person in front of laptop taking steps to protect themselves from being hacked

If you think cybercrime only happens in the movies, think again. Year over year, the number of cyberattacks on individuals, specifically identity theft, continues to rise. But there are steps you can take to protect yourself from getting hacked.

According to the 2019 Identity Fraud Study from Javelin Strategy & Research, the number of consumers who were victims of identity in 2018 was 14.4 million. Identity theft occurs when someone assumes the identity of another and gains access to sensitive data.

How Thieves Get Your Information

Solving an identity theft is much harder than avoiding one, so it’s good to know where your information might be compromised. 

First things first: No one is stealing your information by breaking into your house and reading the passwords off of the sticky notes on your monitor. Writing your passwords down isn’t the best solution, but it’s pretty low risk for your private computer. Obviously, don’t do it in the office or at school. Here are some of the most common ways that identity thieves can collect information:

  • Phishing is an attempt to gain your information by disguising oneself as a legitimate organization. You might get an email telling you that there’s a problem with your credit card account and you need to log in to fix it, but when you click on the link, it takes you to a convincing clone of your credit card provider’s website. Once you enter your login credentials on the fake site, they can use them on the real site to steal your money.
  • Password leaks. It’s rare that thieves actually guess or crack someone’s password. Instead, they wait until a huge batch of passwords is leaked from something like Adobe, eBay, LinkedIn, or one of many others that have happened in the last few decades.

“So what,” you might think. “There’s no financial information on my LinkedIn account.” But the thieves can then develop bots that try the same username and passwords on every major banking or credit card website. If you’ve reused passwords, they’re in.

  • Login scams. This one has been going around Craigslist and other marketplace sites for a while. Basically, a thief will pretend to be verifying your identity for the sake of buying something from you. They’ll say “Google just sent you a code, can you tell me what it is?”

In reality, they’ve just tried to log into your Gmail account. Gmail forces you to enter a verification code when you forget your password, but they only send the code to the real you. When you give the thief the code, they can access your Gmail account. From there, they can hold it for ransom or troll through your old emails for other useful login or financial information.

  • Prize scams. A good rule of thumb is that if you’re told you won a prize and you don’t remember entering, it’s a scam. Lots of fake emails will tell you that you’ve won a vacation or a cash prize, but they need your credit card info to verify your identity. Don’t fall for it.

How to Protect Yourself From Getting Hacked

The internet can be a wild place, and scammers are constantly getting cleverer when it comes to tricking victims. Luckily, there are few precautions you can take:

  1. Use a password manager. If you have to write all your passwords down, that’s a step in the right direction, but a true password manager is the most secure option. It allows you to create, track, and enter a brand new password for every website you visit, thus protecting you from password leaks.
  2. Use a dynamic password. You don’t need to come up with a random jumble of letters and numbers that you’ll never remember for every password. Instead, think of a “base” password with letters, numbers, and punctuation – something like “J0HN’Spa$$word.” Then adapt it to each website you use. For your bank, set your password to “J0HN’Spa$$wordbank.” For Facebook, use “J0HN’Spa$$wordfacebook.” Each password is secure, but unique and easy to remember.
  3. Don’t use the internet to provide sensitive information. If you need to give out your password, Social Security number, or another form of sensitive information, never use email, chat, or web forms.
  4. Double check suspicious calls. If you receive a phone call from a company that you don’t know or trust asking for personal information, hang up. Call the company directly to make sure they were the original callers.
  5. Question anything that’s too good to be true. Phony work-from-home companies offer aggressive compensation after you provide a credit card number for your “starter kit.” Call the organization said to be paying you to confirm pay rate and return on your personal investment. If an offer, any offer, seems too good to be true, it probably is.
  6. Beware of email scams. No reputable company will ask you to confirm sensitive information over email. Similarly, distant relatives and Nigerian royalty are most likely not trying to wire you hundreds of thousands of dollars. As always, if you’re questioning the legitimacy of a message, call the company or individual directly to confirm.
  7. Get multiple forms of proof. Get written confirmation of what a company is doing with your information, get in touch with security providers to make sure a company is covered under their protections, and always track your correspondence.
  8. File your taxes early. Don’t wait until April (or July) – thieves can file a false tax return to try to get their hands on your refund, and then when you file, the IRS will tell you that they already have a return in your name. Once you have your forms in hand, file away! The earlier you can get it done, the harder it will be for someone to defraud you.
  9. Look for secure websites. It’s surprisingly easy to fake a legitimate-looking website, so you can’t count on your ability to recognize it on sight. Instead, look for a little padlock icon in the address bar, confirm that the URL is the real site, and if you’re skeptical, call the contact number to confirm.

Stay Safe Online

In today’s digital world, you can’t take the security of your personal information for granted, nor can you stay 100% safe from every threat online. What you can do is to take precautions. If you follow these steps, you stand the best chance of keeping your information and your identity safe.

Be a Champion of Innovative Information Security

In our technology-driven society, where increasingly sophisticated cyber threats continually threaten access to sensitive digital information, cybersecurity professionals have become essential members of nearly all industries. Earn your bachelor’s degree in cybersecurity and become the expert organizations turn to for help protecting digital assets and network security in a variety of settings and industries. Learn more about CSU Global's online Bachelor's Degree in Cybersecurity