Identity theft is a continual problem that affects millions of people each year. According to a study conducted by the Identity Theft Resource Center, there were 1,774 reported data breaches in the United States in 2022 alone, with a total of 300 million records exposed. In addition, the Federal Trade Commission (FTC) received over 5.7 million reports of identity theft and fraud in 2021, which represented an increase of 21% compared to the previous year. It is important for travelers to take steps to protect their personal information, such as using strong passwords, monitoring their credit reports, and being vigilant about potential scams and phishing attempts. If you suspect that you have been a victim of identity theft, it is important to act quickly to minimize the damage and prevent further fraudulent activity.
A recent incident reported by the Texas Attorney General shows a Houston veterinarian who fell victim to identity theft when an employee at a bank sold his personal information to a ring of cyber criminals. The veterinarian had set up a $90,000 line of credit as an extra layer of financial protection and had never used his line of credit. One day the bank called him asking why he was behind on his first monthly payment of $86,000. Can you imagine the shock and disbelief he must have felt? As it turns out, an identity theft ring had gotten ahold of his line of credit account number and the account info of other customers, that theft ring went on to steal a whopping $12 million dollars through phony checks. If you would like to see more of what an identity theft ring does after they get financial information, you should watch Emily the Criminal (2022) on Netflix.
Securing your phone is an essential step in preventing identity theft. Smartphones are used every day for online banking, social media, and email. However, these activities also put users at risk of having their personal information stolen by cybercriminals. Here is a list of helpful steps that can increase your ability to stay safe and secure in our digitally connected world.
Update your phone, obsessively.
Updates often include security patches that address known vulnerabilities and bugs that could be exploited by cybercriminals to gain access to your device or steal your personal information. Hackers are constantly looking for new ways to exploit weaknesses in operating systems and applications, so updating your phone regularly helps ensure that you have the latest protection against potential threats. Keeping your phone updated ensures that you are running the latest version of the operating system and applications, which can help ensure compatibility with other devices and applications. If you are using an older version of an operating system or application, you may encounter compatibility issues with newer devices and software, which can cause inconvenience and potentially compromise the security of your phone.
If you are an Android OS user, you may remember the Stagefright exploit. The Stagefright exploit, which was discovered in 2015, is a media playback engine used by Android devices that allows attackers to send a malicious MMS message containing a specially crafted media file that could execute remote code on the victim’s device. This vulnerability affected nearly one billion Android devices at the time, and it highlighted the importance of regular security updates and patches. Since then, many other Android OS exploits and vulnerabilities have been discovered and addressed through regular security updates and patches.
Trust, then download.
It is important to only download applications from trusted sources such as the Google Play Store and the App Store because these platforms have strict security measures in place to ensure that the apps listed on their stores are safe and secure for users to download and use. Apps available on these platforms undergo a rigorous review process that includes security checks to identify any potential vulnerabilities or malicious code. This reduces the risk of downloading and installing apps that may contain malware or other security threats that can compromise your device and your personal information.
Downloading apps from untrusted sources can expose your device to various risks, including viruses, spyware, and other forms of malware. These malicious apps can steal your personal information, such as passwords and financial data, and even take control of your device, locking you out or causing other problems. In addition, untrusted apps can drain your device’s battery, slow down its performance, and cause other issues that can impact your overall experience.
Log in, twice.
Hackers typically rely on a few methods to gain access to online accounts, such as using brute force attacks, phishing scams, and stealing passwords through data breaches. Two-factor authentication (2FA) helps to mitigate these risks by requiring an additional layer of authentication that is unique to the user and not easily guessable. It makes it difficult for hackers to gain access to an account even if they have access to the user’s password because they would also need to have access to the second factor, which is typically a device or app that is only accessible to the user.
In addition, 2FA can also help to detect and prevent unauthorized access attempts. If an attacker tries to access an account with an incorrect password, the second factor (such as a code sent to the user’s phone) will not match, and the attacker will be denied access. This can alert the user to an attempted breach and prompt them to take further action to protect their account and personal information. As a best practice, ensure that you have enabled muti-factor or 2-step authentication on all your important accounts.
Don’t always be an open book.
The importance of having a strong password cannot be overstated. It is common for people to use passwords that contain information about themselves because it is easier to remember. For example, someone might use their pet’s name, their birth date, or their favorite sports team. However, this practice is dangerous because it makes it easier for hackers to guess or crack the password. Hackers often use social engineering techniques to gather personal information about their targets and use that information to guess their passwords. A password should not be related to any personal information such as your name, date of birth, or address. Using personal information in passwords also puts users at risk if their personal information is compromised in a data breach. If a hacker gains access to a database of usernames and passwords, they can use that information to try and gain access to other accounts that may share the same or similar passwords. This is called password reuse, and it is a common mistake that many people make.
A bad password is one that is easily guessed or cracked by hackers. A bad password may be a simple word or a sequence of numbers, such as “password123” or “12345678.” Such passwords are easily guessed by hackers using automated tools that can try thousands of possible combinations in a matter of seconds. Another example of a bad password is to use a common word, such as “football” or “monkey,” that can be easily guessed by anyone who knows you well. Additionally, using the same password for multiple accounts is also bad practice, as it allows hackers to access all of your accounts if they manage to crack your password.
A strong password is one of the primary defenses against hackers and cybercriminals attempting to steal your personal information. A good password should be unique, complex, and difficult to guess. It should be a combination of uppercase and lowercase letters, numbers, and special characters. A good password should be at least 10 characters long and should not be easily guessed by anyone, including family members, friends, or colleagues.
To create a strong password, it is recommended to use a passphrase, a series of random words or phrases that are easy to remember but difficult to guess. For example, a passphrase like “correct horse battery staple” is much harder to crack than a password like “P@ssword123.” Using a password manager is also a good practice, as it can generate and store strong passwords for you, making it easy to use a unique password for each account.
Lock your device, automatically.
Setting a screen timeout and PIN code is an essential step to ensure the security of your mobile device. Here is how to set them up on both iPhone and Android devices.
For iPhone:
- Open the Settings app on your iPhone.
- Scroll down and select “Display & Brightness”.
- Select “Auto-Lock” and choose a timeout interval from the available options, such as 30 seconds, 1 minute, or 2 minutes.
- Return to the main Settings menu and select “Face ID & Passcode” or “Touch ID & Passcode”, depending on your device model and settings.
- Enter your current passcode if prompted.
- Select “Turn Passcode On” if it is not already enabled, and follow the on-screen instructions to create a six-digit passcode or custom alphanumeric passcode.
For Android:
- Open the Settings app on your Android device.
- Scroll down and select “Security & location”.
- Select “Screen lock” or “Screen lock type”.
- Choose a lock type from the available options, such as PIN, pattern, or password.
- Follow the on-screen instructions to create a PIN code, pattern, or password that meets the recommended security requirements, such as using at least eight characters or mixing uppercase and lowercase letters, numbers, and symbols.
- Set the “Automatically lock” or “Screen timeout” option to a preferred time interval, such as 30 seconds, 1 minute, or 2 minutes.
By setting a screen timeout and PIN code, you can ensure that your mobile device remains locked and secure when not in use, preventing unauthorized access and data breaches. Remember to use a strong and unique password or PIN code that is not related to personal information or easy to guess, and to update it regularly to maintain the security of your device.
Data, through a hidden tunnel.
A VPN, or virtual private network, provides many benefits to users who want to enhance their online privacy and security. The primary benefit of using a VPN is that it encrypts your internet traffic and data, making it unreadable to anyone who may try to intercept it. This is particularly important when using public Wi-Fi networks, such as those found in coffee shops, airports, and hotels, where hackers may be able to intercept your internet traffic and steal your sensitive information. It can also prevent your internet service provider (ISP) from tracking your online activity and selling your data to advertisers.
The following VPN applications offer various features such as strong encryption, no-logs policy, multiple server locations, and user-friendly interfaces.
It’s important to do your research and choose a VPN that best suits your needs and budget. Additionally, it’s important to note that while using a VPN can enhance your online privacy and security, it’s not a foolproof solution and should be used in conjunction with other cyber security best practices as mentioned above.
Report.
Mobile devices can be vulnerable to attacks. It is crucial to implement cyber security practices to keep your information safe. If you notice suspicious cyber activity report it to the FBI and the Department of Homeland Security.
» https://www.fbi.gov/file-repository/cyber-incident-reporting-united-message-final.pdf/view
» https://www.cisa.gov/reporting-cyber-incidents
One more thing.
Disclaimer: The information presented in this article is for educational purposes only and should not be considered legal advice. While we have made every effort to provide accurate and up-to-date information, cybersecurity threats and best practices are constantly evolving, and the effectiveness of specific cybersecurity measures may vary depending on individual circumstances. It is important to conduct your own research and consult with a cybersecurity professional before making decisions about your personal or business security. We are not liable for any damages or losses that may arise from following the subjective advice presented in this article.
If you have any more questions for recommendations contact francis.rhodd@unitimed.com. Francis has more than 15 years of experience in technology and holds 10 certifications from CompTIA, Google, EC-Council and Microsoft.