The world of cyberspace presents unique challenges for protecting yourself from identity theft and fraud. There are several things you can do to make it more difficult for scammers and thieves to access your information electronically.
- Use unique and hard-to-guess passwords that combine letters (both upper and lower case), numbers, and symbols, and change passwords regularly. Avoid using personal information specifically, the last 4 digits of your SSN or your date of birth in your password.
- Install security patches and software updates as soon as they are released by verified sources
- Avoid using unencrypted public Wi-Fi. SSL offers little or no protection when using unencrypted Wi-Fi hot spots.
- Be aware of impersonators. Never respond directly to requests for personal or account information via email, over the phone, in email, or through the mobile device--including SMS text message.
Phishing is a common method using unsolicited emails get personal information from you with an urgent request or warning. The Federal Trade Commission provides the following advice to avoid falling victim to a phishing scam:
How Not to Get Hooked by a 'Phishing' Scam
"We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity."
"During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."
Have you received an email with a similar message? It's a scam called "phishing" — and it involves Internet fraudsters who send spam or pop-up messages to lure personal information (credit card numbers, bank account information, Social Security number, passwords, or other sensitive information) from unsuspecting victims.
According to the Federal Trade Commission (FTC), the nation's consumer protection agency, phishers send an email or pop-up message that claims to be from a business or organization that you may deal with — for example, an Internet service provider (ISP), bank, online payment service, or even a government agency. The message may ask you to "update," "validate," or "confirm" your account information. Some phishing emails threaten a dire consequence if you don't respond. The messages direct you to a website that looks just like a legitimate organization's site. But it isn't. It's a bogus site whose sole purpose is to trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.
You can learn more about how to protect yourself and your business with these brochures and helpful links: