11 Strategies for Protecting Yourself From Identity Thieves
Identity theft is defined as the unauthorized use of another’s personal information for criminal gain. Identity theft can range from stealing someone’s credit card information and selling it, to making unauthorized purchases to taking control of current accounts and setting up new accounts and totally compromising an individual’s identity.
How do these criminals steal your identity? What can you do to protect yourself, your good name and your accounts?
Let’s start with the ‘Dark Web’. It’s not a place the average person is aware of nor generally able to access. It’s well hidden and a location where only 3% of Internet activity takes place. In fact, it’s the repository for a wide variety of stolen privileged data. A place where other felons can purchase it for their own felonious use.
First – there are 3 levels of the world wide web.
1.The public web:
This, of course, is where anyone can search for almost anything. It’s public and unfettered. And whether you’re searching for car insurance, a blueprint for a business mission statement, a paint color for your home or to purchase a book on Amazon, it’s all available to find and purchase. This is where you, and the majority of the public, search.
However the ‘Public Web’ is only 4% of what’s available to the public. Unfortunately the public web is the place where most identity thieves and cyber-criminals hang out and spend most of their time.
– Credit card info
– Personal info
– Valuable account numbers
– Log-in info and Usernames
– Email addresses
And that’s just to start.
2. The Deep Web:
The ‘Deep Web’ is approximately 93% of what’s located on the Internet. The majority of this data, content and information comes from a variety of top sources. It may come as a surprise to you, but much of your personal, privileged data is contained within the ‘Deep Web’.
Here are a few examples of what’s located on the ‘Deep Web:
* Company internal pages
* School intranets (for students and teacher sharing)
* Online databases for corporations with clients – insurance, health, utilities
* Government data bases, such as social security and Medicaid
* City, county and state tax payer databases
* Company retiree info and payments
This information should not be confused with what’s contained on the ‘Dark Web’. ‘Deep web’ pages/sites are those including client, credit, company, government info and content – even legal pages – which contain information, never to be shared. In short, this info is privileged and unavailable to the public.
While it can be hacked, it’s far more difficult.
3. The Dark Web:
Only 3% of the Internet is comprised of the ‘Dark Web’. This is not as you would think of as an actual place. Instead it’s comprised of a massive hidden network of thousands of websites; the number growing daily. And while it does require some specialized skill and unique resources, to access, it doesn’t take much to set up systems which provide access to sites on which cyber-criminals can purchase or otherwise acquire stolen data housed there.
The ‘Dark Web’, also called the darknet, is a place where all things illicit can be found. Such as drugs and all manner of stolen goods. Since there is ‘no honor among thieves’, recently a cyber-criminal hacked into 91 darknet sites and took them down for an indeterminate amount of time.
Visitors to the ‘Dark Web’ mask their IP addresses in order to protect their identity and the location of their computer. Dark Web visitors also use masking software which allows their computer to take a randomized path to their actual destination. Meaning, their computer is shuttled from one encrypted connection to another to keep their identity, location and direction the computer is taking, from becoming known.
What is an IP address and how does it help hackers defraud you or steal your identity?
Every computer, connected to the Internet, has an IP address. IP stands for Internet Protocol. It’s a unique string of 4 sets of 3 numbers, 12 in total. Each set of 3 separated by a dot. For example 000.000.000.000.
Your computer has an IP address assigned you (your computer) by your Internet Services Provider. This is for identification purposes by the ISP. For example Verizon, Sprint, Comcast and hundreds of other ISP’s. While your IP address is unavailable to others, it can be determined by law enforcement authorities or they can gain access to it via your ISP. In a moment we’ll cover how a creative hacker can discover your IP address and use it to steal your identity.
The reason your actual IP address is unknown:
Because your computer and IP address are connected to the Internet via a router. And the router has its own address. To a point, this helps keep your name safe from hackers and other Internet riff-raff. In short, your name can’t be connected to the IP address and become publicly known.
Skilled hackers protect their own identity often using proxys and/or cloaking. Read about cloaking here.
What are proxys and how do they work?
In a good way – a proxy site (server system) acts as an intermediary for your site. Processing through its servers all requests to access your site; spurning bots and fraudsters. You can, in fact, subscribe to one.
On the other hand, fraudsters use proxy servers which gather IP information on companies or sites they intend to hack. Many of these servers are on the ‘Dark Web’. Unfortunately for the unsuspecting, a proxy server anonymously gathers and permanently saves IP addresses should another computer come along wanting access to that particular IP address. Which is one of the reasons why your identity, your credit, your personal and financial details may be stolen on several occasions.
How it works:
A fraudster tells the proxy server on which site it wants to land. If it isn’t already saved to the proxy’s server, the proxy searches the Internet (anonymously), finds it and sends the info back to the originating site – the hacker. Thus providing the skilled hacker back door access to the site requested. Now the hacker can enter anonymously, often and undetected. And proceed to steal your personal and financial information, your identity, commandeer your computer; and even set up a firewall to lock you out of your own site or install malware. Because their IP address cannot be identified, they do this with impunity.
All that said, it’s unsurprising the ‘Dark Web’ is a playground for those planning nefarious schemes. And the main location for illicit activity including trafficking in stolen personal information captured via anonymous breaches as described above. And the sad news is – if you’ve ever experienced a data breach, your personal or financial info stolen, there’s a 95% chance it lives on the ‘Dark Web’ ready for sale or use by another cyber-criminal 24/7.
What information are those utilizing the ‘Dark Web’ interested in acquiring?
* Health records
* Social Security number
* Credit card info
* Address with matching credit or other personal information
Identity fraud is at an all-time high says the security experts at Javelin Strategy and Research. It’s latest 2016 fraud report states a record-high of 15 million U.S. victims of identity theft. Up 16% from 2015.
In fact, there was a resurgence in credit card (card not present) fraud in 2016. A 40% increase. Yet these criminals aren’t caught and stopped, simply because they are continuously, and successfully, devising new methods of following through with their actions undetected.
Here are 11 Steps you can can you take to protect your identity starting now?
1. If you use Firefox, there’s an extension called FlagFox – which can tell you when you land on a site if this is actually the site you expected to land on. It shows a flag of the country and tells you the exact location of the site; for example the city and IP address available to the public.
2. Since there was a resurgence of account takeovers in 2016, it would be sensible to sign up for a proxy site. A good proxy site does a great job filtering out phishing schemes, bots, scripting scams, identifying and blocking new threats – like CloudFlare.
3. Steer clear of sharing too much personal info on social sites. Especially –
the city where you were born, date of birth, next of kin facts. Javelin Strategy and Research stats show you have a 46% greater risk of account takeover fraud sharing personal facts on social sites; especially women.
4. Be wary of accepting new social friends whom you don’t know and who aren’t already connected to your current social friends. Facebook will always tell you how many of your FB friends this potential new friend is connected to. Or, you may want to make your social site private; allowing only your connected friends access.
5. If you shop online, make it a point to shop with sites using https:// rather than http://. The ‘s’ in https means it’s a secure site. These sites protect your privileged info such as credit card numbers, date of birth, email address, for instance. If you use MSN, to access the internet, you’ll see the word ‘secure’ appears before the URL.
6. Exercise caution with passwords. Create yours using alternating upper and lower case numbers and symbols like $ # ^ +, for example. And be very careful with whom you share your login info, passwords and other credentials.
7. Create a new and unique password for each site you use. Keep them stored offline, off your computer.
8. If you aren’t planning to open any new personal or credit accounts, place a credit report freeze on your account to prevent anyone else from creating a new credit card in your name. Credit freezes must be placed on all credit bureaus. Once a credit freeze is set up, your accounts are only accessible by your bank, existing creditors and some government agencies.
9. Sign up for Experian’s ‘Dark Web’ Identity Theft Protection Service
This includes monitoring of 3 additional credit reporting services, bank alerts when suspect actions are taken, new account set ups, PayDay and other loan alerts, change of address alerts, for example.
10. Use 2-factor identification process says Experian and Javelin Security. Use your cell phone number as the secondary factor after the security question and answer. Your bank, for example, will text you a message which includes a confirmation number required to re-enter your account if you’ve lost your password, for instance. Always use this method when offered.
11. Sign up for regular account alerts when available. Your bank, credit card and other companies on which you’ve deposited privileged info, will alert you to unusual account activity the moment it happens.
While cyber fraud increased 40% in 2016, says Javelin Strategy and Research, less financial loss impacted consumers since they’ve become better at detecting fraud and quicker, leading to less stolen, overall, per attempt. But this hasn’t stopped cyber-criminals from stealing. Instead it’s forced them to get more creative. Designing new and unique methods for evading detection. Remember this and begin taking additional steps to protect your identity today.
Authors: J. L. Serio and the staff at Cyber Fraud Protect.
- Turn any public hotspot into your own secure VPN to help keep your personal information safe and your online activities and location private – even allows access to your favorite apps and content anywhere around the world, like you are at home.
- Even with security software installed on your device, once information leaves the device it can be intercepted by hackers using unsecured public hotspots – Norton WiFi Privacy encrypts your data, making the information you send and receive unreadable.
- Enjoy high-performance surfing and streaming without hidden VPN costs with unlimited data and bandwidth – and the no-log VPN doesn’t track or store your activity.
- Includes 24×7 world-class customer support from Norton, the leader in online security.Password Vault by CyberGate:
Wireless Personal Cloud Password Manager Smart Card with Bluetooth Connectivity and Military Grade Encryption for Offline Password Management, Storage and Security.
Exclusive Free Report