PART 1
How to Avoid Identity Theft & Credit Card Fraud Online
See also:
PART 2 – At Home – Avoid Identity Theft by Being Proactive
and PART 3 – What to Do If Your Identity Has Been Stolen?
1) Always use (and keep current) anti-virus software and personal firewall software. These are “no brainers”, and if you do nothing else – then at least use this software. Anti-virus software protects your computer from viruses entering through email or programs you may run. Personal firewall software protects your computer from intruders hacking into your computer through your cable modem or DSL modem. You have to have BOTH types of software, and you must keep them current … which means paying the annual fee the software companies require, and periodically downloading the updates from the web. I personally recommend ESET, as it works extremely well and does not slow down your computer like other anti-virus and firewall programs can:
ESET NOD32 Antivirus, CNET Editors’ Choice 2009
2) When purchasing anything over the web, make sure your transaction is SSL encrypted. This means when you get to the screen where you enter your credit card number (or any other confidential information) – that you see the little lock icon somewhere on your browser and you see that the site has automatically moved you to a SSL URL where it begins with “https”. [See examples on the right.] What this does is encrypt your confidential data so that it is only decipherable by the company whose website you are buying something from.
3) Use different passwords for different websites, and change your passwords every three months or so. Passwords ideally should not be easy to guess – so use at least 8 characters (the longer the password, the better), and mix in numbers with letters. Keep track of your passwords by writing them down, and storing that piece of paper in a very secure location – like in a safe, or a locked desk drawer, or a locked filing cabinet, for example. Same for debit card PINs.
4) Beware of email or website imposters (phishing schemes). Never assume that an email that arrives from your inbox is actually from who or where it claims to be from. “Phishing schemes” typically involve sending you an email from what appears to be your bank – it then tells you that you must click on a link and re-enter personal information … don’t do it! In cases like these, the link sends you to a website that LOOKS like your bank’s website, but is actually on a hacker’s machine somewhere. And if you enter any personal info, then you have just given it to someone who will sell it to others, or use it maliciously. If you think an email IS actually from your bank – instead of clicking on the link in the email, simply enter your bank’s URL into your browser (or use your existing bookmark in your browser’s Favorites pulldown). An even better bet is to call the bank (using the phone number off of your last bank statement) and see what is up. There is no shame in being extra careful – especially these days!
5) Don’t download and run any installable programs from websites you do not trust. If you are visiting a website for the first time – and it prompts you to install a program or anything that says “run” or “install” or “download” … your best bet is NOT to do it. A large percentage of the time, these programs involve some kind of adware or malware or basically something that will harm your computer. If the pop-up gives you no choice – then use your operating system’s task manager to “End Task”. On Windows XP, for example, you’d hit the Ctrl-Alt-Del button … which causes the task manager to pop up … then you hit the “Applications” tab … then you select the task associated with the suspected malware installer … then hit the “End Task” button. And if what I described it too complicated for you – then simply shut down your computer without installing the suspect program. Better safe than sorry!
6) Be careful with your resume online. A lot of people are out of work these days, and many use the various online job sites for posting their resume. Be very careful about how much information you include on such sites – and assume that an identity thief might wind up looking at. So do not put your date of birth or your social security number or your driver’s license number on it. You may also want to limit whether your address can be shown to viewers – some sites allow you to simply display the city and state to resume-viewers.
7) Watch for bogus job offers. Also in the spirit of today’s rough job market – be careful if you get a job offer out of the blue which simply seems to be too good to be true. Of course – after you accept this “too good to be true” job offer, then next thing they’ll ask you for is your social security number, address, mother’s maiden name, etc. … and they’ll say it is for tax purposes. Don’t give your personal information out unless you know the offer is legitimate, and you’ve fully checked them out. There is no harm in being too careful – especially today. I also suggest that you subscribe to Equifax and keep their annual credit reporting and alert service active on yourself. You simply cannot be too careful these days.
8) Be careful on social networking websites like Facebook and MySpace. With respect to any social networking, online dating website, or job website – before you post ANY personal information, ask yourself if you want a hacker or criminal to know this about you. If the answer is NO, then don’t post it. You cannot assume that restricting visibility to “friends” will protect you – it won’t … as hackers can hack right through things like that.
9) Be very careful when using public computers. Anytime you are using a computer that anyone has access to (like in a library or similar), assume that nothing you type on that keyboard is secure … so don’t go to any of your sites that require a password. Simply assume that everything you do on that public computer is being recorded, and then played back by a criminal. It can and does happen – hackers use software that records your every keystroke … and so they gain access to your user name and password, etc. Your best bet is to avoid public computers altogether – but if you cannot, then at least do not enter anything personal or private or secret on those machines.
10) Just like public computers, be careful when using your laptop when connecting up to an unsecured public wireless network … like at the local coffee shop, for example. Sure it is convenient – but wireless eavesdropping is a common hacker technique … so when connected to one of those public networks, don’t do or enter anything on your computer that you don’t want exposed to someone with bad intentions. Better safe than sorry later.
11) Secure your own wireless network. If you run a wireless network at home (which many of us do today), take the extra time to read the documentation – and max-out your security settings on your wireless router. For example, for the wireless router I use, the documentation walks you through these security steps:
– password protect your computer
– change the default network name (the SSID)
– change the default password of the router (to change settings)
– enable MAC address filtering (you specify exactly which computers can access your network)
– enable encryption (at least WEP, or better WPA, WPA2)
Next >>> PART 2: At Home – Avoid Identity Theft by Being Proactive
Everything contained in this three part article represents an opinion of midlifebachelor.com, and our suggestions to you. The contents of these articles is in no way a guarantee that performing the various actions described will insulate or protect you from identity theft nor credit card fraud. Our purpose is simply to better educate you about different options available to help you with situations like those discussed herein.