Think like a thief to keep your personal information secure at home
Familiar surroundings aren’t necessarily safe; take steps to protect your data
By Adam Levin, Special to ThirdCertainty
The only reason you have not yet been the victim of an identity-related crime (and that includes credit card fraud) is that no one practiced in the art has had the opportunity to separate you from your available credit, health care or other bankable soft assets—yet.
The figures on data compromises vary, but Risk Based Security estimates that just last year more than 4.2 billion sensitive records were compromised—information that opens the door to all kinds of identity-related malfeasance, including account takeover, credit draining, theft of health care, and even the commission of a crime in the victim’s name.
To put it bluntly, your chances of avoiding fraud are right up there with winning it big at a bingo convention in Florida—slim to none.
Hopefully this is not news to you. If it is, read on for tips on how to protect yourself against identity theft.
Familial identity theft
Unless you’ve been pulling double shifts in a pyramid guarding one of the lesser-known pharaohs, you already know the basics about protecting yourself against the threat of ID theft. You never answer the phone by saying “Yes,” no matter what the interlocutor says (thieves steal voiceprints to authenticate your accounts and take them over), you use two-factor authentication whenever it’s offered, and your long-and-strong passwords are never used to access more than one account.
But here’s a factor you may not be protecting yourself against: the various ways you are vulnerable to identity theft at home.
The Identity Theft Resource Center has provided a comprehensive guide for navigating the problem of familial identity theft—that is, when a friend or a family member steals your identity.
While no one can be completely protected from identity theft, there are things you can do to safeguard yourself against this particular approach. First, you can practice the three Ms that I first introduced in my book, “Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves.”
- Minimize your exposure. Don’t authenticate yourself to anyone unless you are in control of the interaction, don’t overshare on social media, be a good steward of your passwords, safeguard any documents that can be used to hijack your identity, and consider freezing your credit.
- Monitor your accounts. Check your credit report regularly (you can check your credit report for free on com), keep track of your credit score, and review major accounts often. If you prefer a more laidback approach, sign up for free transaction alerts from financial services institutions and credit card companies or purchase a sophisticated credit- and identity-monitoring program.
- Manage the damage. Make sure you quickly get on top of any incursion into your identity and enroll in a program where professionals help you navigate and resolve identity compromises—oftentimes available for free, or at minimal cost, through insurance companies, financial services institutions, and HR departments.
Minimize your exposure to identity theft
Regardless of your income and regardless of your likeability, someone you know is probably willing and able to steal your identity. To stave off that eventuality, you need to practice the first M: Minimize your exposure at home.
Consider what kind of personally identifiable information (PII) lives with you in your home—everything from tax returns to password cheat sheets. Now think about where these things are stored.
If you are like most people, your tax returns are at best kept in a locked filing cabinet with a key hidden in a not-too-paranoid spot nearby. Maybe it’s time to rethink that cardboard box.
Our homes are not perfect sanctuaries, as much as we would like to think they are. Repair people come through, utility meters need to be read, we hire babysitters and housekeepers, friends and relatives come by to visit: all of them are potential ID thieves. It may be only a matter of time before they use that barely hidden key, or simply take that cardboard box.
Steps you can take
There are a variety of things you can do to safeguard your PII in your home and minimize your attackable surface.
- Miniaturize your data. Not only is a mountain of paperwork hard to store, it is also increasingly unnecessary. Get into the habit of scanning or even photographing your documents and then shredding the hard copies. Create two or three copies of the digital files—and make sure one of them is stored somewhere other than your house, since fires and other cataclysmic events do happen.
- Use encrypted external storage. Whether you choose a thumb drive, a cloud server, or an external hard drive, store your PII digitally in an encrypted form. And it’s always better to choose a device that offers rich security features, like biometrics or two-factor authentication.
- Invest in a safe. Once the exclusive equipment of rich folks, safes are now very affordable. They are a great place to store all that miniaturized data. Get one that is fireproof and has a biometric element (like a fingerprint scan) to further protect your information.
- Employ two-factor data management. Store your data in more than one place. An encrypted drive can be left with the most untrustworthy relative. Just make sure you have a backup somewhere. If you have a safety deposit box, that’s probably the best bet.
At the end of the day, you are the only one with access to the data points needed to figure out precisely how vulnerable you are to identity theft. If you think like a thief, you will be pointed in the right direction.
Full disclosure: CyberScout sponsors ThirdCertainty. This story originated as an Op/Ed contribution to Credit.com and does not necessarily represent the views of the company or its partners.