Security, aisle four. Security, aisle four.

Personal security seems to be all the rage nowadays, some of it is warranted and some not so much.  Do we really need someone else to manage, protect, and monitor our online presence?  In some cases…yes, but we could minimize the need for third party protection if we started being a bit more pro-active and use a little more common sense with our online presence.

Over the last decade or so Identity theft has risen to outrageous proportions compared to the number that occurred two or even three decades ago.  Why?  With the advent of the Internet and The Digital Age, we’ve actually made it easier for identity thieves to get our information.  They don’t have to dumpster dive anymore to get our credit card information.  They can Pharm/Phish or use other tricks for it over the internet and we practically give it to them.

How have we made it easier you may be asking?  Simple, the majority of us use passwords that our five year olds can figure out and we use them for every site we need a password for.  Then there are the emails we get from the bank, often a bank where we have never had an account with, and we still click the link in the email.

Don’t believe me?  Here are some recent statistics from the Federal Trade Commission on the most common form of Identity theft for the last decade, Phishing.  These statistics are from 2011/2012:

Phishing Statistics

• Survey: > 30% of Internet users admitted to being tricked by a phishing scheme
• 57 million Americans say they received email attacks from phishers
• 11 (20%) million have clicked on the link in the email
• 1.78 million (3%) recall disclosing sensitive financial or personal information
• Of those, 980,000 were actually scammed
• A yearly loss of 1.2 billion dollars due to phishing

The figure that amazes me the most in these stats is the 11 million or 20%.  To put it in better perspective, the next time you’re at a store or restaurant etc. count the number of people you encounter.  Every fifth person will be potentially scammed.  That’s an eye opening reality.

So what can we do to minimize and reduce that number?  I’m a big supporter of educating people on the basics of security.  You have to be a little bit paranoid and a little bit neurotic in order to protect yourself these days.  Here are some suggestions:

Use STRONG Passwords

The best passwords are a combination of characters.  Use upper and lower case, numbers and symbols like “#, $, %” etc.  Make them a minimum of eight (8) characters long.  If you have a hard time thinking of something use a Password Generator program like PWGen, it’s free.

Don’t save your Log-In information

We all see this, KEEP ME SIGNED IN, on Facebook or Twitter etc. and the check box next to it.  DON’T CHECK THE BOX!  Why?  Because many times thieves will use an automated program to scan sites like Facebook to look for open accounts.

Use a different Password for every site

While this sounds unrealistic, it really isn’t.  If you are using the same password for every site you visit, then chances are when you do get hacked/scammed, you will lose everything.  Using a different password for each site will allow you to maintain some semblance of control when something does happen.  If your Facebook account is compromised then your other accounts will be fairly safe until you change the passwords

Change Your Passwords on a Schedule

I’m not talking every week or month but changing them on a schedule will make things infinitely more difficult for someone to try and hack.  I understand why changing passwords or making them difficult can be a pain.  We want to make things as simple as possible.  “We’re busy people and don’t have time to remember 25 different passwords and what sites use which password.  It’s just too much of a hassle.”…until something happens.

Use a Password Manager

It doesn’t matter what you use…use it.  Some of my clients use a spreadsheet, others have a separate notebook they keep everything in and then some will use software to manage their passwords.  There are even sites now that allow you to manage your passwords for various sites.  But use what you feel comfortable with.  The point is, if you are going to have fifteen different passwords, use something to manage them.

DON’T CLICK THE LINK!!

If you get an email saying they need information, account, personal etc.  DON’T CLICK THE LINK.  It doesn’t matter who it’s from, DON’T CLICK THE LINK.  If the email claims to be from your bank, then CALL your Bank and verify the email is real.  Nine times out of ten they can verify it for you.  And please, please…PLEASE READ that email, if it’s from Chase and your account is with B.A. I think it’s safe to say it’s fake.

Following these steps can really make your online life a great deal more secure.  Most of these things you can do on your own and you should be doing them.  In most cases following these steps can minimize the need for a Privacy Service.  However, while I may not be a big fan of Privacy Services I also understand they can do some things you can’t; like monitor when your SS number is being used with Credit Reporting Services or a supposed change of address.  If you feel you are better off using them, then by all means use them.  They aren’t that expensive and they do offer a wide range of protection.  But if you don’t feel you need it then don’t use them.