The speed with which we can transact business and gather information on the internet means that we’ve all got used to doing and knowing everything at the touch of a button.
However, the information superhighway works both ways: the quicker and more often you gather information and make purchases, the greater the trail you leave behind you. Data gatherers pick up this information that you leave to sell to data analytics firms and data brokers, who sell it to advertisers such as Amazon.
While individuals harvesting your data for advertising might be annoying, identity fraud or account fraud can have devastating consequences. Here are some tips to help you keep your identity safe:
1. Request data access
One of the first methods you can use to protect your identity online is to make sure what information companies have attached to your profile. Many companies, such as Rightly, help you make data requests to online companies and platforms. Many companies under the GDPR have to provide you your data by law. This allows you to understand what type of data online services collect.
2. Don’t overshare on social media
Everything you put on social media is in the public domain. Most people already know your name and your date of birth on Facebook, and that provides an excellent building block for identity fraudsters to build up a replica of your identity or steal your account details. Think before you post.
3. Use strong passwords
Use different passwords for each account, and make sure these passwords are hard to guess. Never incorporate your date or place of birth or any other personal information into your login. Make sure you use a combination of letters, numbers and symbols.
4. Lock your devices
Make sure you set a PIN code for each device, and in the event of theft, report it to your network provider. If you log into a secure site, never click the option to save your password. If you upgrade your device, make sure to remove SIM cards and wipe the data before disposal.
2. Beware of public computers and wifi
Assume everything you do on a public computer is visible, especially on unlocked terminals in internet cafes and libraries. Similarly, when using public wifi, never log into password-protected sites.
6. Ignore phishing emails and calls
If you receive an email or a call from a financial institution asking you to provide your credentials, don’t; genuine financial institutions will never ask for this. If you are in any doubt, refuse and check with the institution first.
7. Use VPNs and alternative browsers
When logging into sites with sensitive login data, use a VPN. Try to avoid Google and use a search engine that doesn’t track your browsing history such as DuckDuckGo. Never, ever send financial information via Gmail or any Google services.
How do I leave an information trail?
Take Google as an example, the moment that you log on to Google you start creating a trail. Google knows who you are, your personal details, and from there it logs every site that you visit. No, deleting your browser history doesn’t make a jot of difference: that only deletes the history from your device. The record of your browsing history remains at Google HQ, including records of any online purchases.
Oh, and your Gmail account. That also informs Google of your interests, political leanings and everything else you send in emails.
Then there’s social media. Most forms of social media are free, so the operators have to make money somehow. This means that they sell your data. Every like, share, post and retweet is analysed to mark you for targeted advertising, and any purchases you make through Facebook are analysed. Facebook messenger is pretty much an open book, as is WhatsApp.
Most people use Facebook to sign up to dating sites such as Bumble and Tinder. Facebook can then tap into data provided by these apps. They monitor your app use to gauge your current relationship status. Added to this, you’ve probably given permission for Facebook to see what apps you have installed on your phone, so they can build up a profile based on what type of apps you use and how much you spend on in-app purchases.
So on the whole, if you think you have an online private life, think nothing of the kind. As long as you’re online, you’re being followed.
Offline, credit card companies are following your purchase history, and card terminals are selling the anonymised data of all your transactions to interested parties. Basically, everything you do is creating information, and information is money to someone. In fact, the market size of US big data was 35 billion in 2017 which is expected to grow well into the future.
The good news is that there are the General Data Protection Regulations, or GDPR. They restrict who can hold your data, for what purpose and for how long. In order to disseminate your information, they need your permission first in order for such use to be lawful.
However, permission is asked within long and tedious privacy policies that people often don’t have time to read. They accept the agreement without really knowing what data they have signed away. People don’t know how to get their data back or revoke this access once they have given permission
Moreover, not everyone acts lawfully…
When identity data gets misused
The first indication that all was not well in the world of data came with the Cambridge Analytica scandal. Facebook users had opted to take part in a survey on an app run by an individual known as Aleksandr Kogan. This app was able to scrape the data of all the participants, as well as the data of their contacts, and this affected 87 million people in the largest data breach ever.
The most astonishing thing about this case was the fact that it had taken this long. Existing data protection legislation such as the 1998 Data Protection Act dated from the first decade of common internet use, when social media was still in its infancy. As a result, it was no longer fit for purpose.
While the GDPR went some way to addressing this, it’s only a deterrent to those who stand to lose by getting caught. Identity fraudsters have no such qualms about misusing personal details, and they are looking for deep data that they can use to impersonate individuals for the purpose of fraud.
For many victims, this can take the form of a call, supposedly from a trusted financial institution, that encourages them to log onto a replica of a website where their details are harvested:
Sometimes it’s even simpler: some secure websites require users to supply a secret question and answer to log onto a website. This may be the name of a pet, or the name of a first school. Because of the tendency for people to overshare on social media, this is information that can be harvested for nefarious purposes.
Your privacy is constantly under attack on the internet. Everyone who has used the internet would have come across some type of malicious site or email that looks to steal information or passwords. It is very important to change up passwords between accounts and be weary of fishy looking links in emails.
What’s more, large social media companies and tech giants are constantly harvesting identifying personal data from their users and customers. If you use social media such as Facebook, you will have had your data stored. Data access requests are crucial in order to find out exactly what data is being held by companies. Data leaks on these platforms do happen and this is a huge threat to your online accounts and personal data.
Use the list in this article to help you increase your privacy by protecting your identity and online based accounts.