How to Protect Yourself Against Identity Theft on the Internet

Protecting Your Digital Self

Imagine waking up one day to find out that your identity has been entirely stolen. Your credit cards have gone wild. Someone has access to your social security number. Your medical records and every piece of information you have online is in someone else's hands. It's a living nightmare.

Criminals who get their hands on valuable information cause horrifying damage. Not only do they steal funds, but they can access your emails and social media. This allows them to send embarrassing or false messages in your name. This can damage your reputation both socially and professionally. Then they can demand a high fee as a ransom to restore your accounts.

It's a horrifying situation, which you can take steps to prevent. There are several things you can and should do to keep secure online in the same way you would offline. Identity theft affects not only your life but also your loved ones. Access to your information opens pathways to access the information of your loved ones as well.

The FTC reported over 5.7 million total fraud and identity theft cases

In this article, we explore the alarming world of online identity theft. We'll look at how the simple act of sharing your email address can open the gateway to all kinds of security threats, from phishing attacks to hacking attempts. We’ll give you some practical steps to protect your digital presence, from conducting personal online searches to setting robust privacy controls on social media. In addition, we'll share tips on how to safeguard yourself against identity theft and how security software like Guardio can provide that crucial layer of protection. Let’s dive in!

{{component-cta-custom}}

Identity Theft Begins With An Email Address

Most identity theft begins when a cyber-criminal obtains your email address--not access to your email inbox; only the address itself.

I know what you're thinking. I enter my email address all over the internet... for email subscriptions, online orders, all over the place. What can someone possibly gain from knowing only my email address?

For starters, many websites use email addresses as usernames, leaving only one puzzle piece, the password, left to crack. What's even more alarming is that with only a simple search for your email address online, anyone can learn details on you. For example, your job position, the company you work for, where you live, who you're related to, your criminal record, professional licenses, find social media accounts, and companies you've done business with.

With an Email Address, Cracking a Password is Simple

With all the information available to criminals knowing only your email address, all that's left to start doing major damage is cracking your password. Once your password is cracked, it's game over. If you use the same password on multiple websites, you've saved the criminal a great deal of time in accessing your other accounts. If you use different passwords on each site you use, with access to your email account, the passwords for your other accounts can now be easily reset. Criminals have access to a wealth of tools to quickly and easily figure out your password. Here's how:

Phishing Attacks

Phishing attacks occur when someone deceives another into providing personal information. One of the most common ways that criminals do this is by sending a link while posing as a company you know and use or by sharing content on social media. The link then contains a replica of the login page for the trusted website, but instead of signing you into the site, it sends your login information to the criminal. In many cases, after entering your login information, you're redirected back to the website you intended to visit in the first place, which means that many phishing attacks are never noticed by the victim.

Dictionary Attacks

With a quick look at information uncovered with your email address and information found on social media accounts, hackers can learn a number of things about you that you might have included or referenced in your password or in your password recovery/account verification question. These things include your birth date, nickname, family member's names, pet's names, religion, hobbies, and interests. Using keywords pulled from information along with a defined "dictionary" of words, phrases, and common password combinations, criminals can use automated tools to crack the passwords of those who didn't put a lot of thought into choosing a strong password. An alphanumeric password that includes 3 words or less takes no more than 3 seconds to crack using this method. The same holds true if you tried to be savvy by replacing your letter Os with zeros, or Ls with the number 1 and so forth.

Using keywords pulled from information along with a defined "dictionary" of words, phrases, and common password combinations, criminals can use automated tools to crack the passwords of those who didn't put a lot of thought into choosing a strong password

Brute Force Attacks

For those who are savvy enough to avoid using super common passwords or those including birth dates, nicknames, family members' names, pet's names, religion, hobbies, and interests, congratulations! Your password wasn't cracked using the dictionary attack. The next tool that criminals employ is the brute force attack. Using this method, criminals use automated tools to try every possible character combination. This is the attack that even the most online-savvy individuals fall victim to every single day. A password with a length of 9 characters can be cracked in only 2 minutes, 10 characters in 2 hours, and 11 characters in only 6 days.

{{component-cta-custom}}

How can I protect myself?

And there you have it. In only a matter of seconds, minutes, or days, even for the most online savvy individuals, criminals have access to your entire identity and have already locked you out. They have your banking information, social security numbers, open communication with your friends and coworkers who they can now scam posing as you, literally everything you've ever accessed online. With so much information available to criminals, how can one possibly stay safe online? Here's how:

Search for Yourself Online

Do a simple online search for your name, email address, home address, phone number username or any other information others might have about you. You'd be surprised at how much information is readily available to the public. As you review each result, update your privacy settings for any website that you use so that your information is private and reach out to any companies sharing your information to request that they remove it from public listings.

Do a simple online search for your name, email address, home address, phone number username or any other information others might have about you. You'd be surprised at how much information is readily available to the public

Control Who Can Find You on Facebook

By default, when someone searches for your email address or phone number on Facebook, your profile will pop right up. This gives criminals your name, location, and so much more information that they can use against you for their gain. To prevent your profile from appearing when others search for your email address or phone number, follow these instructions.

Set Your Social Media Profiles to Private

Each website provides users with privacy controls. By ensuring that the information that you share isn't available to the public and that you're sharing only with those who you trust, you effectively keep much of your information safe from criminals.

Create Strong Passwords

A strong password contains at least 12 characters and includes both alphanumeric and special characters like exclamation points, periods, dollar signs, or percent symbols. Make sure that you don't use the same password for multiple online accounts. You can check our tips here on creating a memorable yet secure password.

Install Browser Protection

Browser protection is among the cutting edge of online safety technology. Products like Guardio scan each of the websites that you visit and extensions that you add to ensure that they're free of malicious code and scams. They catch things like phishing pages and keyloggers that often go unnoticed, even to the savviest individuals. When a malicious site or extension is found, these products block the offending website or extension and let you know why. They also alert you when a website that you're visiting is still too new to be trusted.

When a malicious site or extension is found, these products block the offending website or extension and let you know why.

Monitor Your Online Accounts for Breaches

The news headlines are full of reports of major websites experiencing data breaches, but only a small number of these breaches are made known to the public. Companies hide breaches every day for fear of the negative attention and loss of business that comes with their breach of customers' trust. Guardio offers account monitoring that can alert you right away if your account information was shared online or on the dark web for criminals to access so that you know to begin taking action to protect yourself right away.

{{component-cta-custom}}