My last post regarding fraudulent fund raising for Haiti really demonstrates how in the modern age of social networking we have to be more careful than ever about protecting ourselves online. In today's post I want to talk a bit about how seemingly innocuous information can really put you at risk.
Entering your ZIP code into a website is a pretty common occurrence, and you'd think that this information wouldn't be very useful, however here are just two examples of things that use your ZIP code for security:
- Most gas pumps require your ZIP code when you use a credit card
- Some email services use your ZIP code as a part of a default password.
Now I know that you can't really have an online life without ever entering your ZIP code, I just wanted to point out that even information that you don't normally think twice about disclosing could possibly be exploited in the wrong hands.
So what do you do to keep safe?
First, keep your wits about you when you are entering any information into a browser. Check for security (https instead of http, the little lock in the address window or at the bottom of your browser, etc.) any time you're entering information that could be exploited. Most companies are very aware that consumers are concerned about security risks, and if their site isn't secure you shouldn't hesitate to call them and ask for another way to deliver your information. If an offer sounds too good to be true, it likely is... do your research! Make sure that links you click on in an email actually match once you've arrived there in a browser, just because it says www.yourbank.com doesn't mean that's where it leads (click that link and see what I mean).
When you are doing online banking, I always recommend that you close all other browser windows and tabs and use only your bank's site until you are done. When you finish an online banking session, use the "log out" or "log off" feature on the site and completely close your browser to clean out any remaining tokens or cookies from the banking session. I always recommend that you select a unique and strong password for your online banking, and that you never use that password for anything else. (This holds true for any financial website, such as your 401(k), stockbroker, or other investment site.)
Next, I'd recommend that you look into the security settings on any social-networking sites that you use. There are several great articles about how to securely use Facebook, Twitter, and other social networking services. Most of these services even offer their own guides regarding their privacy policy (Facebook's can be found here). Many services also have a method where you can check and see what a public user sees about you. If a site does not have this service, log out and do a search for yourself and see what you can see.
Once you've got your privacy settings squared away to your liking, the next thing to keep in mind is to think before you post. If "friends of friends" can see your information, you may want to refrain from posting "Just bought a new huge flatscreen TV and surround sound theatre, had to cancel alarm service in order to make payments" to your social networking site (especially if it's going to be followed by "Forgot the cables, have to go back to the store" ten minutes later). It's becoming more and more common for thieves to choose their targets carefully, and you don't want to give them any information that will make you a victim.
One final bit of advice would be to seperate out your personal online space from your games. There are many popular games on social networking sites, however as these games grow in popularity they also grow in risk, by having a seperate "gaming" avatar, you can protect your personal information and still have fun online. (Footnote: even with your personal information unexposed, there are still ways to get scammed playing these games, so please be careful out there!)
While it is wonderful that modern technology makes it so much easier to share information and connect with people, it comes with the responsibility of making sure that the technology is used in a safe way. Being aware of the risks where your personal information is involved, and taking steps to mitigate these risks, helps to avoid the problems that these new tools can bring without negating the benefits that this technology brings to our lives.
About Me
- Jonathan Watts
- Los Angeles, CA, United States
- I have over 15 years of professional experience in the I.T. field, working with individuals and small to mid-size businesses. I've received a certificate in Project Management from UCLA, and I am a member of PMI. I have expertise in Active Directory, Open Directory, VMWare, Windows, Mac OSX, *nix, Exchange, IIS, Cisco, Forefront TMG, MARS, ACS, CSA, EMC, NetApp, and Websense. I've worked in all aspects of I.T., from end-user support to engineering and design.
Subscribe
Posts
Comments