Imagine waking up one day to find out that your identity has been entirely stolen. Your credit cards have gone wild. Someone has access to your social security number. Your medical records and every piece of information you have online is in someone else's hands. It's a living nightmare.
Criminals who get their hands on valuable information cause horrifying damage. Not only do they steal funds, but they can access your emails and social media. This allows them to send embarrassing or false messages in your name. This can damage your reputation both socially and professionally. Then they can demand a high fee as a ransom to restore your accounts.
Clean up your browser and prevent future scams
It's a horrifying situation, which you can take steps to prevent. There are several things you can and should do to keep secure online in the same way you would offline. Identity theft affects not only your life but also your loved ones. Access to your information opens pathways to access the information of your loved ones as well. Take responsibility:
Identity Theft Begins With An Email Address
Most identity theft begins when a cyber-criminal obtains your email address--not access to your email inbox; only the address itself.
I know what you're thinking. I enter my email address all over the internet... for email subscriptions, online orders, all over the place. What can someone possibly gain from knowing only my email address?
For starters, many websites use email addresses as usernames, leaving only one puzzle piece, the password, left to crack. What's even more alarming is that with only a simple search for your email address online, anyone can learn details on you. For example, your job position, the company you work for, where you live, who you're related to, your criminal record, professional licenses, find social media accounts, and companies you've done business with.
With an Email Address, Cracking a Password is Simple
With all the information available to criminals knowing only your email address, all that's left to start doing major damage is cracking your password. Once your password is cracked, it's game over. If you use the same password on multiple websites, you've saved the criminal a great deal of time in accessing your other accounts. If you use different passwords on each site you use, with access to your email account, the passwords for your other accounts can now be easily reset. Criminals have access to a wealth of tools to quickly and easily figure out your password. Here's how:
Phishing attacks occur when someone deceives another into providing personal information. One of the most common ways that criminals do this is by sending a link while posing as a company you know and use or by sharing content on social media. The link then contains a replica of the login page for the trusted website, but instead of signing you into the site, it sends your login information to the criminal. In many cases, after entering your login information, you're redirected back to the website you intended to visit in the first place, which means that many phishing attacks are never noticed by the victim.
With a quick look at information uncovered with your email address and information found on social media accounts, hackers can learn a number of things about you that you might have included or referenced in your password or in your password recovery/account verification question. These things include your birth date, nickname, family member's names, pet's names, religion, hobbies, and interests. Using keywords pulled from information along with a defined "dictionary" of words, phrases, and common password combinations, criminals can use automated tools to crack the passwords of those who didn't put a lot of thought into choosing a strong password. An alphanumeric password that includes 3 words or less takes no more than 3 seconds to crack using this method. The same holds true if you tried to be savvy by replacing your letter Os with zeros, or Ls with the number 1 and so forth.
Using keywords pulled from information along with a defined "dictionary" of words, phrases, and common password combinations, criminals can use automated tools to crack the passwords of those who didn't put a lot of thought into choosing a strong password
Brute Force Attacks
For those who are savvy enough to avoid using super common passwords or those including birth dates, nicknames, family members' names, pet's names, religion, hobbies, and interests, congratulations! Your password wasn't cracked using the dictionary attack. The next tool that criminals employ is the brute force attack. Using this method, criminals use automated tools to try every possible character combination. This is the attack that even the most online-savvy individuals fall victim to every single day. A password with a length of 9 characters can be cracked in only 2 minutes, 10 characters in 2 hours, and 11 characters in only 6 days.
Clean up your browser and prevent future scams
How can I protect myself?
And there you have it. In only a matter of seconds, minutes, or days, even for the most online savvy individuals, criminals have access to your entire identity and have already locked you out. They have your banking information, social security numbers, open communication with your friends and coworkers who they can now scam posing as you, literally everything you've ever accessed online. With so much information available to criminals, how can one possibly stay safe online? Here's how:
Search for Yourself Online
Do a simple online search for your name, email address, home address, phone number username or any other information others might have about you. You'd be surprised at how much information is readily available to the public. As you review each result, update your privacy settings for any website that you use so that your information is private and reach out to any companies sharing your information to request that they remove it from public listings.
Do a simple online search for your name, email address, home address, phone number username or any other information others might have about you. You'd be surprised at how much information is readily available to the public
Control Who Can Find You on Facebook
By default, when someone searches for your email address or phone number on Facebook, your profile will pop right up. This gives criminals your name, location, and so much more information that they can use against you for their gain. To prevent your profile from appearing when others search for your email address or phone number, follow these instructions from Facebook: How do I control who can look me up on Facebook using my email or mobile phone number?
Set Your Social Media Profiles to Private
Each website provides users with privacy controls. By ensuring that the information that you share isn't available to the public and that you're sharing only with those who you trust, you effectively keep much of your information safe from criminals.
Create Strong Passwords
A strong password contains at least 12 characters and includes both alphanumeric and special characters like exclamation points, periods, dollar signs, or percent symbols. Make sure that you don't use the same password for multiple online accounts. You can check our tips here on creating a memorable yet secure password.
Install Browser Protection
Browser protection is among the cutting edge of online safety technology. Products like Guardio scan each of the websites that you visit and extensions that you add to ensure that they're free of malicious code and scams. They catch things like phishing pages and keyloggers that often go unnoticed, even to the savviest individuals. When a malicious site or extension is found, these products block the offending website or extension and let you know why. They also alert you when a website that you're visiting is still too new to be trusted.
When a malicious site or extension is found, these products block the offending website or extension and let you know why.
Monitor Your Online Accounts for Breaches
The news headlines are full of reports of major websites experiencing data breaches, but only a small number of these breaches are made known to the public. Companies hide breaches every day for fear of the negative attention and loss of business that comes with their breach of customers' trust. Guardio offers account monitoring that can alert you right away if your account information was shared online or on the dark web for criminals to access so that you know to begin taking action to protect yourself right away.