwords every few months, remove private information about you from the web (when possible), secure your home network, ask your company how they store your private information, and never send private financial information by email. — Johnny Santiago, Brand Partnerships Manager at Social Catfish“Promptly changing the default password on any new Internet of Things devices is important to help protect yourself and making sure your router is up to date with the latest security and privacy settings.” — Wiseman Secure your cell phone account “Specifically for protecting against SIM hijacking or number porting scams, some of the major U.S. cell phone providers have introduced new security features to harden your account. For example, AT&T allows customers to add a passcode to their accounts. This is separate from the password customers use to log into their accounts online and is required to make significant changes to the account. It doesn't prevent bribery working on individual employees, but it does make it much harder to pull off the scam purely via social engineering. You should enable this if the option is available.Finally, having control of number means that hackers can bypass two-factor authentication. So if possible, you should remove your phone number from any account that could interest hackers and use a different form of 2FA such as Google Authenticator or a U2F device like a Google Titan Security Key. Of course, you can still link a type of phone number to those accounts, but I suggest a VoIP number, like a Google Voice number, that is SIM hijack-proof. You must protect this number as well, using a strong password, two-factor authentication on the account, and making sure it doesn’t expire if it's not in use that often.” — Brandon Ackroyd, Mobile Security Expert and Founder of Tiger Mobiles Be careful with your medical information “Any paperwork with sensitive information should be shredded and disposed of properly. If possible, try to maintain record keeping in a digital format, rather than physical. Be wary of any phishing emails who may try to exploit you to gain access to your accounts. Avoid giving out your medical information over email or on the phone, unless you have already signed an authorization to do so. If available, always sign up for multi-factor authentication for online portals, which sends a pin code to your phone as a secondary security measure anytime you are trying to login to your account.” — Adnan Raja, Vice President of Marketing for Atlantic Net Freeze your credit “The tips for protecting our personal information and identities in 2019 are the same as 2018 and earlier. Don’t open email attachments, use common sense, and if it’s too good to be true, it probably isn’t true. A new personal defense over the past couple years might be to contact the major credit reporting agencies and freeze our credit. With our credit frozen, credit reporting agencies can’t report on our credit histories, so nobody can impersonate us to take out credit in our names.” — Greg Scott, Author and Cybersecurity Professional “We also should put a credit freeze on our credit reports at each of the three major credit reporting agencies. Under recent federal law, this can be done now at no cost and is easy to do. In addition, the new federal law also permits credit freezes for children. All parents should do this because child identity theft is now a huge problem. Credit monitoring is also important to do." — Wiseman Pay with cash and don’t let your guard down “Keep yourself safe from skimming by paying with cash whenever possible. If you prefer to use a card, opt for a credit card rather than a debit card, as they come with reliable fraud-protection measures. Review your transactions routinely to identify fraudulent charges as quickly as possible.Be suspicious of phone calls that involve you handing over personal information. If you’re even a little uncertain, hang up, and then call the official number yourself to determine whether the caller was legitimate. If you believe you’ve already fallen victim to identity theft, be sure to freeze your credit reports. This prevents new credit accounts from being opened in your name without your permission.” — Sean Messier, Credit Industry Analyst at Credit Card Insider Be wary of scam phone calls “There are a number of services that can help protect against robocalls, such as Nomorobo which I use personally. In addition, you should never give personal information including credit card information to anyone over the phone whom you have not called. If a call appears to be an emergency requiring personal information from you, you should hang up and call the real institution, such as your bank at a telephone number that you know is legitimate to confirm that the call is a scam.” — Wiseman Invest in your personal and business security “For people/business who want to protect their identity and data in 2019, they should strengthen their passwords with two-step authentication like security questions or pin numbers, secure their network with a VPN, which will encrypt their data in transfer, start saving to the cloud instead of to removable storage like USB drives (which can be easily lost or stolen), update their software when prompted to install ‘patches’ or fixes to detected issues, (and) invest in cyber liability insurance to cover the costs of a hack.” — Keri Lindenmuth, Marketing Manager at The Kyle David Group, LLC The bottom line Key Takeaways: Take these steps to avoid various identity theft and scam crimes  • Be cautious with your email • Monitor your bank accounts and use strong passwords • Secure your cell phone account • Be careful with your medical information • Freeze your credit • Pay with cash and don’t let your guard down • Be wary of scam phone calls • Invest in your personal and business security By following the steps mentioned above and making sure you stay on top of the latest identity theft, scam, and data breach news, you will have a better chance of protecting yourself against these types of crimes in 2019. Additionally, you can look into getting professional identity theft protection services if you want extra help protecting yourself and your loved ones from the many types of identity theft.

This is Part 1 of a two-part article. Read Part 2 here. From 2017 to 2018, the U.S. population experienced an abundance of serious data breaches which traumatized millions of people. Here is a look at a couple of major data breaches that occurred between 2017 and 2018: Although the data breaches listed above affected a large portion of the U.S. population, they are not the only data breaches that took place in 2017 and 2018. According to the Identity Theft Resource Center, there were 1,632 data breaches that occurred in the United States in 2017 and 1,244 data breaches in 2018. Although the number of data breaches recorded in 2018 was less than 2017, the Identity Theft Resource Center’s report provided that “the reported number of consumer records containing sensitive personally identifiable information (PII) jumped significantly” in 2018. In addition to data breaches, millions of people were affected by identity theft and scam crimes that took place in 2017 and 2018. Although there is no absolute way to avoid identity theft, scams, and data breaches, you can lessen your risks if you know what to prepare for. We asked a few experts to predict 2019 scam and identity theft trends. Here’s what they said: Data breaches “In regard to data breaches, things aren't as bad as you think. They are far worse. Personal information stolen through data breaches continues to be a major problem and one that puts people in danger of identity theft for the rest of their lives when the information stolen includes Social Security numbers. Too many entities with insufficient security hold too much personal information and these entities whether they are companies or government agencies have been and continue to be vulnerable targets for hackers. Therefore people must do whatever they can to limit the places that have their personal information. For instance, your doctor may ask for your Social Security number, but he or she does not need it.” — Steve Wiseman, Professor at Bentley University, Author and Blog Writer for Scamicide“We’ll probably see a few more sensational data breach headlines this year, but the truth is, data breaches happen every day, all over the world. Dozens make the news every month, and many more go unreported. I don’t see any difference between 2019 and 2018, other than 2019 will have more than 2018. Ransomware attacks might become even more commonplace because they’re easy to setup and maddening to trace.” — Greg Scott, Author and Cybersecurity Professional “When it comes to identity theft, by far the biggest threat in 2019 comes from large scale data breaches. In what’s become a shocking trend, the occurrence of these massive data breaches has dramatically increased over the past few years. And that trend shows no signs of slowing down, even with the increased awareness surrounding the issue.” — Doug Brennan, Cybersecurity Expert and Digital Addicts Blog Manager Business threats “In 2019, businesses should be on the lookout for threats that are coming from the inside/from their own employees, compared to remote threats from overseas. A majority of data threats are posed by employees who do not have education on cybersecurity. For example, phishing emails are gaining prominence. Some of the biggest hacks have occurred because someone opened an email from a malicious sender.Expect to see businesses investing in more internal security training to teach employees the proper way to create passwords, how to identify phishing emails, how to properly store and delete data, etc.” — Keri Lindenmuth, Marketing Manager at The Kyle David Group, LLC“Even if you keep your home network safe, if your company is hacked (even when you’re only an employee), you are subject to personal identity theft from the information that is stolen. According to the FBI’s IC3’s 2017 Crime Report, out of all types of victim loss reported, the most money lost was through Business Email Compromise and Email Account Compromise. This means that a hacker can break into your company’s data and garnish your social security number, home address, full name, driver’s license number, and more. While this might have been easy to trace in the past, skilled hackers no longer leave a web trail that an expert can easily catch. They take the stolen data to the dark web and sell it to the highest bidder.” — Johnny Santiago, Brand Partnerships Manager at Social Catfish“Organizations need to be prepared for malicious breaches and cyber attacks, many of which are delivered by way of email. Fraudulent emails come in all shapes and sizes, but I’ll share some tips to help anyone easily identify them. If you receive an email where the ‘To’ field is left blank, it’s a clear signal that it didn’t come from the perceived sender. When an email from a company has spelling errors or bad grammar, it should be another warning sign. Large companies have copywriters and editors who make sure email communications are grammatically correct. Also, if the email begins with ‘Hello’ but doesn’t actually state your name, that’s another red flag.” — Brian Gill, CEO of Gillware Data Recovery Identity theft types “Synthetic identity theft is also increasing as a problem. This is where some of your information is joined with information about others or made up information to form a totally synthetic identity.” — Wiseman “Sophisticated identity theft is on the rise. This is a type of fingerless identity theft where hackers can be overseas and steal your information and then sell it remotely from the dark web. They are protected by the privacy veil of the dark internet, where they can sell your information to another hacker who will use it fraudulently and steal from your accounts, max out your credit cards, sell your information to someone who might impersonate you, and put you at risk in your financial world. Victims of identity theft subsequently don’t get hired for jobs that run background or credit checks or even miss out on the ability to purchase a home or rent a property.” — Santiago“Medical identity theft is a rapidly growing problem that will likely get worse before it gets better. This can lead to long-term financial difficulties due to issues with debt collectors and credit issues. Patients can experience problems with their insurance copays and maximums because of fraudulent use. The list of problems goes on and on.” — Adnan Raja, Vice President of Marketing for Atlantic Net“In 2019, cyber-attacks will be more versatile than ever before. People should be aware of the most common types of identity theft as for instance account takeover, mail identity theft, child/senior identity theft etc. However, according to the Federal Trade Commission (FTC), the most popular type of ID theft in 2018, which will probably remain a real threat in 2019 is synthetic identity theft. This type of ID theft combines real and fake personal information to create a new identity using sensitive data such as names, SSNs, and addresses that can be obtained on the dark web. So, if you start to receive phone calls or mail asking about new credit accounts or if you receive mail addressed to a different name, those are signs of synthetic ID theft.” — Mihai Corbuleac, Senior IT Consultant at ComputerSupport Additional scams “Credit card skimming and shimming will likely continue to make local headlines as technology improves. While card skimming is a renowned scam, shimming takes the crime to the next level with specific tech designed to record information from chip-enabled credit cards, which had previously been considered the more secure alternative to cards with magnetic strips.Simplistic phone scams have remained popular, because modern technology enables effortless spoofing of legitimate phone numbers that belong to government agencies and other reputable organizations. Phone scams often use a combination of trust and urgency to convince victims to fork over social security numbers or credit card account information.” — Sean Messier, Credit Industry Analyst at Credit Card Insider“I see sim hijacking causing problems in 2019 if the providers don't clamp down on it. This scam works when criminals call a cell phone carrier’s tech support number pretending to be their target. They inform the call center employee that they have ‘lost’ their SIM card, and need their phone number to be transferred, or ported, to a new SIM card that the hackers themselves already own. This works via social engineering — and maybe with other info they have sourced, be it on the dark web, such as a Social Security Number or home address (this info can be readily available due to the many data breaches that have happened in the last few years)—the criminals convince the employee that they really are whom they claim to be, and the employee ports the phone number to the new SIM card.In some cases, bribery is involved with rogue employees porting numbers against company policy for a fee from the hackers.Once the hacker controls your phone number, they can impersonate you with other service providers, such as with your Instagram or an email provider, by using your phone number to change your password and then also taking control of your email. For example, they can go to gmail.com, type in your email, click on ‘Forgot Password’. Then Google sends a text message verification code to your phone number – which the hacker receives instead of you.” — Brandon Ackroyd, Mobile Security Expert and Founder of Tiger Mobiles“For every correction that companies and the government try to make, a skilled hacker spends his or her time, energy, and expertise undoing those safeguards and working around them. As home networks begin to rely on smart devices like Google Home, Echo by Amazon, or Portal by Facebook, there have been documented errors and hacks. In one situation, Google Home recorded and sent data without consent. In 2018, devices like Google Home, Echo Dot, and Portal became popular. However, 2019 is the year that (next to) everyone will have a home smart device or smart home and hackers are waiting. These devices are revolutionizing the way we live and how much we allow electronics to conform our relationships and security. As more people make their household digital, home security devices will become the most popular items to hack.” — Santiago“Scams originating with phone calls whether robocalls or scammers calling personally are growing as a problem. This problem is magnified by the use of a technique called ‘spoofing’ by which scammers are able to manipulate their victim's Caller ID to make the call appear to be from a legitimate source, such as the IRS. The increasing presence of the Internet of Things in our lives with smart televisions, toys and other devices connected to the Internet provides an opportunity for hackers to get at our computers and our data through these devices for purposes of identity theft or install malware such as ransomware. Spear phishing is getting increasingly sophisticated. Spear phishing is specifically targeted emails and text messages that uses information about us to tailor these messages in a manner that we will trust these communications and click on links or attachments which result in malware being downloaded.” — Wiseman“A despicable tactic that’s gaining popularity with hackers is digital blackmailing. A hacker steals an email list and sends messages that threaten to expose a person engaging in an illegal or unethical act. Some instances of digital blackmail don’t involve lies about web surfing. A hacker can gain access to a webcam and capture intimate pictures and videos. He or she uses the files to extort money from people.” — Ian McClarty, President and CEO of PhoenixNAP Global IT Services The bottom line Overall, you should be on the lookout for several potential identity theft, scam, and data breach trends. Although you may not be able to prevent any of them from taking place in 2019, you can take certain actions to protect yourself. Make sure to see part two of this article series to learn about preventative steps you can take.

Guest Post by Hilary Bird One of the most common fears Americans face is identity theft. Fraudsters can assume your identity and profit financially by stealing information like your social security number, bank account, tax info, and more.   With so many concerns about keeping information secure today, you may be wondering when online identity theft became such a prominent issue and how you can protect yourself against it. Let’s take a look at some of the different examples of online identity theft, including where it’s headed — and what you can do to avoid it. The past: phishing and spyware Malware and viruses have been around almost as long as computers themselves, and once the internet came into being, they had an easy way of jumping from user to user. The creation of email made it easy for thieves to reach out under the guise of other identities (acting as a representative of a bank, for instance) to request personal information from unsuspecting users.   This tactic, called phishing, really gained ground in the mid-1990s. It’s still around today, though as digital literacy has increased, most users know now that businesses won’t solicit personal information via email.   Another ’90s-era method for stealing personal info is spyware, a type of program designed to (as the name suggests) spy on its victims, often giving the sender access to personal info. The present: data breaches and social media Modern technology has made it easier than ever for hackers to steal identities. Rather than dumpster diving for personal information or scamming people over the phone, hackers can easily acquire millions of identities online at once, just by cracking the right database.   More than 16 million people were victims of identity theft in 2017 — more than ever before. This is in large part due to severe data breaches to companies like Marriott and Facebook. Even when hackers gain access to just usernames and passwords, this information can lead to other more lucrative accounts being compromised as well.   Social media is another prime source for thieves to snag personal information. Social media users volunteer information like names, birthdays, locations, interests, and more, all of which thieves can use for malicious purposes. The future: how identity theft will evolve As long as we’re conducting online transactions with personal info, the identity theft threats of the past will still be present; data breaches aren’t going away anytime soon.   The new frontier for identity theft is closer than you might think: the smart home. As homeowners bring more devices online, they open up new venues for thieves to steal private information.   Attacks against smart home tech have already begun, across all protocols. And as more devices enter the market — rolling out in more homes and businesses — that risk is likely to grow. The fight against identity theft As tech advances, hackers will find new ways to data mine, but that doesn’t mean you should be living in fear.   Hackers may be getting more tech-savvy, but so is the tech used to fight them. Encryption software is more advanced than ever, making it easy to protect your information online. And as companies increase protection, you can put your mind at ease. Especially since banks and credit companies are likely to have your back if fraud does occur.   While many security measures are out of your hands and up to the companies we trust with our information, you can do several things to protect yourself against identity theft.   1. Shop only on secure websites. E-commerce websites can be easy targets for identity theft, so be sure to shop on safe, reliable sites only, especially during the holidays when online transactions are typically at a peak.   2. Create strong passwords. Using personal details like birthdays and names of family members in your passwords exposes you to a higher risk of identity theft. It might seem like an inconvenience, but including a variety of characters and numbers can protect you in the long run. Invest in a password manager if needed.   3. Update your devices’ security offerings. Any device that can connect to the internet is a potential weak point, but tech manufacturers are often quick to patch vulnerabilities. You just have to keep the devices updated to take advantage of advancing security.   4. Monitor your credit. You could be a victim of identity theft for months before noticing anything fishy. Check your credit score often and keep an eye on bank and credit card statements.   Whether you’ve experienced identity theft or not, it’s important to be prepared. By taking advantage of technology and keeping your information secure, you can navigate digital spaces and smart tech wisely and, more importantly, safely. Hilary Bird is a digital journalist who writes about the things that fascinate her the most: relationships, technology, and how they impact each other. As more people become more reliant on their tech devices, Hilary wants to help them stay safe and understand how these devices will reshape the way we communicate.

Guest Post by CreditRepair.com Recently, high profile hacks have left millions of people exposed to identity theft. Companies entrusted with personal customer data such as financial information, home addresses, and even social security numbers have all failed to protect that data, and most of it has ended up in the hands of shady characters.   The list below gives you some insight on the magnitude of the problem in this current digital age:  Target, 2013: 110 million customers had their personal and financial information exposed when Target was hacked in December 2013. Yahoo, 2013-14: 3 billion user accounts were compromised when this massive search engine was hacked in 2013-14. Names, email addresses, security questions, and birth dates were all compromised. Equifax, 2017: When this mammoth credit bureau was hacked in 2017, personal information including Social Security Numbers, addresses, birth dates, and even drivers' license numbers were compromised. Home Depot, 2014: About 50 million customers had their credit card data compromised when this breach occurred back in 2014. The list goes on and on with some of the biggest brand names such as eBay, Facebook, and even Uber joining the ranks. Client information, both personal and financial, was left exposed and vulnerable to unscrupulous hackers, some of whom have no qualms using that data for identity theft.   There is no denying that identity theft is a clear and present danger. In fact, an Identity Fraud Study conducted by Javelin Strategy & Research in 2017 found that 16.7 million people in the United States alone suffered from some form of identity theft in that year. There is no question that our personal and financial information is vulnerable and anyone can fall victim to identity theft. What are the consequences of identity theft? Having your identity stolen is not only an inconvenience, but also potentially devastating to your credit rating and health. Identity thieves are primarily after your credit cards. That, however, is not the only thing they are after. Once they get their hands on your credit card information, they can use that data as they please.   Often, people go on a shopping spree at your expense, and you may not be aware until you get your next credit card statement showing that you apparently bought a speedboat in Hawaii.   Credit repair companies estimate that people who have fallen victim to identity theft spend up to 600 hours struggling to restore their stolen identities. Then comes the long and harrowing process of trying to repair their damaged credit.   Here is a small list of the things an identity thief can do in your name: Apply for other credit cards Apply for jobs Open bank accounts File bogus tax returns Lease apartments Get a passport and even a driver’s license Apply for a mortgage Buy or finance a car They will effectively become a digital version of you but with little regard for what happens to your good name in the long run. That is why you need to protect yourself against identity theft at all costs. What can you do to stop identity theft? Everyday activities such as sharing your phone numbers with acquaintances, writing down your home or email address, and even turning on your cellphone "location" setting can open the door to identity thieves.   Sophisticated individuals can use this information to access sensitive data such as your credit card numbers, medical records, bank accounts, and tax returns, all because you innocently and unwittingly shared your personal information with someone online.   Vigilance is one of the best ways to protect yourself against identity theft. Be careful about where and how you share your personal information: Do not list your phone numbers on social media platforms Do not open links from unsolicited or unfamiliar emails Do not use your credit card on websites that seem unsafe However, no matter how careful you are, certain things outside of your control, such as the high-profile hacks we mentioned earlier, could happen. Even a trusted company could get hacked and expose you to identity theft.   It is worth going the extra mile to protect our identities. This often calls for "Identity Theft Monitoring," a proactive method to stay aware of any changes in your identity profile or credit. You could either do this yourself, or you could pay a company that specializes in identity theft monitoring to do it for you. Should you get identity theft protection and monitoring? The simple answer to this question is YES! The only question here is whether you should pay for identity theft monitoring.   Free identity theft monitoring options such as the IdentityTheft.gov exist; however, in most cases, paid options tend to offer you much more protection.   The free identity theft monitoring option offered by the government allows you to report an identity breach through the website. They provide detailed guidelines  on how you can recover your stolen identity.   While that kind of information and help can come in great handy during your time of need, it is not exactly the kind of proactive protection that you need. Most paid options come with the following features: Free credit reports Monitoring for unauthorized use of your Social Security Number Limited identity theft insurance Monthly credit scores Some of the best-paid services even go as far as monitoring the dark web where most of these stolen identities will be sold or traded. Pros and cons of paid identity theft monitoring services Many of the best and most proactive identity theft monitoring companies charge a monthly fee, but is this service worth paying for?   Here are some of the advantages and disadvantages of paying for identity theft monitoring services: Pros You are offered constant monitoring of your personal and financial information. You have options (packages) to choose from. Some even cover the entire family. Some companies offer you reimbursement for whatever you lose if your identity is stolen while under their care. Many have identity theft insurance that is limited to $1 million. Strict terms and conditions always apply. You will be offered assistance navigating the complicated terrain that comes with trying to regain your stolen identity. Most, if not all, companies offer you a money-back guarantee in case you are not satisfied with the services offered. You will always have a professional on call when you need answers about your identity theft concerns. The best advantage is peace of mind. You will sleep easy knowing that professionals are working to ensure your identity is protected. If it does happen, they will do everything in their power to minimize the damage caused as well as help you regain your identity.   Cons You will incur a recurring cost. Most companies charge anywhere from $10-$30 per month, or even more depending on the package you choose. There are many terms and conditions involved. Read the fine print very carefully to ensure that you are not being sold hot air You are not exactly protected from everything or every form of identity theft What you need to know is that identity theft monitoring services on their own cannot shield you from everything. No matter how comprehensive the coverage you choose, some instances call for your own vigilance.   What they can do, however, is give you a head start when it comes to being aware of suspicious activity. These alerts go a long way in protecting your identity.   Although there are no guarantees, getting identity theft protection and monitoring is one way to be vigilant about your identity — a rather comprehensive and sophisticated way.  

This is part three of our holiday shopping security article series Part one and part two of this article series pointed out that holiday shoppers who fail to secure their personal information are often easy targets for identity thieves. Unfortunately, most people don't even realize they are victims until it's too late as criminals can do significant damage very quickly when they get their hands on sensitive data and information. We asked the experts to discuss the signs of compromised data and identity, what holiday shoppers should do once they know these signs, and what they can do to protect their identities. Signs of compromised data and identity Dr. William Rials, Associate Director and Professor of Applied Computing and Technology at Tulane University School of Professional Advancement "One of the best and immediate signs is unknown charges or withdrawals that you did not make showing up on your statement. During the holiday season, it is essential to keep a close look at all of your financial statements. Don’t wait until the end of the month to reconcile your accounts during the financial season. The more often you monitor and verify all charges and withdrawals the better chance you have at stopping identity theft. Also, check your credit report for any suspicious accounts that have been recently opened without your knowledge." Rials said that "the first step is to immediately change all passwords for all internet sites including email accounts, retail store websites, and especially financial institutions such as your credit card and online banking websites." He also suggests you do the following actions if you find out that your identity has been compromised: Visit identitytheft.gov to report your identity theft to the Federal Trade Commission and get a recovery plan in action. Contact the businesses where you know the fraud has occurred. Attempt to contact the fraud department at the retailer. Contact your banks, credit card companies, and other financial institutions. Contact the top credit bureaus and inform them of your fraud alert: Expereian.com/fraudalert: 1-888-397-3742, TransUnion.com/fraud: 1-800-680-7289, Equifax.com/CreditReportAssistance: 1-888-766-0008 "It is recommended to stay vigilant concerning identity theft beyond the holiday season. Invest in a credit monitoring service and identity theft insurance." Steve Weisman, Scam, Identity Theft Expert, and Owner of Scamicide.com "Indications that you have become a victim of identity theft during the holiday season include charges you didn't make turning up in your bill which is a reason that you should regularly check your credit card statement online rather than wait for a monthly bill to be sent to you. The earlier you become aware of a problem, the easier it is to fix it." Steven Hausman, President of Hausman Technology Presentations "There are many potential signs that your identity might have been compromised, including the following: When you check your credit card bill at the end of the month (and you must check your bill in detail each month) some charges might show up that you did not make. You do not receive bills that you would ordinarily expect to receive. This might mean that a thief has taken over your billing address. You might be rejected for credit. You might receive mail from the Internal Revenue Service because someone requested documentation online from the IRS but was unable to get it because of their security protocol. In that case, the IRS might send it to your address of record by mail. In addition, it is possible that your electronically-filed tax return is rejected. The latter circumstance might be due to the fact that a criminal has already filed a fraudulent tax return in your name in the hopes of obtaining a refund. Similarly, you might receive a tax refund that you did not request because the fraudulent refund request was mailed to your address of record by the IRS. If you have an employer and someone had stolen your Social Security number they may attempt to file for unemployment benefits in your name. In such a case your current employer may notify you that this has occurred. You may see sudden large changes in your credit score. While some people think this is a good thing, it may be that criminals are trying to open credit card accounts in your name. There may be a number of small charges on your credit card statement for a few dollars each. This may because criminals are testing to see if the credit card number that has stolen from you is still valid and active." Doug Brennan, Manager of the Digital Addicts Blog "If you notice any suspicious charges on your bank account, this could be a sign that your identity (and/or credit card information) has been stolen. While this can happen to anyone at any time, the holiday season is an especially vulnerable time. So, keep an eye on your bank account this holiday season, and if you notice any suspicious charges, don’t hesitate to report them to your bank." The bottom line Overall, identity theft and other cybercrime can be difficult to notice right away and recover from. Identity thieves and cyber criminals are continually trying new tactics to get their hands on your identity and other important personal information. Once they get what they want, they can ruin your life in a matter of minutes. This holiday shopping season, you might want to consider doing research on where you are going to shop, who you plan to give your information to, what payment methods you will be using, and what precautions you are going to take to avoid having your identity stolen. After all, it only takes the purchase of a single holiday gift to compromise your identity and ruin your holiday cheer.

This is part two of our holiday shopping security article series The holidays are just around the corner which means hundreds of thousands of people are starting to check off their holiday shopping lists. As mentioned in part one of this series, the sheer amount of easy-target holiday shoppers tend to draw out ruthless identity thieves and cyber criminals. To help holiday shoppers arm themselves against cyber- and identity-related threats, we asked some experts to provide advice regarding holiday shopping security. In-store shopping Dr. William Rials, Associate Director and Professor of Applied Computing and Technology at Tulane University School of Professional Advancement "Avoid connecting to the store’s public Wi-Fi. During busy holiday criminals will use public Wi-Fi to scan potential victims. Also, many criminals will deploy fake Wi-Fi hotspots that offer free internet but are actually used to steal your personal information. It is challenging to spot the malicious Wi-Fi hotspots; use your cellular internet if you are not in a trusted and secure Wi-Fi zone. Standard safety measures for in-store also apply for online shopping. The best recommendation is to use retailers that are well-known and have a positive reputation. Take a minute to view their website and make sure that they have actual contact information listed.   Avoid paying for merchandise by credit/debit cards when shopping at the unknown pop-up retailers that only show up during the holiday season; try paying cash instead.   Avoid the temptation to save X% on your purchase if you apply for their store-specific credit card that day only. If the credit decision has to be made in haste or quickly, it could be to gain access to your personal information, especially from an unknown retailer."   Tom Kelly, President and CEO of ID Experts   "When braving the stores for holiday deals, it's important shoppers hide their pin numbers from view and, if possible, use a credit card or cash to be extra cautious. Missing mail, inaccurate notices of debts, and bounced checks are all signs of identity theft. Identity protection services like MyIDCare are an essential tool to combat scams because they notify members the instant suspicious activity occurs on their accounts that could suggest their identity has been stolen."   Steve Weisman, Scam, Identity Theft Expert, and Owner of Scamicide.com "When shopping in a brick and mortar store, try to go to stores that use the more secure chip credit cards rather than those that still use the magnetic stripe. The chip cards are much more secure. Shopping in stores that still use the magnetic stripe credit cards leaves you in danger of a rogue employee taking your credit card and swiping it through a small skimmer to steal the information from your card to use for their own purchases. Keep your card in sight whenever you make a purchase to avoid this problem." Victor Congionti, CEO of Proven Data "When shopping in-store, thieves use skimmer technology to steal your credit card numbers via the transaction terminal. Inspect where you are inserting your card and make sure there is nothing suspicious about the device." Steven Hausman, President of Hausman Technology Presentations "When shopping in a brick and mortar store, then it is advisable to never let your credit card be out of your sight and your physical possession. Swipe the card yourself or use one of the contactless payment methods like Samsung Pay, Apple Pay, Google Pay, Fitbit Pay, and the like. This means that you will not even have to take your credit card out of your wallet since you will be using your smartphone for payment.   Use cash or credit to shop instead of debit. Credit cards provide protection against fraud by legislation. If someone steals your debit card number they can obtain cash immediately from your bank account, and there is not the same level of protection against fraud.   Resist the temptation to open a new credit card account at a retailer simply to obtain a discount on a purchase because you may be asked to provide a Social Security number that can be copied down by the sales associate and used to steal your identity.   Check where you’re being asked to insert your credit card since a 'skimmer' may be attached that would steal your credit card and PIN information."

This is part one of our holiday shopping security series It's the time of year when people start making both online and in-store purchases for their loved ones. When holiday deals appear, most people enjoy indulging the spirit of giving. Unfortunately, many identity thieves and cybercriminals don't feel the same spirit and often target holiday shoppers. search Highlight: Poll results show the importance of security  According to a recent poll conducted by Branded Research, 7 out of 10 U.S. consumers said that identity theft protection and cybersecurity are important to them when they do online holiday shopping. Director of Insights at Branded Research, Kristen Miles, explained that "women are slightly more likely than men to say that identity theft protection and cybersecurity are very important to them when online holiday shopping. And older consumers over the age of 45 are more likely than consumers under the age of 44 to say that identity theft protection and cybersecurity are important to them when online holiday shopping."   The real tragedy is that there are still many holiday shoppers who fail to take the precautions to keep their identities safe, which, unfortunately, makes them easy targets. You may be pleased with how much you save on holiday gifts, but you may not even realize just how much you've sacrificed when it comes to personal security. Although online shopping may be safer this year in regards to your health, it could be riskier for your identity and personal information.  As our gift to you, we worked with a few identity theft and cybersecurity experts and created a list of security tips that can help you stay safe online this holiday shopping season.   We’ll discuss the following:  What to do before you shop What to do while you shop online What to do after you shop online Online Shopping Security Checklist Download and use the online shopping security checklist above to make sure you shop safely this holiday season! Download Now It’s no surprise that the world continues to gravitate online for holiday shopping, especially during these pandemic-ridden times. Below are a few preparatory steps you should take before you start your online shopping adventure this holiday season.  Make sure your devices are secure  When you’re gearing up for your online shopping session, it’s important that you make sure to secure your computer and mobile devices.   Dr. William Rials, an Associate Director and Professor of Applied Computing and Technology at Tulane University School of Professional Advancement explains that “using an unpatched computer to shop online is an easy way for cyber criminals to exploit your information.”  Rials also strongly advises “to keep the operating system, software, and apps updated and patched on all of your computers and mobile devices that you use with retailers.”  When it comes to additional protection, Rials suggests that you purchase and use up-to-date antivirus software. Although you might not like the idea of buying extra protective software, it can act as a strong defensive system against innumerable cyber criminals who prey on holiday shoppers.  Do not use public Wi-Fi or computers  If you are thinking about making your online holiday purchases while using public Wi-Fi or a public computer, you might want to think again.  Rials warns to “not use public computers or public wireless internet access for your online shopping.” He explains that “public computers and public wireless networks are not safe (because) they may contain malware and viruses.”  When it comes to making financial purchases online, using your own personal devices and making sure your Wi-Fi connection is secure can make all the difference in your fight against identity theft, scams, and online fraud.  Determine your payment method  It’s important that you determine which payment method you will use before you start buying fun holiday gifts and trinkets online.  Why? It’s an added security step. A data breach can occur regardless of what website you use. Basically, the payment method you choose for your online holiday shopping could help prevent your financial information from being compromised and misused. Rials advises consumers to use a credit card instead of a debit card when making purchases online. He says “your safety is increased when you shop online and in-store by using a credit card rather than a debit card.”  He explains that “debit cards do not have the same consumer protections as credit cards. Credit cards are protected by the Fair Credit Billing Act and may limit your liability if your information was stolen or misused.”  If you are planning on using the credit card payment method, you may want to consider using one credit card for all of your purchases. After all, if that one credit card gets compromised, it will be easier to spot on one credit card statement and easier to handle, since it won’t affect all of your other accounts.  If you don’t have a credit card or don’t want to use a credit card to make online holiday purchases, there are some other options out there.  Doug Brennan, manager of the Digital Addicts blog, a publication that focuses on technology and security, advises consumers to consider using a third-party payment service instead of using traditional payment methods.  He says that “many popular online stores allow you to pay via Paypal or Apple Pay, both of which are great alternatives to entering your credit card information. And with all the data breaches that have happened over the past few years, you can never be too safe with your sensitive information." Learn about scams and trends "Online holiday shoppers have to be more careful than ever to protect themselves from cyber attacks. Shoppers must be wary of unusual requests for payment when shopping during the holidays,” explains Tom Kelly, President and CEO of ID Experts, a well-known consumer privacy platform. Countless scams can occur online from sale scams to fraudulent websites, and more new scams keep popping up. It can be difficult to keep track of scams, but not impossible. To stay up-to-date on the latest scams, you can utilize news sites, check the social media updates from well-known scam and identity theft experts, and visit resource websites like the Identity Theft Resource Center.  Kelly warns that “Black Friday and Cyber Monday scams often try to lure shoppers to look-alike retail websites and then trick them into entering private information or downloading malware onto their computer.”  Clearly, it’s important that you know what scams are out there and that you know what to do to make sure the websites you want to shop from are safe. Check out the next step to see how you can identify the legitimacy of a website before it’s too late.  Check website legitimacy  When online shopping, it can be easy to be catfished by websites, especially if you don’t know what to look for.  Victor Congionti, CEO of Proven Data, a global IT services company says that it’s important to "...always be on the lookout for fraudulent websites that are designed to imitate a major retailer website.”  He explains that “these counterfeit websites are created by bad actors and hackers to trick people into 'shopping' on their website. Digital thieves then use your login credentials or credit card information to make other purchases or compromise your identity further.”  So, what can online shoppers like you do to make sure the website you are shopping on is legitimate?  Congionti suggests following these steps:  Check the URL on the website page to see if it has an official security tag (HTTPS). An HTTPS tag is a sign that the website uses high-grade encryption. Check the details on the website. Focus on the images, logos, language, and text. If something seems off, do not use that website.  In addition to Cognionti’s steps, you can also try looking at the company’s social media presence and read reviews to verify legitimacy.  Steve Weisman, Scam and Identity Theft Expert, suggests that you use websites that you are familiar with, especially if you are making large purchases. After all, using websites that you have used more than once in the past may not eliminate the chance of scams or fraud, but it can reduce your risk of falling victim to a fake website scam.  He adds that you shouldn’t “trust a website to be legitimate merely because it turns up high in a search engine search. Sophisticated scammers are adept at manipulating the algorithms used by search engines to rank websites to place their phony websites high in a search engine search." Now that you know what steps to take to prep yourself for online shopping, it’s time to know what to do as you look for the perfect gift.  Below are a few steps you should take while you shop online this holiday season.  Avoid clicking on Pop-Ups  If you’ve ever shopped online, you probably have noticed that many websites have advertisement pop-up windows that catch your attention.  Although they may look harmless, some pop-ups are scam-driven which is why Rials advises to not click on pop-ups, even if they are advertising attractive holiday sales.  He explains “when a window pops up promising you cash or gift cards for answering a question or taking a survey or even offering a great deal, these could be social engineering attempts designed to convince you to open malware or click on a malicious link.”  He adds that “often, it is challenging to close these windows with your mouse because criminals will disguise the close button 'X'  to appear normal, but it is actually a malicious link containing malware software code with nefarious intent.”  report_problem Attention: Although it is best to avoid pop-up windows altogether, there are chances that you might end up clicking on one.   To close a pop-up window, you can try the following steps:   Press Control + F4 (for a Windows computer). Press Command + W (for a Mac). Avoid using auto-save options  Auto-saving passwords and other personal information can be tempting, especially if you know you’re going to return to a website more than a few times. Unfortunately, auto-saving can be risky.  Rials explains that “the convenience of not having to reenter the information is insignificant compared to the significant amount of time you’ll spend trying to repair the loss of your stolen personal information.”  It may be a pain to manually enter your information every time you want to make an online purchase, but it might save you plenty of headache and frustration down the road.  When it comes to passwords, you can consider using a secure password management service like Lastpass. Generally, password managers are more secure than auto-save options. Even if you do use a password manager, you should still create strong passwords. Password managers may be more secure than auto-save options, but creating strong passwords and password habits adds an extra layer of security.  Use strong passwords  To create strong passwords, Rials says to follow these steps: Always use more than 10 total characters Use upper case letters, lower case letters, numbers, and special characters Establish a strong password for each online shopping account Use a password manager like LastPass, Dashlane, KeePass, 1Password, KeePass, EnPass, or others He emphasizes to “avoid the temptation of using the same password at every online store. It may be convenient, but your online safety vastly increases when you use a separate and unique password for each account.”  Rials explains that “if one online store experiences a cybersecurity breach in which your password is compromised, using the same password between accounts from different online stores makes it quick and easy for criminals to exploit you and your information. Echoing Rials, like auto-save options, reusing your password might be more convenient, but it can lead to a long line of security issues and complications.  Read also: Family Security Audit: How to Secure Your Passwords and 10 Expert Tips to Help You with Password Management As you finish making your online purchases, it’s important to remember that all of the steps listed above cannot guarantee the protection of your identity and personal information online.  Listed below are a few steps you can take that can help you stay on top of your online security after you finish your holiday shopping.  Save receipts and vendor emails  Many online websites send receipts and email updates once a purchase has been made. It’s important to keep these emails and receipts in case of the event that the website you purchased from is involved in fraudulent activity that affects you later on.  Keeping a record of the receipt and emails can help with an investigation if a scam or fraud situation occurs. So, before you clear out your inbox, you may want to think twice about deleting emails from your latest online shopping spree.  Check your credit card statements If you used a credit card to pay for your online purchases, it’s important that you keep a close eye on your credit card statements after you use the card.  When you regularly check your credit card statements, you’ll be able to see if there are any purchases that show up that you know you didn’t make.  Jonathan Gossels, President of SystemExperts™ Corporation, an IT compliance and cybersecurity consulting services provider, agrees with Rials’ earlier statement that using one credit card can make it “much easier to recognize any fraudulent charges”.  He explains that using one credit card makes things less complicated because you only have to check the credit card statement for the one card you used.  Be ready to report theft  If you do start noticing that your information has been stolen, it’s important that you take action and report the theft immediately.  report_problem Attention: There are a few ways you can report an identity theft crime.   To report identity theft, you can:   Visit the official IdentityTheft.gov website and fill out a form that describes your theft situation. Call 1-877-438-4338 and explain the theft. If the theft involves your credit card, make sure to also contact your credit card provider and let them know. Additionally, you may want to consider adding a credit/security freeze to your credit report. Additional Protection  When it comes to identity theft, you can never be too careful. Shopping online is risky, especially if you aren’t aware of common online scams and other threats.  Although following the steps above can help you avoid becoming a victim, they can’t guarantee your safety. That’s why it can be a good idea to hire a professional identity theft protection service like Complete ID or IdentityIQ.  Although identity theft protection services may cost you some money each month, the security you can receive from these services can save you from a massive headache of a situation as well as hundreds to thousands of dollars.  Additional Identity Theft Protection Check out top-rated identity theft protection services and see what each has to offer here. Learn More

Newegg, a computer hardware and electronics retailer, has been the victim of a mass data breach. Security firms RiskIQ and Volexity conducted an investigation regarding the breach and released their reports and findings on Sept. 19, 2018. According to the security firms, the Newegg data breach was most likely performed by Magecart group, the same group that conducted the Ticketmaster data breach and possibly the same group that was behind the recent British Airways security hack. Security research shows that Newegg was breached from Aug. 14 to Sept. 18 of 2018. During the time that the breach took place, hackers had "injected 15 lines of card skimming code on the online retailer's payments page," according to TechCrunch. Newegg has a significantly large customer base with over 50 million monthly site visitors. Due to its mass customer base and business value, it's no wonder why the company was targeted by cybercriminals. Unfortunately, customers who have provided credit card information to the company in the past are now at risk. It is currently unknown as to how much information the hackers were able to obtain or how much customer credit card information has been stolen. According to The Verge, Newegg CEO Danny Lee sent out an email to all Newegg customers explaining the company's data breach, as well as how the company is investigating what happened and working on recovery solutions. The email stated that Newegg will be alerting customers who have been affected by the breach in coming days. It also noted that the company will publish an official FAQ regarding the data breach on Friday, Sept. 21, and will make sure all customers receive a link to that FAQ. Customers who have provided credit card information to the company are being encouraged to contact their banks and be on the lookout for more company information. Although falling victim to a data breach can sometimes be out of your control, it's important to do all you can to focus on your personal security to best avoid becoming a target of identity theft or another cybercrime. Consider looking into professional identity theft protection services, obtaining antivirus and other protective software for your personal devices, and doing your own research to determine what security practices you should be focusing on.

Businesses and employees are often major targets of identity theft and cybercrime. And there are three reasons why. When it comes to cybercrime, businesses are easy targets. They typically hold a massive amount of both employee and consumer data as well as banking and partner information. If a hacker can breach a company's system and can get their hands on the data the company is storing, then they have the potential to not only put the company out of business, but also cause major damage. A good amount of damage can also come from business identity theft. According to businessidtheft.org, "...business identity theft involves the actual impersonation of the business itself. It can occur through the theft or misuse of key business identifiers and credentials, manipulation or falsification of business filings and records, and other related criminal activities intended to derive illicit gain to the detriment of the victimized business; and, to defraud creditors and suppliers, financial institutions, the business' owners and officers, unsuspecting consumers, and even the government." Lastly, business employees are regular targets of identity theft because they often lack security training, have personal information to steal, and they often know company passwords and other vital company information that can also be stolen. Cyber criminals and identity theft criminals can target employees via email, websites, and even phone calls. So, what should you do to protect both your identity and the company's identity while working? We asked a few identity theft and cybersecurity experts to give some tips. Here's what they said. Keep an eye on emails "Be mindful of calls, emails, or texts asking details about your workplace, or your personal life. Some try to fake HR divisions of employers or management companies such as ADP payroll or WageWorks for other benefits; always ensure the numbers and email correspondences match the official website and have 'https' as the URL prefix." — Dennis Chow, CISO of SCIS Security   "Phishing and the more specifically tailored spear phishing are the most common ways that malware that can lead to identity theft is downloaded. Learning to recognize spear phishing emails, using security software intended to screen out phishing emails (although the software is far from perfect) and refraining from clicking on any links unless they have been confirmed to be legitimate are crucial steps in protecting yourself from identity theft. In addition, people should consider limiting the personal information that they make available through social media which can provide information to be used to fashion spear phishing emails." — Steve Weisman, Identity Theft and Scam Expert   "Report any suspicious emails to your company's IT or Cybersecurity team. The team will be able to confirm the phishing attempt and prevent any additional attempts from that email." — Cameron Williams, Co-founder and CTO of OverWatchID   Don't skip out on training "Get security training. Often, employers provide education about security vulnerabilities, like e-mail phishing, ransomware programs, and social engineering." — Mike Brengs, Managing Partner of Optimal IdM   "Staff should be trained on identifying and disposing of phishing emails. Never click on links or attachments in unsolicited emails, always double check the sender's email address — not just their display name — and never give anyone private information over email." — Paul Bischoff, Privacy Advocate at Comparitech.com   Be careful when giving out information "Use secure methods of communication when having to transmit sensitive or confidential details to your workplace office such as encrypting your documents with a password, and then giving the password over a separate medium such as text or phone (do not use passwords that you use for yourself)." — Dennis Chow   "Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person's authority to have the information. Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email. Don't send sensitive information over the Internet before checking a website's security." — Mike Brengs   “The first step is to know your rights as an employee. Depending on where you live, you may be protected from granting your employer access to your social media accounts, for example. Employers are also limited as to what information they can request as part of a background check. Employees in the US are generally protected by law from wiretapping and other communication monitoring while at work without consent." — Paul Bischoff   Pay attention to passwords "Create the best passwords that are hacker-proof but easy to remember. Bonus if there's a trick to making a different password for different accounts but a way to remember them all. The best passwords contain at least 12 characters. Mix up the letters, numbers, and symbols as much as possible. For example, consider using a $ instead of an S or a * instead of a vowel. The newest trend in password safety is the use of password phrases. Instead of simply using a word with a mixture of letters, numbers, and symbols, use a relatively long phrase but one you can remember." — Justin Lavelle, Chief Communications Director of BeenVerified   "Password Maintenance. By password maintenance, I mean, regularly updating your passwords across your life (accounts, phones, etc.) with a minimum of yearly review. Most users I run across use the same password across all of their portals, which is scary because using the same password now becomes a threat vector to the workplace and can compromise the employer too. Password managers can help with this. As a security professional, I prefer 1Password because I can control the database across my devices and no other entities have access to it, for a one-time/lifetime fee where many password managers have subscriptions etc. I also get asked what is a good best practice/industry standard for passwords and I mention 8-64 character length with complexity and the use of password managers." — Derek Iannelli-Smith, vCIO and Founder of Outsourced CIO, LLC   Be smart with security questions "Use nonsensical answers for security questions. Common security questions have answers that can be readily found online by a determined identity thief; however, there is no rule that requires you to use your mother's actual maiden name as the answer to the security question as to what is your mother's maiden name. Instead, you can use something nonsensical like 'firetruck' which is silly enough to remember and will never be found by an identity thief." — Steve Weisman   "If you’re answering security questions on a website, social media account, etc.—never simply answer a question with one word that can be easily hacked. If you’re asked for the name of your first pet and the pet’s name is 'Ben', instead of simply typing 'Ben,' make it harder to crack by using 'B*n#1.' This would take a tremendous effort for decoding." — Justin Lavelle   Get the right protection "Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic. Take advantage of any anti-phishing features offered by your email client and web browser." — Mike Brengs   "Whatever cloud service you are using, enable threat protection. Because I am an Office 365 fan, many of the products and feature of the subscription, accommodate 2FA, Password maintenance, and policies that can be pushed down an organization based upon industry standard templates (PHI, PII, PCI DSS, HIPAA, GDPR, etc.). These policies can be pushed throughout the entire ecosystem (OneDrive, Email, Azure, etc.)." — Derek Iannelli-Smith   "Install a good firewall and anti-virus software, enforce a strong password policy and limits on who has access to your systems." — Justin Lavelle   "Use ad blockers to prevent malware from being downloaded merely by employees going to infected sites." — Steve Weisman   Key Takeaways: Protect your identity in the workplace with these steps • Keep an eye on emails • Don't skip out on training • Be careful when giving out information • Pay attention to passwords • Be smart with security questions • Get the right protection Regardless of where you work, you should always strive to secure both your information and your employer's information. Identify theft is an advancing crime and continues to be a major threat to employees and businesses alike. It's highly recommended that you follow the tips above and do your own research on avoiding identity theft in and out of the workplace.

Identity theft is an ever-growing threat that has sparked worry around the world. From individuals to businesses and organizations, identity theft has affected more people than you'd probably imagine. Although you cannot keep identity theft from ruining people's lives, you can lessen the chances of you and your loved ones becoming identity theft victims by doing your research, keeping up with data breach and identity theft trends, and taking the proper precautions. How much do you know about identity theft? Take the quiz below to find out: Powered by