Search this Blog

How Secure is Your Personal & Financial Data?

 By Hector Cisneros

Image courtesy Pixabay

If you read the recent headlines about the data leak involving more than a half-billion Facebook users, you’re probably shaking your head wondering what happened to personal privacy.  If you’ve been keeping up with the news, last year there were massive data breaches where hackers penetrated Fortune 500 companies like Microsoft, General Electric, MGM Resorts, Marriott, Walgreens, Carnival Cruise Lines, AmTrak, and T-Mobile just to name a few.  Recently,  Facebook exposed the name, location, birthdate, email address, phone number, ID, account creation date, relationship status, and Bio due to a known vulnerability that it allegedly fixed in 2019, according to a blog on the Verge.  

What’s more troubling is how rampant the data breaches have become. In a 2020 post entitled, The Most Significant Breaches of the Year, IdentityForce identified 83 well-known companies and 2 security services including the US Marshal’s Service that were hacked.  Not only was the personal and sometimes the financial data of consumers compromised by cybercriminals but much of the ill-gotten gains were then resold on the dark web.  As you can see, these are by no means isolated incidents.

Once in control of sensitive data, cybercriminals can not only profit from the information, in some cases the breaches give them access to everything from email addresses of other potential victims to having the ability to lock the legitimate user out of their account or even assume their identity.  As a result, the losses caused by these breaches continue to grow year after year, reaching $4.2 billion in 2020 according to the FBI.  In a report recently issued by the Internet Crime Complaint Center, the top-10 list of ways that hackers have profited from data breaches reads as follows:  

1.      Email Account Scams: $1,866,642,107

2.      Confidence Games/Fraud: $600,249,821

3.      Investment Scams: 336,469,000

4.      Non-Payment or Non-Delivery: $265,011,249

5.      Identity Theft:  $219,484,699

6.      Spoofing: $216,513,728

7.      Real Estate Swindles: $213,196,082

8.      Personal Data Breaches: $194,473,055

9.      Tech Support Scams: $146,477,709

10.  Credit Card Fraud: $129,820,792

Image courtesy Pixabay

What’s even worse is that the losses are even higher since not all cybercrime is reported. Some of the scams are so slick that those targeted don’t even realize they’ve been had.  Tech support scams and scams that specifically target the elderly are underreported.  Yet those over age 60 experienced the highest reported losses of nearly $1 billion in 2020 alone.   The bottom line is if you haven’t been targeted by cybercriminals, it’s only a matter of time before you are.  

To help you protect your personal and financial data, these are the things you need to do:

1.      You have to be suspicious about everyone who contacts you via email or text.  Even if you recognize the organization or person who sent you a message, you need to ignore any solicitation or hyperlink attached to it until you verify it.  As I showed you above, cyber thieves are very adept at imitating (otherwise known as spoofing) people and companies.  The first thing hackers do once they breached a system is duplicate (AKA clone) a site to either imitate a user or an organization.  Make a donation or a purchase from one of these cloned sites and you can kiss your hard-earned cash goodbye.

2.      Delete your account at closed or little-used sites.  Leaving an account open and unattended is like leaving your car in a parking lot with the keys in the ignition. Anybody who wants to can climb behind the wheel can take over your account.

3.      Limit what you share on the social nets.  Even if you’re a dyed-in-the-wool social butterfly, crooks can use the information you post to cash in.  Especially if the information includes your birthdate and the names of your pets or children, cybercriminals can use this info to guess the answers to the security questions on your credit card and online banking sites.

4.      Speaking of credit cards, when making online purchases, set notifications so you’ll know when your cards are used, only use cards that have small limits, or use one-time credit cards.  This way if your card is hacked, it will limit any fraudulent purchases.

5.      Don’t forget to log out on banking, shopping, and brokerage sites.  If you leave your account open, it’s like leaving the cash drawer open and walking away from the register. 

6.      Secure all your devices, including desktop, laptop, and tablet computers, smartphones, smart appliances, routers, and every app associated with them.  If you neglect to change the password on any device or app and leave the default setting in place, you’ve just given thieves the keys to the vault. Wherever possible, use 2-step authentication to help maintain security at sites where you’re forced to reveal sensitive data or make purchases.

7.      Make sure your passwords are at least 12 characters long including upper and lowercase letters, numerals, and special characters. Change your passwords frequently.

8.      Back up all your sensitive data to an external drive.  This way if you get hacked or your device is locked down due to ransomware, you’ll be able to resurrect all your files without having to pay a hacker.

9.      Never use public Wi-Fi nodes.  These are hacker havens that can be used to drop malware onto your machine as soon as you log on.  If you must use a device while away, spawn a hotspot with your smartphone.  It’s much more secure, provided you keep its security up to date.

10.  Buy a shredder and use it.  Hackers aren’t the only nemesis to your financial security.  Not when a crook can dumpster dive to recover financial statements that you tossed in the trash.

11. Buy single use or refillable credit cards and use them for online transaction. This limits your lability and any possible financial losses.

12, Use two step authentication when ever possible, especial with bank accounts. Ask all the website that you use and have accounts with to add two step authentication if they don't already have it,

13.   Don’t be so gullible.  People fall for the simplest of ruses.  If someone from the IRS or the police calls you out of the blue and threatens to put you in jail, ask them for their phone number and tell them you’ll call them right back.  I guarantee all you’ll hear is the click as they break the connection.  The IRS, Social Security and other government entities will never call. text or email you until they’ve sent you information via snail mail first. 

Hector Cisneros is COO and Director of Social Media Marketing at Working the Web to Win, an award-winning Internet marketing company based in Jacksonville, Florida.  




No comments:

Post a Comment