Cyber Security: The Six Spooky Threats to Your Privacy and Identity
Cyber Security: The Six Spooky Threats to Your Privacy and Identity
Summary:
This Halloween season and beyond, watch out for data brokers, dark web cybercriminals, and other threats and nuisances creeping around online. These fiendishly persistent entities can invade your privacy and put you at risk of identity fraud—but fortunately, there are tools you can use to fight back.
The online world can be a scary place, but you’ve got ways to protect yourself
Navigating today’s digital world can sometimes feel like wandering the darkened hallways of a haunted house. Potential threats lurk in the shadows: creeps who want to steal your identity, scammers who want to trick you out of your money, companies that want to profit off your personal information.
If you take the proper precautions, however, you can help keep your identity and privacy protected this Halloween season and year-round. Here are six of the most common digital dangers to watch for, along with powerful tools and services you can use to keep these creepy-crawlies at bay.
1. Dastardly Dark Web Denizens
If your personal information is stolen as part of a data breach, it often lands on the dark web—an anonymous realm where cybercriminals operate via illicit websites, chat rooms, and bulletin boards. Here, these bad actors can purchase breached data and use it to commit identity theft or fraud. You can help foil them by using tools like the free haveibeenpwned & Experian’s Free Credit Monitoring.
We also have our own optional work benefit Allstate Identity Protection. Which includes credit monitoring, dark web monitoring, social monitoring, etc.
There are number of other paid options like IDX, Aura, Norton LifeLock, MyFico, IdentityIQ, etc. Paid subscription services continuously monitor the entire web, including the murky corners of the dark web, to see if your personal information is being traded or sold. You’ll be notified if your data appears to be compromised, so you can take early action to protect against the frights of identity fraud.
2. Tricky Tracking Cookies
Many websites use tracking cookies to collect your personal data. Like ghosts that keep following you, these cookies actually continue to monitor your activity after you’ve left the website and started browsing elsewhere on the web. The information collected by these cookies can be sold to third parties; cybercriminals have also been known to use them for the purpose of stealing your identity or installing malware.
You can help defeat these “ghost” cookies by regularly clearing your cookies on your browser. In your browser; Chrome, Edge, Firefox – you can press Ctrl+Shift+Del which will bring up settings to clear your cookies. The default will be basic information like cookies or cached images. You will want to delete for All Time range instead of past hour, day, etc. For best practices, I would recommend choosing Advanced and check-marking everything and delete for All Time; however, make certain that you know your passwords as they won’t be retained in your browser. You can also change the settings on your web browsers to never allow cookies.
3. Icky Identity Thieves
An identity thief is someone who uses your personal information (for example, your name, Social Security number, address, credit card, financial accounts, or medical accounts) as their own, without your consent. The thief could commit crimes in your name, or make purchases, loans, or other transactions for which you could be held financially responsible. Make sure you utilize the tools previously provided to make certain that your identity hasn’t been compromised. You can request the three credit bureaus to place a block or freeze on any new activations of loans/credit until you give permission for it. How to place or lift a freeze on your credit report.
4. Horrid Hackers
Just as madmen in horror films break open doors with axes, online fraudsters have their own way of breaking into people’s accounts: by hacking their passwords. In fact, this method is one of the leading causes of data breaches and identity theft. Making your passwords unique and difficult to guess is one of the most important things you can do to boost your security. Best practice is to not use passwords but pass phrases. A lot of websites and software allow for spaces in a password, so you could use something like: Fall !s My Fav0rit3 Se@s0n! – this is something that you will remember and much more difficult to brute force hack.
Most security experts say you should change your password as often as every 30 days. Some experts say create a long passphrase that you won’t forget and don’t change it. Human behavior is that we don’t like to be inconvenienced, so when forced to change a password, we often just put a 1 or an ! at the end of an existing password. The problem is if your password has been compromised, it is easily hacked if you have only changed it by one character.
But who wants to remember dozens or even hundreds of passwords?
Instead, you can utilize a Password Manager. It generates random, hard-to-hack passwords for each of your accounts and stores them in a vault-like encrypted space. To access your accounts, all you have to do is log into your Password Manager using a single strong password. There are some free ones like Google Password Manager, Firefox Password Manager, for Apple Users there is iCloud Keychain, as well as some free tiered software like BitWarden, KeePass, and LastPass. Keep in mind that you get what you pay for. Some paid versions include 1Password, Dashlane, Keeper, and many others. One warning of caution, it is possible that the Password Manager could have a data breach which holds all your passwords. For example; LastPass had a data breach 12.22.2022, no customer passwords were stolen as they are encrypted, however customer information was gathered.
DO NOT use the same password for everything! My Yahoo account password was compromised when Yahoo had one of its many data breaches. I changed my password and thought nothing of it. Then discovered that I had used the same password for Domino’s Pizza when someone in NYC ordered $100 worth of pizza for delivery because my credit card information was stored on the website. Best Practice: Don’t store your credit card information on websites. Yes, it is more convenient to check out quickly, however, learn from my lesson. Your Amazon account could be sending lots of stuff to some horrid hacker.
5. Scary Social Media Scammers
Scammers are the vampires of social media—draining the lifeblood out of your experiences on platforms like Facebook and X. They might try to hack into your account. They might come after you with fake ads or fraudulent or inappropriate messages, to steal your money, reputation, or personal information. Again, there are some paid services that protect against this, like IDX, however it does mean providing access for your social media to the company. The best practice here is to be careful of what you share on social media. The more personal information that you share, the more easily you can be social engineered (watch the movie Now You See Me).
Method Studio does have a social media policy in the Employee Handbook (section 5.19).
6. Diabolical Data Brokers
So-called data broker sites scour the web collecting bits of your private information, such as your age, address, phone number, tax records, and court records. Then, like Dr. Frankenstein, they assemble the data into a monster-size profile of you and sell it, legally, to advertisers and other groups. You have no control over who buys your profile; your data could even fall into the hands of cyberthieves. It’s critical to get your profile removed from these sites, but it’s tedious and time-consuming to do manually, but it is possible. There are tools to help defeat having your data sold to diabolical data brokers such as YourAdChoices which allows you to opt out of marketing ads and tracking cookies. For more information on how to Opt Out look at 6 easy opt-outs to protect your privacy.
Related Articles
Cyber Security: Phishing Attacks
Cyber Security: Phishing Attacks What Is Phishing? Phishing is a fraud technique where a malicious actor sends messages impersonating a legitimate individual or organization, usually via email or other messaging system. Many cyber attackers ...Cyber Security: Tax Fraud and IRS Impersonation
Cyber Security: Tax Fraud and IRS Impersonation Here is some helpful information to help you navigate the waters. Scammers often reach out pretending to be IRS employees to get your information. But does the IRS call or text? The first point of ...Cyber Security: Vishing – Are You Getting Too Many Scam Calls?
Cyber Security: Vishing – Are You Getting Too Many Scam Calls? Are You Getting Too Many Scam Calls? 1 in 3 Americans report falling victim to phone scams, with 20% more than once. Total losses to phone scams totaled $39.5 billion in the past 12 ...Cyber Security: Title Fraud
Cyber Security: Title Fraud Last month, a much-beloved piece of American history was nearly stolen – but not in a museum heist or a home burglary. Instead, self-proclaimed scammers used a fraudulent real estate scheme. In late May, Graceland, Elvis ...Cyber Security: Scammer Alert! If Someone Calls You Using Any of These 12 Phrases You’re About To Be Scammed
Cyber Security: Scammer Alert! If Someone Calls You Using Any of These 12 Phrases You’re About To Be Scammed In an era where phone scams are increasingly sophisticated and widespread, it’s crucial to stay vigilant. Scammers constantly refine their ...