As recent revelations about Facebook and Google’s ability to collect, retain, but not necessarily protect, users’ personal data should make it clear — the internet is not a place that cares much about your privacy.
People leave digital trails whenever they log onto to sites such as Facebook, and our online lives, in the form of old accounts, emails and forgotten files, can live on forever if left unattended. All of that information is like gold to scam artists, who can do severe damage with just a bit of a victim’s personal information.
“With identity theft in general, it’s billions of dollars” in losses, said Reanna Smith-Hamblin, president and CEO of the Better Business Bureau of Louisville, Southern Indiana and Western Kentucky. “It’s scary.
“I would like to say people should be aware right now” of data theft, in light of the Facebook scandal, Smith-Hamblin said. “But a lot of people think, ‘It’s not going to happen to me.’ “
The Better Business Bureau and the Nation Cyber Security Alliance recommend people take steps to clean and safeguard their data with a “digital springing cleaning.” By getting rid of old files, strengthening passwords and properly trashing unused devices, people will reduce the chances they’ll become a victim of identity theft.
“It can happen to anyone,” Smith-Hamblin said, who said she has had credit card information stolen, which had made her cautious about when and how she uses her card.
The BBB and NCSA recommend people start their digital spring cleaning by making sure all of the devices they use, such as computers, phones and tablets, have the most recent updates. A device that isn’t current on its updates could be vulnerable to viruses and spyware.
Smith-Hamblin said people should avoid the temptation to use the same password for all of their devices and accounts.
Passwords should also not use personal information, such as names or birth dates, she said.
“It’s important to use things that don’t pertain to you,” she said. When possible, use “two-step authentication,” where special code is needed to log into an account. NCSA also recommends using biometrics, such as fingerprints.
Apps can be convenient but can also be nothing but data miners in disguise.
“You have to look at (apps) carefully, because some of them are getting into information they don’t need,” Smith-Hamblin said. The agencies recommend deleting unused apps and making sure current apps are up-to-date.
Old emails, old files and documents should be deleted, and people should unsubscribe from unneeded mailing lists. If a document is very important, keep a backup copy in a protected cloud site or on a protected device, the agencies recommend.
Unused devices should be wiped clean and shredded — that includes old flash drives, external hard drives and devices like copiers and fax machines.
There are professional services that wipe hard drives properly, Smith-Hamblin said. Trying to wipe a hard drive yourself might leave data on your computer.
“You need to have someone professional do it for you,” Smith-Hamblin said. “When you can, people should look for free shredding events” that shred both documents and electronics, and dispose of unused devices, she said.
While getting rid of old data and devices, also be sure to deactivate old accounts, Smith-Hamblin said.
“Some people might have two or three Facebook” accounts, she said. “Just Google your name and see what comes up” for old accounts, she said. “If you find accounts out there that you don’t use, contact the provider and have them shut down.”
Finally, an important part of of cybersecurity is monitoring against credit card fraud, banking fraud and identity theft. Smith-Hamblin said people can monitor their credit reports through the website annualcreditreport.com, which provides people with three free credit reports annually.
“That way, if there’s something unusual on there, you can … find out what’s going on and dispute it,” Smith-Hamblin said. Likewise, people should regularly monitor their bank and credit card accounts for fraudulent activity.
Banking apps are convenient, but users should used pass codes or biometics on their apps, and keep close watch on their accounts.
“If you are going to use an app like (a banking app), use due diligence,” Smith-Hamblin said. “Keep your phone locked and know where your phone is at all times.”