It makes sense to protect your privacy online as much as possible. The problem, though, is that these days it’s hard to keep in touch with friends and family if you aren’t involved in social networking.
Indeed, social networking can be a great way to stay in contact with loved ones — especially if you want to make sure that grandma living three states away can enjoy pictures of her grandchildren. I know my mom loves being able to see pictures of my son on Facebook.
As you post images, though, it’s important to make sure that you understand your privacy options. I prefer my Facebook photos to be set to “Friends” so that only those who are actual friends of mine can see them. This protects my privacy, as well as protecting the privacy of my son.
Limiting Who Can See Your Facebook Photos
If you want to better maintain privacy on Facebook, you need to be careful about who sees your photos. First of all, Facebook now automatically uses your last setting for the privacy setting on your next image. So, if you want to protect your images going forward, just choose a particular privacy setting before uploading a new picture.
It’s also possible to set up custom Facebook privacy settings. I have gone through this process to allow my images to be seen only by Friends, but to let my status updates be seen by Friends of Friends. You can play around with custom settings to limit who sees what.
It’s even possible to put together a list of custom friends to limit which of your friends can see images. So, if you only want grandma and a few other family members to see pictures of your new baby, it’s possible to do that.
It’s a little more challenging to change the Facebook privacy settings on images that have already been posted. You either have to change them one at a time, or use an option that will apply a blanket to all your old posts. In the Privacy Settings and Tools section, you will see a “Limit Old Posts” button. Use that button to hide everything old. If you are unsure, it makes sense to choose this option, and then use your custom settings going forward.
Turn Off Location Services to Enhance Facebook Privacy Settings
Many of us, when using smart phones to take pictures, have the location services turned on. This means that when you snap a picture, the location is saved as well — and posted to Facebook.
That means if you take a picture of your adorable six-year-old at home, the location of your home will be saved with the image and uploaded to your accounts. Let that sink in for a minute.
One way to reduce the chances of your child’s location being known (whether you take the picture at home or in front of his or her school, or at a favorite playground) is to turn of the location services. Most smart phones allow you to do this in Settings.
The good news is that you don’t usually have to turn off the location services for every app. You can customize which apps are associated with location services. I’ve turned off location services for my smart phone’s camera altogether so that I don’t have to worry about it as much. However, location services is still on so that I can use my GPS and maps apps, and so that I can effectively use my stargazing app.
Take the time to customize your settings on your phone, as well as to review your Facebook privacy settings. You’ll guard better against identity theft, and better maintain what shred of online privacy you have left to you.
Your first line of defense against identity theft is your password. In fact, if you want to protect your sensitive data, your password is extremely important.
One of the reasons that the Heartbleed vulnerability was so scary was that it had the potential to expose your passwords to hackers and scammers. If you want better password security, consider implementing the following tips:
1. Don’t Use the Same Password for Everything
One of the oldest tricks in the hacker book is to get one username and password combination. Many people use the same information to protect multiple accounts. If someone manages to hit upon your username and password for one site, s/he can simply try a bunch of other major sites, using the information, and checking to see if it’s possible to get in.
If you want to protect yourself from this sort of problem, it makes sense to use different passwords for different sites. It’s not fun to remember all those passwords, but it’s safer. There are a number of tools, such as 1Password, that can help you keep track of everything easily, while still allowing you to protect your personal information with good password security.
2. Change Some of Your Passwords Regularly
Next, make sure you change some of your passwords regularly. Some passwords don’t actually need to be changed all that often. Interestingly, studies indicate that changing a bank password every three to six months might not matter.
However, it does make sense to change your password to email, social media, and other similar services regularly because these are accounts that people will wait around to “listen” in on. Switching it up can confound someone who is waiting for you to divulge important information via these accounts.
3. Choose Something Unconnected to Your Life
Many people choose their pets’ names, kids’ birthdates, and other publicly available information for their passwords. While this can make it easier to remember, it also makes it easier for scammers and hackers to guess your password. If you want better password security, you need to move away from your life as a source for inspiration.
When you choose a password that can be cracked by personal information that someone can glean by looking at your Facebook profile or reading your blog, you are setting yourself up for difficulty. Instead, choose passwords that are unconnected to your life, and make it a point to keep them as random as possible. If you have a password tool, it can help you keep track of those unusual passwords more effectively.
4. Make It Long
One of the keys to a more secure password is length. Many web sites require that you choose a password that is at least six or eight characters. This is because the longer a password is, the more combinations are possible — and the harder it is to crack.
So, even though the web site might impose a minimum on you, that’s no reason to just stick with the minimum. In fact, there are indications that you should have a password of at least 12 characters for best effect.
Once again, it’s important not to put memorability above security. In today’s world, since almost everything important is online, you really do need to protect yourself. Make your password as long as you can (many sites have a 16 character limit) and use a password tool to help you keep track of everything.
5. Mix It Up With Letters, Numbers, and Symbols
Mixing it up can make your password even harder to crack. Rather than using all numbers or all letters, mix it up a little. Incorporate number, letters, and symbols into a your password. And try to make it random. It’s much harder for someone to crack a password like 6Th*1s_dM&2x than it is if you use something like Grizz1989.
A combination of upper case and lower case letters is a good idea as well. Try to make your password as random as possible, since that will make it harder to crack. Some web sites won’t let you add symbols to your password, you might just have to work with letters and numbers. But with a good mix and a little randomness with your capitalization, you can still create a pretty decent password.
When I first attended college, my student ID number was my Social Security number. This seemed a little sketchy to me, but I was 18, and I didn’t worry too much about it. A couple years later, they school changed its policy and we all got new student ID numbers that didn’t list our Social Security numbers.
On top of that, I’ve noticed that there is an option to include the Social Security number on your driver’s license in my state. I always check the box that says no, I do not want my SSN visible. I’ve become very protective of my SSN because I know how it can be used to steal my identity and open fraudulent accounts.
However, sometimes I feel as though I’m fighting a losing battle because Social Security numbers have basically become ID numbers. When the SSN was originally introduced, it wasn’t supposed to be a national ID. But with the digitization of information, and the rise of the credit industry, it’s been easy for the SSN to become the de facto national ID.
The good news, though, is that you don’t really need to provide your SSN every time it’s asked for. Just as there’s no need to write out your credit card number anymore, there is also no reason to share your SSN with anyone who asks. And if someone tries to tell you that your ID number is the same as your SSN, you usually have the option of asking them to assign you a different number for identification. There’s no reason to just hand over your personal information just because you’re asked. With data breaches becoming increasingly common, now is the time to take a deep breath and determine whether or not you really want to share your SSN.
Who Needs Your SSN?
When I go to the doctor, and fill out the information form, there is a space for my Social Security number. However, I usually leave that blank. My doctor doesn’t need my SSN; the office already has my insurance information. Likewise, the doctor also doesn’t need my spouse’s SSN (which is also asked for on the form).
In many cases, sharing your SSN isn’t very necessary. If you have a government issued ID, and other forms of identification, using your Social Security number as another form isn’t exactly required in most cases.
Unfortunately, there are times when you have to share that information. If you want to open a bank account or apply for credit, you will need to share your SSN, since that is the main way that credit reports are looked up. (This is something that probably ought to be changed.)
Additionally, you need to give your SSN to your employer. When you are hired, and filling out paperwork that results in your FICA taxes (which include money being taken out for Social Security), you need to provide your SSN.
However, even when you are in a situation where your SSN is required, you can still be careful. One common scam is for someone posing as an employer to ask for your Social Security number on the application. The reality is that you shouldn’t need to provide that information when you’re applying for a job. If someone asks for that information before you are hired, it makes sense to be very, very careful. You could be dealing with a scammer.
Your SSN and Your Business
If you own your own business, one of the best things you can do is get an Employer Identification Number (EIN). You should use your EIN for all business-related items. Filling out a 1099? Use your EIN. Signing up for credit or working with vendors? Provide your EIN. This is a good way to keep your personal Social Security number more protected.
Even if you are a sole proprietor, it makes sense to apply for an EIN, just so that you can use that number, instead of spreading your SSN about.
And, of course, you want to make sure that you keep tabs on your credit, just to make sure that your identity hasn’t been compromised.
One of the scariest financial prospects that many of us face is the possibility that we will be a victim of identity theft. In a world where almost anyone can have their information stolen from just about anywhere, it’s not much of a surprise that your information could be next.
Identity theft is such an important topic that the Justice Department has an entire information resource devoted to identity theft statistics. When you’re concerned about your identity, and how it might impact your credit, it can make sense to consider paying for a credit monitoring service.
What Does a Credit Monitoring Service Do?
A credit monitoring service basically scans your credit report regularly and makes an attempt to identify red flags that indicate your identity has been stolen. When a new account is opened, or when someone checks your credit, you are notified.
While credit monitoring won’t stop your information from being stolen by hackers or through something like the Heartbleed vulnerability, it can provide you with immediate information that you can act on quickly. When it comes to heading off identity thieves and limiting damage, the faster you act, the better off you’ll be.
There are also more advanced credit monitoring services that go beyond just your credit report. More advanced identity monitoring services actually keep an eye on your public records, and make it a point to even use algorithms to check through black market sites and look for other unusual activity that might indicate your identity has been compromised.
A credit monitoring service can help you keep tabs on your information, providing peace of mind.
Can You Monitor Your Credit Yourself?
Of course, a credit monitoring service isn’t going to do anything for you that you can’t do on your own. It’s possible for you to keep tabs on your situation for less than it costs to pay for credit monitoring.
You can access your credit report for free on a regular basis through AnnualCreditReport.com, as well as use free consumer credit reporting sites to keep tabs on your credit report and use it to watch for identity thieves.
It’s also possible to do your own public records search and watch for suspicious activity on your bank and credit card statements — and even your investment statements.
However, all of this takes time and effort. Yes, you can do it yourself, but you can’t be watching all the time. If you check in once a month with your accounts, and even if you use various tools to protect you against identity theft, you could still miss something. And, if you only check in once a month, you might miss a red flag that pops up a day or two after you last checked. That gives the thief almost a month’s head start on you.
In most cases, though, if you report fraudulent charges on credit cards (the rules are different for debit cards) within 60 days, you won’t be liable for most of the charge. But it can be a real pain to deal with during that time.
The point of a credit monitoring service is that it provides immediacy, while taking the bulk of the legwork off of you. While a service can certainly miss something, it is less likely to miss something than you are. Additionally, there are services that provide an immediate alert when a new account is opened, or when some other action takes place. This can help you get on top of the situation immediately.
Most people who sign up for credit monitoring services do it for the peace of mind, and to get a break from some of the workload. Whether or not a credit monitoring service makes sense for you depends on how concerned you are about identity theft, and how much time you have to complete the due diligence that is required to properly monitor your own credit.
By now, you’ve probably heard about Heartbleed, the security vulnerability that affects more than 66 percent of the sites on the Internet. Heartbleed is a vulnerability in the OpenSSL software that is popular for web site encryption.
While it’s tempting to swear off the Internet forever, that’s probably not a viable option. Instead, it makes more sense to be careful about how you use the Internet, and take steps to protect your information and your identity. Here’s what to do if you are concerned about Heartbleed:
First of all, don’t panic. The Heartbleed vulnerability only allows someone to grab 64k of data at a time. But here’s the thing: It’s only random data. The person exploiting Heartbleed can’t choose which data to grab. Of course, different data can be grabbed from the server over and over again, and the exploiter is bound to come up with something “good” at some point.
From the NSA to hackers, the Heartbleed vulnerability has been available for more than two years. While some of your information might be out there, and your identity might be compromised, you don’t want to over react. Take a step back, avoid panicking and move forward.
Find Out Which Sites are Vulnerable
Next, you need to figure out which sites are vulnerable to Heartbleed. A number of sites have already fixed the problem, so it might not be an issue. Unfortunately, you can’t rely on the old methods of determining web site security to find out if there is a Heartbleed problem.
The good news is that there are lists and web apps that can help you check for Heartbleed vulnerability, letting you know if something needs to change. You can also read this helpful guide from IT World, which takes you beyond the lists and apps, which might not always be completely accurate.
You can also install a plug-in from Chrome or Firefox to help you identify sites vulnerable to Heartbleed as you surf.
Find out which of your heavily used sites are vulnerable, and then go from there.
You will need to change your passwords on sites that are vulnerable to Heartbleed. However, realize that this doesn’t do you much good until after the site has updated its OpenSSL to reflect the fix. Until the site itself has updated, changing the password won’t help much.
Once the site is updated, you need to change your password. One of the best things you can do is to use different passwords for each site. This is because many hackers know that consumers often use the same username/password combo on multiple sites. Cracking one could open up your entire life. Don’t let that happen.
Good password practice is to choose a different password for each site. If you don’t want to try to keep track of them all, identity theft tools like password managers can help you keep different passwords without having to memorize them all, or hunt them up on a piece of paper.
In any case, you should rotate your passwords regularly, at least every six months, for maximum security and identity protection. Even without Heartbleed threatening your identity, you should pay attention to your passwords and change them regularly.
Keep Tabs on Your Credit Report
Finally, make sure that you keep tabs on your credit report in order to catch potential identity theft. This is a good idea anyway. Watching your credit report can send up red flags if your identity has been stolen and someone is opening fraudulent accounts.
You can keep watch on your credit situation with the help of free resources, as well as paid resources that can monitor your credit for you, and send regular reports.
You should be concerned about Heartbleed, and you should pay attention. However, you shouldn’t panic. Take appropriate steps to safeguard your information, and focus on good password practices, and you should be able to weather the storm.
Last week, I was on vacation with my son in San Diego. We had to go to the mall to replace the recharging cord for my phone. While we were on our way back to the hotel, a young activist approached us, looking for a donation to his cause. I agree with his cause, so I was on board with making a one-time donation with my credit card.
Things changed, though, as I started filling out the form he provided. When I got to the payment part, I was expected to enter write out my credit card number and expiration date.
I asked if there was another way to pay. While I don’t doubt the activist’s furor, and I think he would probably do what he could to protect this sensitive financial information, I just didn’t feel comfortable writing out my credit card number on a form at a mall fundraiser. I felt bad that I had started to fill out the form before reading everything through, and I felt bad I wasn’t going to be providing a donation after all.
But providing that information on a random form, with the opportunity for theft at any turn, just didn’t appeal to me. I probably spend too much time writing about money, credit, and identity theft.
However, activists and others don’t have to rely on people being willing to share their credit card details. From small business owners to independent artists to just about anyone else, it’s easy to transfer money without the need for a lot of personal financial details.
Alternatives to Sharing Your Credit Card Number
There are plenty of options when you have a smartphone. Card reading apps like Square and PayAnywhere are increasingly common, and you can get the card reader for free without too much trouble. A customer can swipe the card, choose whether or not to pay a tip, and move on. It’s quick and easy, and your data remains safer than if you write out your credit card number on an unsecure form.
When I mentioned Square to the activist, he said that many of the people working for the cause couldn’t afford smart phones. While that is a setback in terms using a card reader setup, the reality is that Square isn’t the only option.
There are person-to-person payment options these days, like PopMoney. If you accept payment via these types of service providers, you don’t have to ask for personal information; just have the person paying send you the money via text. No smartphone needed.
It’s also possible to facilitate these types of transactions with the help of PayPal, Dwolla, and other similar systems. Once, at an art festival, I bought something from a local artist, and I paid for it with PayPal. It was quick, easy, and there was no need for me to write down my credit card information.
With money increasingly digital, there are a number of ways to protect your credit card number and still pay for just about anything. While I sympathize with the activist’s cause, I wasn’t about to expose my personal financial information in that way. There are plenty of other options that don’t cost much, and that can make things convenient for everyone – and reach customers and donors in a way that allows them to remain comfortable with the transaction.
You can’t be too careful with your financial information. Just as you may not be comfortable with providing your Social Security number to others, you may not feel comfortable providing your credit card information. If you are worried about the situation, don’t give up the information.
And, small businesses and activists can help out, too. There are a number of alternatives to asking people to write down their credit card information. If my school’s PTA can get on board with these alternatives, I’d think young, tech-savvy activists could as well.
You might be surprised to learn that your credit report can help you catch identity theft. One of the tools in your arsenal, when it comes to addressing identity fraud, is the frequent checking of your credit report. Your credit report is more than a list of your accounts; it can also be a red flag.
Catch Identity Theft
When your identity is stolen, the fraudster is likely to use your information to open new accounts. These fraudulent accounts will appear in your credit report.
If you want to catch identity theft early on, you need to regularly check your credit report. You can get help in that area by going to AnnualCreditReport.com for the free report you are entitled to each year from each of the major credit reporting agencies.
Go through the information in the report, keeping an eye out for accounts that you know you didn’t open. If you see accounts that aren’t yours, you need to let the credit reporting agencies know. Call them, and then follow up in writing.
It might be necessary to place a credit freeze on your account if you are concerned that it could happen again. With a credit freeze on your account, you will be notified before a new account can be opened using your information. That can prevent another situation in which your identity is stolen and used to open credit in your name.
You might just red-flag your account as well, instead of placing an all-out freeze on the account. With the red flag, lenders are supposed to take extra steps to ensure your identity before opening an account in your name. It doesn’t always work as effectively as a credit freeze, though.
Even if you place a freeze on your account or have it red flagged, it still makes sense to keep tabs on what’s happening with your account. The good news is that there are plenty of web sites where you can keep tabs on your credit for free. While it’s not the same as looking at a full credit report, it can still be helpful, since you can usually see when something new pops up, and identify changes to the situation.
Your credit report is your first line of defense when you want to catch identity theft early on. Regular attempts to keep tabs on your report, and what’s in it, will allow you to identify problems quickly and move to take care of them.
Fraudulent Charges: Check Your Account Statements
While you do want to check your credit report regularly in order to identify fraudulent accounts, you also need to keep up with your account statements to make sure that you can see fraudulent charges.
While your credit report can help you catch identity theft as it relates to new, fraudulent accounts, it won’t provide you with information on fraudulent charges. For that, you need to check your accounts regularly. Go through your bank and credit card account statements on a regular basis so that you can see what’s happening with your purchases.
Sometimes, instead of opening a new account in your name, an identity thief will just take information about your credit cards and make purchases with that information. You will want to catch that type of identity theft early on and dispute the charges. If you catch it early enough, you can get your zero liability fraud protection in full, and avoid being responsible for the charges.
Your credit can be an indicator that your identity is being tampered with. You need to keep track of what is happening with your credit, and be sure that you are on top of the situation. Check your credit report every three or four months to see if there are fraudulent accounts. Check your account statements each month for fraudulent charges. You can even use the Internet to check your account charges more frequently, if it makes sense for you.
There is no way to completely prevent identity fraud; it is only with vigilance that you can expect to catch identity theft.
One of the best things you can do to protect your identity while shopping online is to make sure that you are using a secure website.
While there is no full-proof way to keep your identity safe, you can reduce the chances that your identity will be stolen when you take appropriate precautions. Shopping online is convenient and usually safe — as long as you make sure you are on a secure website.
Before you enter your credit card information and other personal information, make sure you are on a secure page with the help of these indications:
One of the easiest ways to see if you are on a secure website is to look at the address bar. Does it read “http” or “https”? The secure version should have the “s” at the end of “http.”
When you first start shopping on a website, it might not be secure. That’s usually not a problem. It really matters when you are ready to check out. As you switch to the page that requires you to enter payment information, you should watch for the addition of the “s.” If it doesn’t show up, don’t enter your sensitive information; it might not be secure.
You should also check for the “s” when you prepare to enter login information. This will reduce the chances that your user ID and password will be compromised. Remember that you want to protect your user ID and password just as much as you want to keep your payment information as safe as possible.
Another thing to watch for near the address bar is a lock icon. This is a simple icon that looks like a padlock. If the website is secure, the lock will be shut. However, if the page you’re on isn’t secure, the padlock will be open. Get used to checking for the icon in order to identify secure pages. Don’t enter any personal information that you want kept private until you see that locked icon.
You can also click on the icon to make sure that that it is legitimate. In some cases, fraudsters try to build websites that imitate some of the icons, using graphics that look like padlocks. You can click on the icon to see the security information about the site. If there isn’t security information, or if there isn’t the letter “s” in the “http” portion of the address, that could be an indication that you are on a fraudulent site.
Once again, just looking for an official looking graphic isn’t a sure way to make sure that you are on a truly secure website. However, if you combine your search for third-party verification with the address bar and lock icon, you are more likely to determine if the website is secure. These third-party verifications can offer you peace of mind, and indicate that the website keeps up-to-date with the latest online security practices.
These seals are difficult to duplicate, but that doesn’t mean that it isn’t possible. Take precautions by checking other aspects of the website to ensure that you are on the right track for a secure browsing experience.
Leave the Site if You Aren’t Sure
If you think something looks “off,” or if you are uncomfortable with the information that is being asked of you, leave the site immediately.
Don’t enter information into a site that you aren’t sure of. You want to feel confident about the situation, and if you don’t, go with your gut and leave.
No matter how hard a retailer or website operator tries, though, there is a chance that you will be a victim of a data security breach, or that some issue will arise. Pay attention to these situations, and make sure to change your password regularly. Also, try to avoid using the same login information for multiple sites.
Another strategy is to use one card for all of your online shopping. That way, if one card is compromised, you aren’t trying to fix the problem on multiple cards.
With a little extra vigilance, it’s possible to reduce the chances that an insecure website will result in identity theft.
When it comes to your identity, it’s important to protect yourself. The good news is that there are plenty of ways to shield your identity against fraudsters. Here are 5 tools that can help you reduce the chances that identity theft will get the best of you:
First of all, one of the best things you can do is have a variety of strong passwords protecting your information. Many consumers don’t like to have a lot of different passwords, instead preferring to just remember one password instead of several.
Unfortunately, this can make it easy for fraudsters to access multiple accounts. If you want to limit the damage from identity theft, you need different username/password combinations for all of your accounts. That way, stealing information for one account won’t result in compromising all of your accounts.
You can use 1Password to create strong passwords and store them in a secure way. You only have to remember one password, and this app takes care of the rest. It’s a simple solution that protect all of your accounts with different passwords.
This is the web site set up to allow you access to one free credit report each year. AnnualCreditReport.com allows you to get a credit report from each bureau once a year for free. You can spread it out so that you get one report from each every four months. Checking your credit report regularly can help you catch fraud early, and stop it from going further.
Just paying attention to your credit report is one of the best remedies for identity theft. If three times a year isn’t enough, you can pay to access your credit report, or you can get access through free credit information sites like Quizzle.
3. Online Account Management
If your bank and credit card issuers off online account management, take advantage of it. Sign up, and then log in at least two or three times a month. This way, you can keep track of transactions and identify potential problems.
Rather than waiting for statement delivery, you can be right on top of any issues that crop up. Use online account management to monitor your transactions and then report fraudulent transactions.
You can also use personal finance apps that automatically track your accounts. Check in with what’s happening, and you can avoid problems down the road, taking care of issues quickly.
4. Credit Monitoring Services
You can also take advantage of credit monitoring services. There are a number of them out there, and they can help you stay on top of changes to your credit situation.
Each of the three major credit bureaus offers credit monitoring. Additionally, there are a number of credit monitoring and identity services from LifeLock and Identity Guard. Before you buy, though, it makes sense to shop around a bit. While there are indications that credit monitoring can help protect your identity, not all products are created equal.
Credit monitoring services can’t really do anything that you aren’t able to do, but it can give you peace of mind. You don’t have to be constantly watching if someone else is doing it for you. Before you sign up, though, make sure that you understand exactly what is offered, and that the alert situation matches your needs.
5. Credit Freeze
Another tool that can help you protect yourself is the credit freeze. You can actually request that a freeze be placed on your credit. This way, if someone tries to open credit in your name, they are blocked. In many cases, it requires some hoop-jumping to lift the freeze. You are pretty well protected, but it also means some inconvenience for you. Plus, a credit freeze might cost you some money.
If you want a less expensive and less limiting option, you can place a fraud alert on your account. However, in order to take advantage of this option you might have to first be an actual victim of identity theft. The fraud alert doesn’t mean that credit will be denied, but it can mean that issuers do a little extra legwork to verify your identity before moving forward.
A freeze or an alert can be helpful in discouraging fraudsters and protecting your identity.
Take the time to find ways to protect your identity. While nothing is full-proof, you can limit the damage with a little effort.