Reading Time: ~3 min.
The last decade has been one of digital
revolution, leading to the rapid adoption of new technology standards, often
without the consideration of privacy ramifications. This has left many of us
with a less-than-secure trail of digital breadcrumbs—something cybercriminals
are more than aware of. Identity theft is by no means a new problem, but the
technology revolution has created what some are calling a “global epidemic.”
Securing your digital identity is more
important now than ever, and Webroot can help you start.
What is
a Digital Identity?
The first step in locking down your digital identity is understanding what it is. A digital identity is the combination of any and all identifying information that can connect a digital persona to an actual person. Digital identities are largely comprised of information freely shared by the user, with social media accounts generally providing the largest amount of data. Other online services like Etsy and eBay, as well as your email and online banking accounts, also contribute to your digital identity. Realistically, any information that can be linked back to you, no matter how seemingly inconsequential, is part of your digital identity.
Digital
Identity Theft
Digital identity theft occurs in several ways.
A common tactic is social media fraud, where a hacker will impersonate a user
by compromising an existing social media account, often messaging friends and
family of the user requesting money or additional account information. If unable
to gain full control of a genuine social media account, identity thieves will
often set up a dummy social media account and impersonate the user using it.
A less widely-known form of digital identity
fraud is internet-of-things (IoT) identity theft, where an attacker gains
access to an IoT device with weak security protocols and exploits it to gain
access to a higher priority device connected to the same network. Another
growing threat is “SIM swapping”— an attack that
involves tricking a mobile provider into swapping a legitimate phone number
over to an illegitimate SIM card, granting the attacker access to SMS-enabled
two-factor authentication (2FA) efforts.
Even those who don’t consider themselves
targets should be aware of these tactics and take steps to lock down their
digital identities.
Locking
it Down
Reviewing your social media accounts’ privacy settings is one of the
easiest things you can do to cut opportunistic identity thieves off from the
start. Set your share settings to friends only, and scrub any identifying
information that could be used for security clearance — things like your high
school, hometown, or pets’ names. Only add people you personally know and if
someone sends you a suspicious link, don’t click it! Phishing, through email or
social media messages, remains one of the most prevalent causes of digital
identity theft in the world. But your digital identity can be compromised in
the physical world as well — old computers that haven’t been properly
wiped provide an easy opportunity hackers won’t pass up. Always take your
outdated devices to a local computer hardware store to have them wiped before
recycling or donating them.
The
Right Tools for the Job
This is just the start of a proper digital identity lock-down. Given the sensitive nature of these hacks, we asked Webroot Security Analyst Tyler Moffitt his thoughts on how consumers can protect their digital identities.
“Two-factor authentication in combination with a trusted virtual private network, or VPN, is the crown jewel of privacy lock-down,” Tyler said. “Especially if you use an authenticator app for codes instead of SMS authentication. A VPN is definitely a must… but you can still fall for phishing attempts using a VPN. Using two-factor authentication on all your accounts while using VPN is about as secure as you can get.”
2FA
provides an additional level of security to your accounts, proactively verifying
that you are actually the one attempting to access the account. 2FA often uses
predetermined, secure codes and geolocation data to determine a user’s
identity.
Because 2FA acts as a trusted gatekeeper, do your research before you commit to a solution. You’ll find some offerings that bundle 2FA with a secure password manager, making the commitment to cybersecurity a little bit easier. When making your choice, remember that using SMS-enabled 2FA could leave you vulnerable to SIM swapping, so though it is more secure than not using 2FA at all, it is among the least secure of 2FA strategies.
VPNs
wrap your data in a cocoon of encryption, keeping it out of sight of prying
eyes. This is particularly important when using public WiFi networks, since that’s
when your data is at its most vulnerable. Many VPNs are available online, including
some free options, but this is yet another instance of getting what you pay
for. Many free VPNs are not truly private, with some selling your data to the
highest bidder. Keeping your family secure behind a VPN means finding a solution that provides
you with the type of comfort that only comes with trust.
The two things that only you can do to keep
your identity secure? Constant vigilance and continuous
education. Visit the Home+Mobile page on the Webroot
blog for a host of resources to help keep you and your family safe online—at
home and on the go.
The post Lock Down Your Digital Identity appeared first on Webroot Blog.