IDENTITY THEFT IS EVERYONE’S PROBLEM
WAYS YOU CAN PROTECT YOUR DATA
BE STRATEGIC WITH USERNAMES/PASSWORDS
- Create passwords that are long and strong, using 8-12 characters, upper- and lowercase letters, numbers, and symbols.
- Use a unique password for each account to prevent a quick and invasive attack on all of your accounts, known as credential replay.
- Change your password often. (General rule of thumb: Change passwords every 90 days.)
- Where available, request a security token for two-factor authentication when accessing your accounts.
- Use information that can be easily found about you online or otherwise.
- Share passwords with others.
- Store your passwords online.
- Use any part of your Social Security number, birth date, or other personal data when creating passwords.
- Use wireless networks you trust and know are protected.
- Be cautious when using public computers.
- Ensure you are downloading legitimate apps from trusted publishers.
- Be aware that secure websites start with https, not http.
- Be sure to log out completely (which terminates access) when exiting all websites to prevent cybercriminals from obtaining your personal information.
- Consider purchasing a personal Wi-Fi hot spot.
- Hover over questionable links to reveal the true destination before clicking.
- Use public computers to access confidential information or accounts, or to perform financial transactions.
- Click on websites you don’t know or on pop-up ads or banners.
PROTECT YOUR MONEY
- Review your credit card, cell phone, and financial statements as soon as they are available.
- Contact your financial institution if you see anything suspicious on your statements.
- Help us protect your information and assets by following our guidelines for identification verification and procedures for transferring funds.
- Opt for voice authentication as an added layer of protection when available.
- Send your personal identifiable information or account information via unsecure channels like email, chat, or text.
- Respond to requests for personal information from a unsolicited email or from an unsolicited incoming phone call.
LIMIT WHAT YOU SHARE ONLINE
- Be very selective about the information you choose to share on social media and with whom you choose to share it.
- Keep your personal information private (home address, phone number, and birthdate).
- Set privacy and security settings on web services and devices to your comfort level for sharing.
- Configure your online accounts with two-factor authentication where available.
- Post personal information about family and friends online.
SAFEGUARD EMAIL ACCOUNTS
- Exercise caution when reviewing unsolicited email.
- Obtain secure storage programs to archive sensitive, private data, and documents instead of storing emails.
- Create separate email accounts specifically for financial transactions.
- Delete all emails that include financial information.
- Cautiously evaluate the risk versus convenience of transferring confidential information by email
- Do not click on the links or pop-up ads in unsolicited emails, as these links may pass on viruses.
KEEP YOUR EQUIPMENT UP-TO-DATE
- Install the most up-to-date antivirus and anti-spyware software on all devices that connect to the Internet (e.g., PCs, laptops, tablets, smartphones)
- Set each device to run regular scans to update software.
- Ensure you’ve installed the latest versions of your software and your patches are up to date.
- Make sure your networking equipment and computers are all still supported by the manufacturer.
- Recycle, exchange, or dispose of your old mobile device safely by:
- backing up your data.
- performing a secure erase (factory reset) or have the device vendor wipe your device.
- removing SIM and SD cards from your cell phone – transfer to new phone or destroy.
- Don’t purchase any networking devices secondhand.
- Forget to set up a passcode or PIN and auto-lock on your mobile devices.
- Use free or found USB drives, as they typically are infected with malware.
- Go to StaySafeOnline.org and review the STOP. THINK. CONNECT.™ cybersecurity educational campaign
- Visit OnGuardOnline.gov, also a part of the STOP.THINK. CONNECT.™ campaign, that focuses on online security for kids and includes a blog on current cyber trends.
- Visit https://www.fbi.gov/scams-safety/fraud to learn more about common fraud schemes
To Report a Cybercrime:
- Forward suspicious emails to: [email protected]
- Visit www.identitytheft.gov to report identity theft and to get a recovery plan
- Go to FTC.gov for additional consumer resources and to report identity theft
- http://www.ic3.gov/default.aspx is another website where you can file cybercrime complaints