Identity theft is something you’ve probably heard about on the news. But what does it really mean, and what is the risk to you, your family, or your business?
Identity theft is when someone uses your personal information without you knowing about it. They may try to get your basic information, such as name, date of birth, and Social Insurance Number, so they can impersonate you. Or, they may be after ways to access your secure financial information.
Here are five common — but unexpected —ways that cybercriminals try to get this information from you, and how to stop them:
1. Surveys and Games
Have you ever been asked to answer questions, or play a game, which involved disclosing your mother’s maiden name, the street you grew up on, your favourite teacher, or first pet?
It may seem harmless, but if you give this information to unknown sites or post it publicly on social media, you’re actually sharing some of your answers to typical security questions used by banks (for example). These answers can then be used to access your account through a “lost password” or other security work-around. You’re best to keep these facts to yourself.
2. Old Devices
Do you know where all your old smartphones, tablets, and computers are now? You may have traded them in, or sent them for recycling, but if you haven’t deleted all your personal information on those devices they can be used against you.
Cybercriminals scan old computers, servers, mobile devices, memory sticks or USB drives for information. When you get rid of or give away outdated equipment, make sure you delete all your personal information first by wiping it clean. On mobile devices, this can be as simple as performing a complete reset to factory settings. On a computer, you can reformat the hard drive. Check your device’s instruction manual for specifics.
3. Fake Job Postings
If you’re in the job market, be careful who you send your resume to. These documents include a wealth of personal information that can be used to steal your identity or access your information and money online.
Before applying to a job, make sure the company is legitimate and check that the email address and phone number are valid. And don’t put more personal information on the document than you are required to. You should not include your home address, your birthdate, or your driver’s license number, banking information, or Social Insurance Number (SIN). These are details the employer will need AFTER you are offered and accept the job.
4. Social Media and Dating Sites
When you add someone to your social network, depending on the specifics of the channel, you may be inviting a cybercriminal into your inner circle. Beware of “friend” requests from people you don’t know.
Even without being added, cybercriminals browse social networking sites or dating sites looking for personal details shared publicly. To protect yourself, use the security settings in your profile to keep personal or sensitive information as private as possible.
5. Offline Shenanigans
There are also ways to access your information in the analogue world. Cybercriminals may try to “shoulder surf” behind you when you’re using a public computer or your own computer in a public space, to see and memorize your password or PIN. They may listen when you give your credit card or banking information to someone over the phone (or when using your device’s voice assistant). They might even go through your mailbox or the recycling box you keep outside your home. Anytime you log on to social networking sites, do your banking or surf in public, be sure no one is looking over your shoulder or listening in. And shred all paper records before putting them out for pickup. And if you’re doing you banking in a public space, do not use free unsecured WiFi like you may get at a coffee shop or library. Use your phone’s data on your phone or tethered to your laptop while banking.