Friday, November 28, 2008

50 Ways To Take Control of Your Personal Data

50 Ways to Take Back Control of Your Personal Data

Use these tips to avoid identity theft, financial loss and other crimes.

Internet scams, phishing, identity theft and other attacks that exploit your personal data are always a threat when you shop online, set up an email account, use a credit card, manage an online bank account or carry your Social Security card. There is hope, however, for fighting these threats, and you can start by taking back control of all of your personal data. The 50 tips and tools in this list will help you understand how these scams originate, how to protect yourself online and offline, and how to track down your personal data on the Internet.

Web Privacy

Protect yourself and your data online by choosing a secure Web browser, understanding the dos and dont's of wireless security, and correctly managing passwords.

1. Use a secure Web browser. Using a secure Web browser can hide your Internet activity, prevent Spyware attacks, and alert you when a Web site asks you to install extra software or doesn't have an official certificate, all of which can leave you vulnerable to an attack.
2. Set up a private wireless connection. If you use a wireless connection to get on the Internet, set up a secure account so that other users can't log on to your account and access saved passwords or ISP information — either by accident or on purpose. You can back up a good wifi account with a VPN (virtual private network).
3. Use different passwords. If you use the same password for every online account you have, you're putting yourself in a very vulnerable position. All it takes is for someone to crack the password on one unsecure site, and they'll be able to access your banking information and a lot more.
4. Don't save email settings or password settings. Online banking sites, social-media Web sites and shopping sites let users save their passwords and log-in information to save them time. Saving this information makes it easy for someone to jump on your account and access your information if they're working on your system. If you share a computer with someone at work or school, you can disable your browser's "remember password" settings.
5. Log out of your email account. If you're checking your email at a library or any other place where you are using a public computer, make sure that you log out of your account when you're finished. The next person who visits that Web site may be directed to your inbox if you don't.
6. Use anti-virus protection. One of the easiest and most basic things you can do to reclaim control of your personal data is to use anti-virus software on your computer.
7. Circumvent keystroke loggers. This tip is especially important when you're using a public computer at an Internet cafe or a library. This article explains how you can type "in a bunch of random characters" in a text editor and "then [copy] the letters and numbers that make up your password." That way, no one will be able to make sense of the letters or numbers you typed in if they're checking the computer's keystroke history.
8. Install pop-up-blocking software. Pop-ups "can be used to install hackers' software on your computer," according to MSN Money, so get rid of this threat altogether by installing a pop-up blocker.
9. Employ off-the-record Messaging. Whether you need to send files or chat at an Internet cafe, or you just feel like someone might be spying on your home computer, consider using an IM (instant-messaging) client that encrypts your messages and ensures your chatting buddy that "the messages he sees are authentic and unmodified."
10. Never store passwords on a public computer. If the computer prompts you to save the password, click "No."

Credit and Finance

Guard your finances with these tips, which can prevent identity theft and save you money.

11. Freeze your credit report. According to The Consumerist, "a freeze means no one can access your credit report unless you 'thaw' your report," so no one can secretly contact your credit bureau and ask for a copy of your report, apply for a credit card or loan, or in any way steal your account information and hurt your credit score.
12. Track your Social Security number. Find out if someone has stolen your Social Security number and published it on the Web by enlisting the services of a company like TrustedID. Just make sure that you thoroughly research the company you use to make sure that they aren't a scamming group either.
13. Check your credit report. This well-known tip can protect you against identity theft by alerting you of incorrect information, atypical credit history, and public-record information that is incorrect or doesn't need to appear on your report.
14. Make sure that charities are legitimate before you make a donation. Before you make a donation to a charity, do a little background check on the organization to make sure that they're a legitimate nonprofit and not a scamming group. You can easily do this by looking up their Web site or calling a reference number for more literature. The IRS (Internal Revenue Service) also publishes this list of registered organizations that are eligible to receive tax-deductible donations.
15. Don't save credit-card shopping profiles online. Some online retailers try to make shopping easier for their customers by giving them the option of creating a saved profile that features their billing information, credit- card numbers and home address. Make sure that an e-commerce site is secure before you save your information. Better yet, take the extra time to manually enter information each time you shop.
16. Never use your Social Security number as a PIN number or password. Some banks automatically use your Social Security number as your PIN number or password but give you the option to reset it. Do so immediately — especially if you plan to manage your account online.
17. Log out of your bank account. Just like it's a good idea to log out of your email account each time you're finished sending and reading messages, logging out of your bank account is also important. It's not enough to simply leave the page or close your browser: Your account information is still available online. As an added incentive, Brian Krebs of The Washington Post reports that you may not be reimbursed for the money stolen through an online account if you do not have anti-virus or anti-hacking software installed on your computer.
18. Never write your PIN number on yourATM card. MSN writer Liz Pulliam Weston warns against this bad habit in case your wallet gets stolen.
19. Use a credit card for online purchases. This method is safer than using a debit card when shopping over the Internet.
20. Drop off checks and sensitive packages at the post office. Use the post office or an official mailbox to send out checks and credit-card information instead of letting the envelopes sit in your mailbox unattended.

General Privacy

Even if you don't maintain a conspicuous online presence, there are other threats and scams that you should be wary of. Learn how to protecting your Social Security number and other personal data.

21. Understand the dangers of pretexting. The FTC (Federal Trade Commission) explains that "pretexting is the practice of getting your personal information under false pretenses." If you get a suspicious, unsolicited email or phone call asking for personal information, ignore it. If you think the communication may have been sent by your bank or other valid organization, call that company's customer-service line to double-check.
22. Get on the National Do Not Call Registry: You can protect yourself against unsolicited calls and telemarketing calls by getting on this official list. Besides relieving you of annoying calls, "telemarketers will be required to get your express informed consent to be charged — and to charge to a specific account," eliminating unauthorized billing.
23. Ask your bank or loaning office how they dispose of their files. Make sure that your personal data won't be sitting out in a dumpster for several nights; no one would ever know it was missing.
24. Don't use your Social Security number as an employee-identification number. PrivacyRights.org reveals that the Social Security Administration "discourages employers from displaying SSNs on documents that are viewed by other people such as badges, parking permits, or on lists distributed to employees." If your boss gives you a choice, ask to have a separate personal-identification number just for your job.
25. Don't put your Social Security number on checks. While some merchants may ask you for your Social Security number so that they can write it on your check, it's generally not a good idea to agree to this practice. Ask to see a manager to discuss the situation if it becomes problematic.
26. Don't share your driver's-license number. Yahoo! Tech writer Lincoln Spector notes that only your state's DMV Web site should request your driver's-license number. Don't write it on checks or any other documents that you aren't sure about.
27. Write checks with gel pens. Bruce Schneier, of the blog Schneier on Security, maintains that "only one type of ink, the kind in gel pens, has been found to be counterfeit-proof to acetone or any other chemical used in check washing."
28. Don't use your mother's maiden name as a password. Some businesses, credit bureaus or other organizations ask you to verify your mother's maiden name as a security measure. Don't use this information as a general password, because if it is stolen, it can grant a thief a lot of access.

Cell Phones and Online Phone Services

Keep your cell-phone conversations and numbers private with the help of these rules and tips.

29. Keep your cell-phone number private. This cuts down on identity theft and will keep you more immune from scam phone calls and telemarketers.
30. Understand your carrier's privacy policy. Before you sign a contract, understand the carrier's privacy policy, since some cell-phone companies have been accused of selling records that can be used to track down sensitive information, including your bank-account details.
31. Get Internet and Bluetooth security for your cell phone. Mobile devices that also have Internet access and Bluetooth need protection, too.
32. Beef up VoIP (Voice over Internet Protocol) security. This article details how Internet communications, including VoIP calls, are vulnerable to identity theft and surveillance groups. Don't neglect to beef up security on these systems to avoid being hacked.
33. Password-protect your cell phone. Set up passwords for your contacts list and other folders or files on your cell phone in case it is lost or stolen.

Rules to Follow to Protect Your Privacy

Practice these rules to protect your privacy and identity.

34. Don't carry all of your important documents with you. If your wallet, purse or car is stolen and you keep your Social Security card and other identification cards in one of those spots, you're completely vulnerable to a major identity-theft attack.
35. Don't put your Social Security number on your driver's license. Some states still give you the option of putting your Social Security number on your driver's license, but it's a bad idea. Again, if you lose your wallet or forget your driver's license in a bar, you never know who might find it.
36. Keep your Social Security card in a safe place. Don't put your Social Security card in your wallet or glove compartment; instead, keep it in a locked box or safe in your house or at a bank.
37. Clear your Google history. This habit will protect you from any personal searches that you don't want others to know about, including those dealing with health and legal information.
38. Shred important papers before trashing them. If you do a lot of business with high-profile clients or if you frequently throw out old bills and bank statements, your trash could be a target for a smart thief. Shred important papers before you toss them.
39. Don't use numbers from your birthday in your email or IM handle. Many people use numbers from their birthday in their email address or IM name to personalize the pseudonym, but this habit publicly reveals personal information, especially if you also use a part of your birthday in a password.
40. Clear your browser's cache. Online Tech Tips recommends erasing "your browser's cache after an online transaction" to get rid of stored information that may be extra sensitive.
41. Clean up your computer before you discard it. Whether you're donating your computer, giving it to a friend or simply throwing it away, it's important to completely wipe it clean, reformat the hard drive or destroy the drive.
42. Look for HTTPS. Online Tech Tips also notes that the "s" at the end of "https" means that the connection your computer shares with that site is "secure and encrypted." A regular "http" URL isn't.

Tools and Tips

To prevent identity theft and online spying, use these tools to keep your personal information safe and private.

43. SpyNot: Visit this site to find out what kind of personal information your browser gives to every site that you visit.
44. Aderes Internet Security: This email system and browser encrypts your messages and passwords so that your credit-card information and personal data remain private.
45. BitWise IM: Chat freely and feel safe sending files over IM with this system, which encrypts messages, files, voice chat and more for Mac OS X, Linux and Windows operating systems.
46. Tor: This system keeps JavaScript from displaying your IP address and uses "a distributed network of relays" to keep hackers and surveillance systems from tracking your activity online.
47. Secure your VoIP system. This article explains how to make your VoIP system more secure, minimizing or even eliminating the risk of someone stealing your sensitive information by hacking into your call or stealing your account information.
48. Get a password-protection system. A password-protection system like the VaultletSuite 2 Go can safely store your passwords on your USB device.
49. Use database-encryption tools. Certain database-encryption tools can encrypt data stored in systems like Oracle so that companies and individuals can safely keep sensitive information on their computers.
50. Get RSA DLP. This data-loss-prevention suite helps companies identify where sensitive information is on their systems, making it easier for them to protect it.

No comments: