October is practically here and while that means full on Halloween celebrating for most people, in my world, it means Cybersecurity Awareness Month. You know to keep your Personally Identifiable Information (PII) like Social Security number and bank account information secret, but you have no control over those banks getting hacked by Threat Actors. Nor can your computer’s and phone’s firewalls stop every phishing email from reaching you. Last year, identity theft cost Americans $5.8 BILLION. Here are some Don’ts and Dos to protect your identity.
Don’t Believe Everything Your Phone Shows You
We’ve talked before about not clicking on links in texts or emails unless you are expecting the communication. Now cyber scammers are getting bolder. They call claiming to be a representative from your bank, spoofing the bank’s phone number so that it looks legitimate on your caller ID. They speak in an urgent tone claiming there is something wrong with your account and they need to fix it right now using your bank’s money transfer service. They instruct you to transfer money out of your account and into their holding account, but the only holding going on is the cybercriminal holding on to your money and vanishing.
Don’t Be Lazy
From January – June, 2022, 817 American companies were compromised by cybercriminals with 53.4 million victims affected. Check here for a list of the most stolen PII. Before giving any company your PII, check their website to see what their cyber defenses are. If that information isn’t on the site, ask customer service: How may attacks have they withstood? What is their protocol for notifying you that a breach happened? How often do they update and patch their cybersecurity systems?
Don’t Leave It On
When you’re not using Bluetooth-enabled devices, turn Bluetooth off. Leaving it on allows hackers to see devices that you previously connected with. They can pretend to be one of those devices to access another one and steal your PII. For example, if you have a wireless printer in your home office, turn it off when you aren’t printing. Here is a good resource for more information.
Do Enable Two-factor Authentication
When a website, for example, your bank or favorite social media platform, gives you the option to enable two-factor authentication, say yes. I know you are rarely in the mood, but the protection is worth the time it takes to set up. It will take way more time to try to get back the identity a cybercriminal stole than it will take you to wait for and input the code the company sends you.
Do Shred
If you still receive paper statements for your bank accounts, credit cards, student loans, or any documents with PII on them, then shred them on a regular basis. If you don’t own a shredder, or have a friend who will let you borrow theirs, go online and search for “community shredding events near you.”
Do Monitor Your Accounts
Ultimately, you are responsible for your own cybersecurity. If you do not currently check your bank accounts weekly, then start. If you see something weird, like a transaction you did not initiate, contact your bank and investigate. If you do not check your credit score twice a year, then start. If you have experienced an attack on your credit, consider freezing it. Freezing your credit is a bit of a task and has pros and cons. Read about them here.
What do you do to protect your PII from cybercriminals? Please share in the comments.