Stop Oversharing Your Identity & Privacy Details
When was the last time you stood on a street corner and handed out leaflets to complete strangers with your passport, bank account and NI Number? Would you walk up to other passengers on public transport and share your email address with them? What about your Twitter login credentials? Of course you wouldn’t. Yet every day, you could be oversharing your Personally Identifiable Information (PII) in very similar ways. This is extremely helpful to those that wish to build a profile on you, but the little critters will steal it without a moments care or concern of the impacts to you.
When you really think about it, you’ll start to realise how seemingly honest questions are actual attempts to elicit personal data from you. You may have heard this term ‘social engineering’, it’s an extremely effective and subtle phishing technique. Perhaps you recognise some of the following crafty ploys.
You spot a new store when you’re shopping online, and a pop up offers you a 25% discount when you provide your email address. When you go to exit the screen, it will ask you to fill in your email address. Agreeing to this exchange – your email for the discount, will likely result in an increase in spam to your inbox.
Competitions & Quizzes
What’s the harm in giving away the name of your first pet, or your mother’s maiden name or even your email address – it’s just a harmless competition! Are you sure? Yes, they’re fun to take part in, who doesn’t want to know their unicorn name or the meaning of their maiden name? The real winners though are the companies that are collecting and then selling your personal data.
You’re curious if you could save some money on your mortgage interest, and an online mortgage calculator is nice and easy, and quick to do. But how much of your PII will you have to surrender before you discover how the new rates might lower your monthly payments. Proceed, and you’re turning yourself into a hot sales lead. Watch your email and phone activity dramatically increase.
Does that local restaurant mobile app really need your location data to join their rewards scheme? Sure, if it’s a map app it would require your location information. Think twice about approving location data access.
Requests for Photo ID
When was the last time you were asked to provide a copy of your passport or driver’s licence for identification? It is common practice at some dating sites to request a photo ID at signup. This makes perfect sense; individuals should be reassured that others using the site are who they say they are.
When you have agreed to provide your ID because the request seems legit, ask them how they will secure the scan, how long it will be stored, and is the storage encrypted? These are basic data protection questions and any responsible organisation can answer these questions.
Sad but true that you won’t be able to patch every single hole in your identity’s digital footprint, so prioritise the ones that matter most, like your money related accounts. Review your bank statements regularly then shred your paper statements, change your passwords every few months, use a secure browser when using online banking sites, and stay vigilant against phishing emails and phone calls.
Opt-out of lead generating lists that credit bureaus and brokers sell on to businesses who create credit or insurance offers which end up in your inbox, or at the end of the phone. Make time to take more control over your PII.
The number one vehicle for social engineering scams is phishing emails and spam. Protect your inbox by creating one email address and use it only for online shopping.