Skip to content
  • Print
return to Privacy and Identity Management

Actions to take Online

AVOID EMAIL SCAMS

Email scams, often referred to as "Phishing," are designed to steal money or sensitive personal information by deception or by infecting your computer with malware. Typically, the scams involve an email that appears to be from a trusted or familiar source. The scams may be enticing - asking you to claim money that belongs to you - or alarming - indicating that there is a problem with your account.

Legitimate businesses will rarely make requests for personal information via email. If you get such a request, you should assume it's a scam until you are able to confirm otherwise. Call the institution that made the request using the Customer Service number found on the organization's website.

Do NOT click links, or download or open attachments, unless you know the sender and are certain that they are safe.

USE STRONG PASSWORDS

A good password is often your first line of defense against an identity thief. In general, longer is better and you should avoid predictable words, phrases, or short series of digits.

A combination of letters and numbers combines with random punctuation is encouraged. Be sure to vary your passwords across websites and services. If a password is stolen in one businesses' breach, it can easily be used to access your other accounts.

CONSIDER TWO-FACTOR AUTHENTICATION

Two-factor authentication adds an extra step to the login procedures for many common web-based services, creating an additional layer of security. Two-factor authentication generally requires two of the following three types of credentials before you can acces your account:

  • Something you know, like a password or PIN

  • Something you have, like an ATM card or your phone

  • Something you are, like a fingerprint or voice print

MAKE SECURITY QUESTIONS DIFFICULT

Many websites use security questions like "What is your mother's maiden name?" or "On what street did you grow up?" to help verify account ownership for password recovery. In order to prevetn an identity thief from gaining access to your account via password recovery, it helps to make the answers to those questions more difficult.

When deciding which question to choose, or which answer to give, keep in mind the following characteristics of good questions and answers.

  • A good answer is memorable. If you can't remember the answer, the question is of no help to you.

  • A good answer is consistent. Don't choose a question and answer that may change over time, like "What is the name of your pet?"

  • A goos answer is safe. It should not be something that is easily guessed or can be researched.

UPDATE YOUR COMPUTER

Make sure your computer is protected by anti-virus software, along with anti-spyware software and a firewall. Anti-virus software detects, prevents, and removes malicious computer viruses. Anti-spyware software prevents hackers from gaining access to your system adn gathering personal information from it. A firewall provides an additional line of defense against hackers, viruses, and other malicious computer attacks.

Keep anti-virus software, as well as your operating system, browsers, and security, up-to-date. This helps prevent identity thieves from gaining access to your computer and the personal information you store or share on it.

USE WI-FI CAREFULLY

When connecting to any network, be aware if the network is public or private. Never share any personal information over a public network. Be sure your home network is password protected, using a strong password different from the factory default that came with your router.

CHOOSE SECURE WEBSITES

Even if you are shopping at home, you should confirm that the sites you are using are collecting your private and personal information via a secure connection. Different web browsers use different icons to show a site is secure, so familiarize yourself with your browser settings. A good rule to keep in mind is that secure sites will typically have "https" at the beginning of their URL, instead of the more standard "http."

READ PRIVACY POLICIES

Privacy policies are long, boring, and easier to ignore than read but they do contain all the information about what data a website is collecting from you and how they will use it. It is a good idea to understand these details before you begin sharing your personal information online, especially for sites that you use often ot that collect much of your personal information. Keep the following questions in mond when reviewing privacy policies:

  • What information is collected?

  • How is that information collected?

  • Does the site use cookies or other tracking technology?

  • Why is the information collected?

  • How will the information be used?

  • Who will have access to the information?

  • Can I opt out of providing this information?

  • How do I review. change, or update my information?

  • How is my information protected?

  • How long will the policy be honored?

  • Who can I contact with questions or concerns?

  • When and how will my information be disposed of?

DESTROY DIGITAL DATA

If you are getting rid of a computer, tablet, cell phone, hard drive, or digital storage device, you must ensure that all personal information has been removed first. Deleting data and reformatting hardware is just not enough to keep a thief from recovering your information. There are data removal products available if you need them. Many big box electronic retailers offier this service. CDs, DVDs, and other storage media should be physically destroyed once you are done with them.