More than 140 million U.S. consumers had their personal information – including Social Security numbers – exposed in summer 2017, thanks to a data breach at national credit bureau Equifax. The breach is considered the worst in U.S. history.
It was also a wake-up call. Consumers should take steps to protect their personal information from cyberattacks and data breaches. If they don’t? Thieves could end up with their Social Security numbers, birth dates, addresses and other personal information. They can then use this information to apply for credit cards, take out mortgage loans and run up fraudulent charges in victims’ names.
The bad news? There is no way to completely protect yourself from data breaches. But there are steps that consumers can take to at least reduce the odds that their personal information will fall into the hands of cybercriminals.
Start with Your Credit Reports
It’s important to regularly check your credit reports. You can order one copy of each of your three reports, maintained by the national credit bureaus of Equifax, Experian and TransUnion. You can do this once a year for no charge at AnnualCreditReport.com. Once you get these reports, study them carefully.
The reports will list any open credit card accounts or loans like mortgages and auto loans. If you see credit card accounts on your reports that you never opened, report them to the credit bureaus. A cybercriminal might have opened these accounts in your name.
Alexis Moore, an attorney in California and an expert in cyberstalking and advocate for victims of cybercrimes, said that consumers should create a regular schedule to check their three credit reports. She also recommends that consumers go online to regularly check their accounts and to frequently update their passwords. It’s important, too, for consumers to look over their monthly credit card statements carefully for suspicious purchases.
“If you make it a habit just like you do paying your bills on time or scheduling regular dental cleanings, it becomes much easier to defend and overcome a cyberattack,” Moore said. “It’s when you let things go and just believe that you’re not going to be falling victim; that’s when the trouble starts.”
Freeze Your Credit
Consumers can also freeze their credit. This prevents thieves from opening new accounts in their names. Doing so can be a bit of a hassle. You’ll have to order freezes – you can do this online – from each of the three credit bureaus, with each freeze costing about $10.
If you then want to apply for a new credit card, mortgage or auto loan, you’ll have to temporarily unfreeze your credit so that your lenders can access it. That, too, will cost you about $10, depending on where you live, for each bureau. You’ll then have to pay again when you want to re-freeze your credit.
Still, those costs, and that hassle, is a small price to pay to protect yourself from cyberattacks.
Keep Software Updated
Steve Pritchard, SEO consultant for UK-based mobile phone provider giffgaff, said that people must be more proactive to protect their personal information. This means updating the software on their computers, tablets and phones.
“The more outdated software is, whether this is on your phone, laptop or work computer, the more vulnerable your information is to cyberhackers,” Pritchard said. “This includes paying attention to security updates.”
Security updates are a hassle, of course. No one likes to take the time to update their security software. But Pritchard says that ignoring update requests can cost you in the long run.
“It may seem a hassle at the time, leading you to postpone the reminder alert and update for another day. But it’s less hassle than letting your personal details, information and files fall into the wrong hands,” Pritchard added.
Watch Out for Phishing Attacks
Dr. Richard White, an expert in the fields of cybersecurity infrastructure, remediation and program development – and the author of “Cybercrime: The Madness Behind the Methods” – said that consumers can take several steps to at least reduce the odds that their information will be exposed by a data hack.
Consumers are encouraged to watch out for phishing schemes, cons in which cybercriminals try to trick people into willingly surrendering key personal financial information.
You might receive an e-mail message that looks like it’s coming from Equifax or one of the other national credit bureaus, White said. You might receive a phone call, too. The e-mail or call will ask that you provide personal information to facilitate an update or reverse a pending cancellation of your account.
This is a trick, though. The person sending the e-mail or making the call simply wants your information. White says that you should never volunteer Social Security numbers or account numbers when a company randomly contacts you. Banks, credit card providers, credit bureaus or other companies will never contact you randomly and ask for this kind of sensitive information.
“Tell the caller you will call back the company directly at its published 1-800 number,” White said. “You can ask for a case number or reference number and then call the company yourself. If it’s a reputable caller, he or she will not have a problem with you wanting to protect yourself.”
Be careful, too, of what is known as typo-squatting or URL hijacking. In such cases, you’ll receive an e-mail message directing you to a website or online form that looks like a company’s real site. But White recommends that you look closely. The URL might look similar, but it will be different. The phone number and other minor details will be different, too.
When you log on to these pages, hackers might be able to install viruses on your computer, viruses that could snatch your personal information.
White recommends that you never log on to a site link included in an e-mail that you didn’t request, even if it appears that this message is coming from a legitimate financial or credit company. If you’re wondering whether an e-mail message is legitimate, White says, call the company yourself.
Don’t Share your Personal Information Too Freely
Jack Plaxe, founder of the Security Consulting Alliance, a security consulting firm based in Louisville, Kentucky, said that the unfortunate truth is that consumers can never completely protect themselves from cyberfraud and data breaches.
The smartest move? Consumers should limit the number of companies with which they entrust their personal information.
“We trust businesses to keep our personal and financial information safe and secure, but in the wake of recent large-scale data breaches, it’s clear that this trust is often misplaced,” Plaxe said. “By limiting the number of companies we share our details with, we limit the chances that our information might be compromised in a breach.”
Plaxe also recommends that consumers limit the number of credit cards they use. He says that using cash is the safest way to complete a transaction. He recommends that consumers not open store credit cards, even if they offer discounts and rewards.
Virtual Private Networks
Mike Baker, founder and managing partner at Phoenix-based cybersecurity provider Mosaic451, recommends that consumers set up a virtual private network, or VPN, while browsing the Internet and sending e-mail.
By using a VPN server, you’ll be creating an encrypted connection between your device – your laptop, desktop, phone or tablet – and the server. This means that almost no one will be able to see what you’re doing online. That “almost” is important, though. The VPN company providing your secure connection can see everything you’re doing online. Private VPN companies can then sell your information to advertisers.
But a VPN connection does provide plenty of additional security even with this flaw. This is especially true if you routinely make purchases online.
“A VPN is imperative to protect your personal data if you use credit cards online,” Baker said. “Today, it is far simpler for hackers to access devices and steal your identity through unsecure networks. Victims of a hack attack might not even be aware that their sensitive data has been breached. Hackers prey upon unsecured network connections.”
For example, let’s say you’re using a shared connection on an open Wi-Fi network. You’re sent an update for your computer that looks routine enough. You accept. The moment that connection is made, every bit of information on a computer, from passwords to confidential business information, is now open to a cyberattack, Baker said.
“VPNs offer total privacy to roam the Internet freely without being tracked, monitored or having data collected and stored,” Baker said.
That’s because VPNs are designed to encrypt information before it goes through a network, stopping potential cyberattacks and making online purchases more secure.
The most common way to get a VPN is through a monthly, paid service. Be sure to do your research, though. You don’t want your VPN to sell your information to others, and you don’t want to rely on that if it isn’t properly configured.
What are some things that you do to protect your personal data? Share your tips with fellow readers below!
If so, subscribe now for tips on home, money, and life delivered straight to your inbox.