Growing up, I remember my parents, friends and classmates always challenging me with riddles. “What has to be broken before you can use it”, was one of the riddles that everyone liked. The answer, in case you’ve forgotten, is an egg. Or, how about, “what has a neck but no head?” That riddle has a standard reply – “a T-shirt”. Ok, but who loves to solve riddles as adults? The answer will probably surprise you – it’s cybercrooks.
Yes, those online hackers, stealers of identity and outright criminals who love to solve the riddle of your identity. How? They find, hack and steal clues that include all of your personally identifiable information from a variety of sources, then start putting those clues together until they have the answer to the riddle they’ve been looking for: your identity.
A Closer Look at Personally Identifiable Information
There’s some disagreement among cybersecurity experts as to what constitutes personally identifiable information, or PII. Many experts think that a name, birthdate, phone number and address are not really personally identifiable information by themselves. However, if you put those together, along with other identifiable information like bank account numbers, medical record numbers and passport numbers, for example, the cybercrook has enough of your PII to commit identity theft.
Once they have the information they need, it can lead to your Social Security number – the one item that opens the door to all of your coveted personal and financial information. And that’s when the real trouble begins. But how do cyberthieves get access to your sensitive personally identifiable information in the first place?
It could start with a data breach at a company where your personally identifiable information is kept. That could be a bank, a retail company, an online company where you shop like Amazon or even your neighborhood drugstore. It happens often enough, and it can take time until the data breach is discovered and you’re notified. During that time, the cybercrooks are wreaking havoc with your identity, creating new credit accounts, stealing money from your financial accounts, and a lot more.
Or, it can be as simple as losing your purse or your wallet, accidentally leaving it at a restaurant or store. Unfortunately, many people still carry their Social Security cards in their wallets and once the cybercrook has that, your identity is theirs to use. The lost wallet also gives the cyberthieves access to your credit card information, driver’s license number and more.
Damages that can Occur
Ok, the cyberthief has hacked, found or stolen your personally identifiable information. What can happen to you? Let’s say the cyberthief has your information – they can start by easily creating a new identity, with a new driver’s license number that they could give to the police if they’re pulled over or charged with a crime. All of a sudden, there’s a new criminal record in your name. They can hack into your bank accounts and do heavy damage to your credit, stealing your money and charging up a storm.
They can also apply for new loans in your name, borrowing all kinds of money they never intend to repay. They can also open new utility and phone accounts using your information. Even more damaging, they can steal your tax information and end up stealing your refund or using the information to do other damage. The list goes on and on, leaving a trail of financial and other damage that could take months to untangle.
Protecting Your Information
Many cybercrooks scour people-search sites for personally identifiable information, including sites like Zoominfo, Pipl and Spokeo. Your first step is to remove all of that information from those sites and opt out. The problem is that there are more than 100 of them, all having different rules and regs on deleting your information. It could take a lot of time and effort to accomplish this, as many folks have said it’s like having a second “full-time job”. But it’s worth the effort.
Cybercrooks also love to hack into people’s computers, because most people are using weak passwords. To prevent hacking, be sure you use a strong password, one with a minimum of 10 characters that includes numbers, characters and symbols. Also, each account should have its own unique password. This would cause a lot of problems for people to generate and manage that many passwords, so password managers will help. Some of the top password managers include Keeper, NordPass and LogMeOnce. However, if your PII is taken, you’re in deep trouble.
Phishing emails and phone scams are also easy ways that cybercrooks like to draw you in and steal your PII, by getting you to click on links that lead to spoofed websites designed to capture all of your data. So never open suspicious links and never give out personal information via phone, unless it’s utterly necessary.
Another way those crafty little cybercrooks operate is by waiting for you to log into the Internet at an airport lounge or coffee shop’s WiFi. Never use public WiFi – instead, get yourself a VPN – a virtual private network that will secure all of your online login information and data. There are many services to choose from, including Tunnelbear, Private Internet Access and IP Vanish.
Just to recap about protecting your personally identifiable information online, never click on email links unless you know it’s a trusted source. And never give out any credit card or financial information to websites – even those that look like the real thing. They’re spoofed, and all they do is steal the data you enter.
Always use strong passwords, even if it requires password management to log you on safely. Don’t use any public WiFi connections, instead, get a virtual private network. And be sure to remove any personal data from people-search sites, because that’s where cyberthieves like to troll. Following these steps and using common sense when online will help to protect and keep your private information private.