Getting a scam text or email happens almost daily. I recently got a text saying my bank card (from a bank I don’t use) was used to purchase $935.38 from Amazon, and to cancel the transaction, I should visit www.madeupwebsite/amazonsurvey.
Let’s talk about a few of the red flags. It was from a text number I didn’t recognize. They listed a bank card from a banking institution I don’t use. Amazon has its own website, which they would use, not a third-party website. Plus, the text was meant to create fear or panic (that’s a big dollar amount!) and encourage immediate action (click NOW to cancel).
Knowing these red flags made it easy to delete and report the text. Does this mean my Amazon account was compromised? Not necessarily—it’s more likely the cybercriminal sending the text assume almost everyone has an Amazon account, and they hope someone they send the message to may panic and click quickly, giving personal information to “cancel” the non-existant transaction.
Cybercriminals are always looking for any and all vulnerabilities they can. This example was a text, but attempts to obtain personal information could also be made via email, phone call, social media, or even in person, and the communications cybercriminals use are becoming increasingly sophisticated.
Understanding how to safeguard your personal information is the first step in staying secure online.
Understand what sensitive information is
Sensitive information includes data that, if exposed, could result in identity theft, financial loss, or unauthorized access to your accounts. Common examples are:
- Social Security numbers
- Credit/debit card details
- Bank account information
- Personal identification numbers (PINs)
- Login credentials (usernames and passwords)
Tips for protecting your sensitive information
Use strong, unique passwords.
Explanation: Passwords are your first line of defense online. There’s often a natural tendency to want to create a password you will remember easily. If it’s easy for you to remember, it’s also probably easy to crack. Create complex passwords using a combination of uppercase letters, lowercase letters, numbers, and special characters. Avoid using easily guessable information like birthdays or simple sequences (e.g., “12345”).
Tip: Consider using a password manager (i.e. KeePass) to generate and store strong, different passwords for all your accounts.
Enable two-factor authentication (or multi-factor authentication)
Explanation: Two-factor authentication adds an extra layer of security by requiring a second form of identification, such as a code sent to your phone after you enter your password.
Tip: Use two-factor authentication whenever it is available! It adds a (admittedly, sometimes annoying) step but makes it much harder for hackers to access your accounts, even if they obtain your password.
Be wary of phishing scams.
Explanation: Like the example above, cybercriminals often try to use text messages, emails, or phone calls to trick you into revealing personal information. Be cautious of unsolicited messages that ask for sensitive information.
Tip: Take a deep breath before panic-clicking. Send a separate email or call the sender to verify the email’s authenticity before clicking on links or downloading attachments in an email or text message. If the message wants you to click a link or website – like your bank, go directly to your bank’s website or app in a different browser instead to see if you see similar messaging or transactions.
Keep your software updated.
Explanation: Outdated software often contains security vulnerabilities that cybercriminals exploit.
Tip: Enable automatic updates for your operating system, apps, and antivirus software to ensure you’re protected against the latest threats.
Use encryption.
Explanation: Encryption transforms your data into a code, making it unreadable to unauthorized users.
Tip: Ensure that websites you use for online transactions display “https” in the URL, indicating that they’re using encryption.
Limit the sharing of personal information online.
Explanation: Be cautious about what you share on social media and other online platforms. Avoid posting sensitive information such as your address, phone number, or travel plans.
Tip: Adjust privacy settings on your social media accounts to control who can view your information.
What to do if your information is compromised
- Act Fast: Change your passwords immediately.
- Notify Relevant Parties: Contact your bank or credit card company if your financial information is exposed.
- Monitor: Keep a close eye on your accounts for suspicious activity.
Protecting sensitive information is an ongoing process that requires vigilance and proactive measures. By following these tips, you can greatly reduce the risk of becoming a victim of cybercrime and keep your personal data safe.