This is Part 2 of a two-part article. Read Part 1 here.
It’s impossible to be 100 percent accurate when it comes to predicting future identity theft, scam, and data breach trends. In our previous article, a variety of experts provided their predictions for 2019 identity theft, scam, and data breach trends. Simply knowing what potential trends may take place in 2019 can help you prepare for what lies ahead. Although you won’t be able to completely protect yourself against these threats, you can at least learn how to lessen your risk of becoming a victim.
We asked the experts to provide some helpful preventative steps you can follow if you are unsure of what you can do to avoid the potential 2019 identity theft and scam crimes.
Here’s what they said.
Be cautious with your email
“When checking your email, stay suspicious and on alert. Often times a fraudulent email will try to scare you by saying something was stolen or that you’ve won a prize. Rather than clicking on links from your email, just go directly to the actual website and sign in how you normally would. You should also have some form of internet security installed. Norton AntiVirus or McAfee SiteAdvisor are two helpful tools that can prevent disaster in the event you do open a malicious email.” — Brian Gill, CEO of Gillware Data Recovery
“The key defense is to remember my motto: trust me, you can't trust anyone. Never click on any link or download any attachment unless you have independently confirmed that the communication was legitimate.” — Steve Wiseman, Professor at Bentley University, Author and Blog Writer for Scamicide
Monitor your bank accounts and use strong passwords
“In order to protect your personal information you should consistently monitor your bank/email accounts and financial reports. Make sure to report any suspicious incident to the right authority. Don’t hesitate to call the companies involved and to file an identity theft complaint with the FTC. Also, in order to prevent online identity theft, you should use a secure mailbox, strong and unique passwords, set up two-factor authentication for as many online services as possible, a VPN (there are several free solutions you could use) and don’t forget to connect through https over http, especially when you use an online payment service.” — Mihai Corbuleac, Senior IT Consultant at ComputerSupport
“Don’t ever share banking information or passwords online. Most companies won’t require this information from you. If you’re unsure about transmitting your information online, do the transaction over the phone with a real person. Make sure you always have an active virus and malware scanner running.” — Ian McClarty, President and CEO of PhoenixNAP Global IT Services
“Be sure to change your passwords every six months and use strong password combos with numbers and symbols when possible and at least 12 characters in length so they are difficult to hack. These are some of the most hackable passwords and password combinations:
- Qwerty — or mnbvcx (or any keys in sequence on your keyboard)
- Your initials followed by your age
- Telephone numbers
- Pet or kid names
- Repeating dictionary words, like appleapple or dogdog
- Passwords that have remained the same since you established an email account.
Also, be sure to enable two-factor authentication, or multi-factor authentication on your accounts and devices when it’s available. MFA makes it extremely difficult for hackers to compromise the security of computer networks, because they must infiltrate multiple layers of defense, instead of just decoding one password. If hackers do succeed in guessing a password, they must still breach additional authentication types before they can reach their target. One of the best benefits of using an MFA process is the long-term security it provides due to ensuring only individual account owners can access their login credentials.
Consider using a password manager app. Look for a password manager that is cloud-based and stores passwords in a vault in an encrypted form. That way, even when a breach occurs and data is stolen, criminals must break the encryption to see a user’s passwords. This can be nearly impossible with industry-standard encryption like the Advanced Encryption Standard, or AES.
Make sure the password manager offers two-factor authentication. 2FA does a good job of allowing only individual account owners access to their login credentials. If hackers do succeed in guessing a password, they must still breach additional authentication steps before they can reach important data. Use a strong master password, but change it every 60 to 90 days.” — Mark Foust, Chief Product Evangelist for Optimal IdM
Use encrypted passwords, change your passwords every few months, remove private information about you from the web (when possible), secure your home network, ask your company how they store your private information, and never send private financial information by email. — Johnny Santiago, Brand Partnerships Manager at Social Catfish
“Promptly changing the default password on any new Internet of Things devices is important to help protect yourself and making sure your router is up to date with the latest security and privacy settings.” — Wiseman
Secure your cell phone account
“Specifically for protecting against SIM hijacking or number porting scams, some of the major U.S. cell phone providers have introduced new security features to harden your account. For example, AT&T allows customers to add a passcode to their accounts. This is separate from the password customers use to log into their accounts online and is required to make significant changes to the account. It doesn't prevent bribery working on individual employees, but it does make it much harder to pull off the scam purely via social engineering. You should enable this if the option is available.
Finally, having control of number means that hackers can bypass two-factor authentication. So if possible, you should remove your phone number from any account that could interest hackers and use a different form of 2FA such as Google Authenticator or a U2F device like a Google Titan Security Key. Of course, you can still link a type of phone number to those accounts, but I suggest a VoIP number, like a Google Voice number, that is SIM hijack-proof. You must protect this number as well, using a strong password, two-factor authentication on the account, and making sure it doesn’t expire if it's not in use that often.” — Brandon Ackroyd, Mobile Security Expert and Founder of Tiger Mobiles
Be careful with your medical information
“Any paperwork with sensitive information should be shredded and disposed of properly. If possible, try to maintain record keeping in a digital format, rather than physical. Be wary of any phishing emails who may try to exploit you to gain access to your accounts. Avoid giving out your medical information over email or on the phone, unless you have already signed an authorization to do so. If available, always sign up for multi-factor authentication for online portals, which sends a pin code to your phone as a secondary security measure anytime you are trying to login to your account.” — Adnan Raja, Vice President of Marketing for Atlantic Net
Freeze your credit
“The tips for protecting our personal information and identities in 2019 are the same as 2018 and earlier. Don’t open email attachments, use common sense, and if it’s too good to be true, it probably isn’t true. A new personal defense over the past couple years might be to contact the major credit reporting agencies and freeze our credit. With our credit frozen, credit reporting agencies can’t report on our credit histories, so nobody can impersonate us to take out credit in our names.” — Greg Scott, Author and Cybersecurity Professional
“We also should put a credit freeze on our credit reports at each of the three major credit reporting agencies. Under recent federal law, this can be done now at no cost and is easy to do. In addition, the new federal law also permits credit freezes for children. All parents should do this because child identity theft is now a huge problem. Credit monitoring is also important to do." — Wiseman
Pay with cash and don’t let your guard down
“Keep yourself safe from skimming by paying with cash whenever possible. If you prefer to use a card, opt for a credit card rather than a debit card, as they come with reliable fraud-protection measures. Review your transactions routinely to identify fraudulent charges as quickly as possible.
Be suspicious of phone calls that involve you handing over personal information. If you’re even a little uncertain, hang up, and then call the official number yourself to determine whether the caller was legitimate.
If you believe you’ve already fallen victim to identity theft, be sure to freeze your credit reports. This prevents new credit accounts from being opened in your name without your permission.” — Sean Messier, Credit Industry Analyst at Credit Card Insider
Be wary of scam phone calls
“There are a number of services that can help protect against robocalls, such as Nomorobo which I use personally. In addition, you should never give personal information including credit card information to anyone over the phone whom you have not called. If a call appears to be an emergency requiring personal information from you, you should hang up and call the real institution, such as your bank at a telephone number that you know is legitimate to confirm that the call is a scam.” — Wiseman
Invest in your personal and business security
“For people/business who want to protect their identity and data in 2019, they should strengthen their passwords with two-step authentication like security questions or pin numbers, secure their network with a VPN, which will encrypt their data in transfer, start saving to the cloud instead of to removable storage like USB drives (which can be easily lost or stolen), update their software when prompted to install ‘patches’ or fixes to detected issues, (and) invest in cyber liability insurance to cover the costs of a hack.” — Keri Lindenmuth, Marketing Manager at The Kyle David Group, LLC
The bottom line
Key Takeaways: Take these steps to avoid various identity theft and scam crimes
• Be cautious with your email
• Monitor your bank accounts and use strong passwords
• Secure your cell phone account
• Be careful with your medical information
• Freeze your credit
• Pay with cash and don’t let your guard down
• Be wary of scam phone calls
• Invest in your personal and business security
By following the steps mentioned above and making sure you stay on top of the latest identity theft, scam, and data breach news, you will have a better chance of protecting yourself against these types of crimes in 2019. Additionally, you can look into getting professional identity theft protection services if you want extra help protecting yourself and your loved ones from the many types of identity theft.