When it comes to online identity theft, it’s a minefield out there.
Every day, some cyber crook is devising new ways to sneak into our online accounts and pilfer money, or just our sanity.
Hackers are getting better, becoming more sophisticated in their methods and targets.
‘‘In the last five years, the bad guys have gotten as good as or better than the good guys,’’ says Robert Siciliano, a McAfee online security expert.
Privacy Rights Clearinghouse says that since 2005, about 560million medical, financial and personal records of consumers have been breached by hackers who broke into databases of government agencies, hospitals and companies from General Motors to Twitter.
‘‘Based on the massive amount of information that people give away [online] and the staggering number of security breaches that occur each year, it’s inevitable you’re going to become a victim,’’ said Adam Levin, founder of IdentityTheft911, a security-breach consulting firm.
But there are ways to toughen up our defences against online identity theft. Here’s some advice:
■ Beef up passwords
Passwords should never be a dictionary word, a sequence of numbers/letters (i.e. 45678 or abcdef) or anything that’s personal.
Instead, they should be at least eight characters, a mix of upper and lower-case letters, with a combination of letters and symbols (, &, $, etc.).
■ Skip the quizzes
All those trivia quizzes, polls, surveys and personality tests that populate the online universe may be perfectly benign. Or they could be a cyber crook trying to assemble puzzle pieces of your identity.
‘‘You have to look at the information elicited through those quizzes as components to a nuclear weapon,’’ says Levin.
‘‘Many of these personal factoids are harmless on their own but when combined, they create a mosaic of your life.’’
■ Answer with caution
When signing up for online accounts, we’re often required to answer security questions: your first pet, favourite colour, mother’s maiden name. If someone wants to break into your online accounts, every answer they need could already be out there via social media. Instead, use fake answers to security questions.
■ Don’t click
‘‘Don’t click links in the body of an email. Ever,’’ says Siciliano.
■ Social media savvy
Never post your email address or your full birth date (especially the year) and lock down your account so it’s viewable to friends only. Don’t accept friend requests from people you don’t know.
■ Palm of your hand
At the very least, everyone should use a password on mobile phones.
And don’t click on the ‘‘Save my Password’’ feature, says Levin.
If your mobile device lands in the wrong hands, it could give instant access to everything on it.