Stand in front of a mirror. There's the enemy. Fraud doesn't happen to you in a vacuum. Our personally identifying information (PII) doesn't just get magically swiped. We "swipe" our information all the time, and it's time to stop.
The world runs on information, and no amount wishful thinking will fully extricate you from that. But there are some best practices. As I detail in my forthcoming book, Swiped, we all need to take responsibility for the attackable surface, or vulnerability, of our personal information and our areas of exposure.
1. Pick up a phone, respond to a text, click on a link or carelessly provide personal information to someone we don't know;
2. Fail to properly secure computers or mobile devices (smartphones, tablets or laptops);
3. Create easy-to-crack passwords;
4. Discard rather than shred a document that contains PII;
5. Respond to an email that directs us to call a number we can't independently confirm, or complete an attached document that asks for PII in a non-secure environment;
6. Save our user ID or password for a website or app as a shortcut for future login;
7. Use the same user ID and password on different sites, whether for email, social, financial or school-related sites;
8. Take online quizzes that subtly ask for information we may have provided as the answers to security questions on secure sites;
9. Snap pictures with our smartphone or digital camera without disabling the geotagging function;
10. Fail to replace a manufacturer's default password with a long and strong one of our own on any connected appliance or electronic device that we put in our homes;
11. Use our email address as a user name/ID, if we have the option to change it;
12. Use simple PINs like 1234 or 9876 or a birthday;
13. Forget to obtain, review and correct our credit reports;
14. Go 24 hours without reviewing our bank and credit card accounts to make absolutely sure that every transaction we see is familiar;
15. Fail to enroll in free transactional monitoring programs offered by banks, credit unions and credit card providers that notify us every time there is any activity on our accounts;
16. Use a free Wi-Fi network, without confirming it is correctly identified and secure, to check email or access financial services websites that contain our sensitive data.
In each of the above instances, we leave ourselves vulnerable to those who consider the theft of our identity as their day job.
The above is an adapted excerpt from Swiped: How to Protect Yourself in a World Full of Scammers, Phishers and Identity Thieves, which hits bookstores everywhere Black Friday.