How to prevent identity theft

How to prevent identity theft

If you do anything online these days, from banking to shopping, then you’re vulnerable to identity theft.

Unfortunately, the problem is only getting worse with millions of people impacted globally each year and the big institutions are struggling to stay ahead of the hackers. That’s why it’s down to you, to protect yourself.

Reading this (5mins) and doing some of the action items listed may save you thousands of dollars and stress. So let’s dive in and look at what you can do today to protect yourself.

Change your online passwords

If you’re like most people, you’ve probably had the same email password for years. And you probably have the same password for at least two different websites. Change them now.

If you weren’t aware, some of the biggest sites in the world get hacked. LinkedIn was hacked back in 2013 and there are reports that 117 million LinkedIn accounts are being traded on the dark web.

This gives cyber criminals access to your personal information, not to mention your login details (and other websites where you use the same login details).

I suggest you start changing your online passwords for everything and make a habit of doing this every 6-12 months. Use a secure password platform such as OnePassword or LastPass which encrypts your passwords.

Start with your email accounts and check to ensure they are secure. Specifically, check there are no ‘unknown’ email addresses attached to your account. You can usually check this by looking for headings such as: ‘Filters and Blocked Addresses’ and ‘Forwarding and POP/IMAP’ sections (wording may change depending on your email provider).

Don’t keep sensitive information online

They say having a digital copy of your passport is handy if you lose your passport when travelling, however storing sensitive documents online such as passports, car licenses, bank statements and even utility bills, comes with risks.

If you do need to upload personal identification documents to the web, delete the documents after you have sent them from both your email and computer (and don’t forget to empty your trash too).

If you must store documents online, use a secure cloud storage platform and put extra measures around the security of your account which brings us to the next action point…

Set up two-factor authentication

One way to better secure your email and other online accounts is with two-factor authentication. This usually works by having you enter a password which triggers a text message to your phone with a code to enter.

Unfortunately, two-factor authentication can work against you if hackers port your phone. Port forwarding is when hackers set up an account with another phone provider in your name and ask that all messages and calls be forwarded to the new number.

While there are ways around two-factor authentication, it does make it extra hard for hackers to access your information.

Add an extra layer of security

Set up extra security measures with your bank, phone provider, 401K or superannuation company and even utility providers. You can usually do this by adding unique security questions to your account (they MUST be unique) or phone PIN numbers.

Secure your mailbox

Make sure you mailbox/letterbox is secure as hackers can glean a lot of information from looking at your mail. And limit the amount of mail you get by requesting digital versions of bills (remember to delete or store these in a secure cloud platform).

Check your transaction statements regularly

These days we tap and go to make a lot of payments so it’s easy to lose track of what we’re spending a day. Review your bank statements or transactions regularly to ensure there is no suspicious activity.

Know who you are dealing with

Always ensure you know who you’re dealing with. If you receive unsolicited contact and are asked to provide proof of your ID, it is best not to engage. Instead, search the organisation, and contact them yourself. This way you will know for sure you are dealing with the legitimate organisation.

Never open or click on links from emails you don’t know. Never provide your personal or security details, including customer ID’s or passwords, in response to any email, even if it looks legitimate.

Never provide your credit card details over email

Sounds like sane advice but so many people don’t follow this. If you’re purchasing something, make sure you’re using a secure checkout online. Try to use a credit card over a debit card as this offers more protection against fraud. There should be a padlock symbol in the browser window frame when registering or logging into a website. The web address should begin with https:// (the ‘S’ stands for secure).

Secure your devices

There are things you can do to protect your data if your computer and/or mobile devices are stolen. Use FileVault for OS X, or BitLocker if you have a Windows device. These programs encrypt the data on your device and can prevent firmware updates by malware.

Also, consider using PIN numbers to secure your devices.

Detect Malware

Use Little Snitch on OS X or NetLimiter on Windows to know when a specific software application is making outbound connections to the internet. Most of these outbound connections are ok but you’ll at least know when it’s happening and can choose to stop it.

BlockBlock on OS X is another good program for notifying you if a program is trying to install itself.

Don’t plug in USB devices you don’t trust. Some USB’s carry malware.

Go incognito

To defend against network surveillance there is a free program called Tor that lets you browse the internet anonymously. It changes your IP address each time and encrypts your network communication.

You can also disable storing your location on your phone which prevents people from finding out where you are. Images you take with your phone contain metadata that can reveal your location if you send that image to someone.

Set up security alerts

If hackers do access your personal information you want to know straight away.

Your phone provider and banking app should have alerts built in so you know if there are any changes to your account. However, I recommend you check what alert options are available with your own providers and set these up.

I also recommend you have a recovery email address so you’re notified of changes to your main email account. It helps if your recovery email is a work email that you check daily.


Stealing your identity is easier than you think. In fact, if you knew what hackers knew, you would find it hard to sleep at night. (Google “identity theft stats” if you need proof).

However, there are some things you can do to protect yourself. Please take the time to implement some action points from this post. It will be worth it.

If you found this article helpful (and you want to protect your friends and family from identity theft) please share this.

You can also comment below if you want to share some other tips with the Cammy community.