Digital fingerprints: you may be exposing your personal data online without knowing it

Think of your personal information like your digital fingerprint. When you leave traces of it online, you’re leaving behind unique, identifying information that identity thieves may be able to use against you. Stolen personal information can be used to target social engineering scams against you, access and drain your bank accounts, open new lines of credit in your name, and generally wreak havoc on your life.

One of the downsides of living so much of our lives online is that often we don’t realize when we might be unintentionally leaving digital fingerprints for identity thieves to find. To help protect yourself against the risk of identity theft, it’s important to be aware of what personal information you share about yourself and where you’re sharing it. Read on to find out some common ways you may accidentally be putting your personal info at risk online and what you can do to help protect yourself if you suspect your personal data is compromised.

What are some common ways I might be exposing my personal data online?

1.            Filling out forms

Filling out forms is a common online task that we use for everything from online shopping to signing up for newsletters. However, not all forms are created equal. Some forms may ask for personal information that you may not want to share, like your Social Security number, date of birth, or home address. Be cautious when filling out forms online, especially if you’re using an unsecured network, and only provide personal information that is absolutely necessary.

2.            Using public Wi-Fi

Public Wi-Fi may be convenient, but it's not always secure. When you connect to an unsecured public Wi-Fi network, you’re leaving your personal information vulnerable to anyone else with access to that network. That makes it easy for hackers to intercept the network’s traffic, monitor your online activity, and potentially steal your personal data. To protect yourself, avoid using public Wi-Fi when possible. If you do choose to connect to public Wi-Fi, consider using a virtual private network (VPN).

3.            Giving out personal information

It's easy to get caught up in the moment and give out more personal information than you should online. For example, you may give out your personal email address to sign up for a discount, or your phone number to enter a contest. That information could easily be leaked or stolen and used by scammers and cybercriminals to attempt identity fraud. It’s important to be cautious and make sure that you trust the website or company that is asking for your personal info.

4.            Oversharing on social media

Social media is a great way to connect with friends and family, but it's also a huge source for potential privacy violations. Posting personal information, such as your full name, home address, phone number, or even vacation plans, could put you at greater risk of crimes like identity theft or burglary.

Posting photos of yourself or others may also unintentionally reveal personal information, such as where you work or go to school. Be cautious when posting on social media and adjust your privacy settings to limit who can see your posts.

5.            Accepting privacy policies without reading them

When you sign up for a website or service, you are often asked to agree to a privacy policy. Many of us simply click "Agree" without reading the policy in full, but privacy policies often contain important information about how your personal data is being collected, used, and shared. To help make sure you know where your personal information is being used, make sure to read the entire privacy policy before agreeing to it, and if you have any questions or concerns, reach out to the company for clarification.

6.            Using weak or repetitive passwords

Poor password hygiene could put you at greater risk of a cyber-attack, especially if you use the same weak passwords on multiple accounts. Hackers can easily guess common passwords and even use automated tools and methods to guess or brute force passwords that are slightly more complex. To help keep your personal info out of scammers’ hands, use strong, unique passwords for each website or service, and consider using a password manager to keep track of them.

7.            Using unsecured websites

When you browse the internet, you may come across websites that are not secured with HTTPS, as signified by the lock symbol in the URL bar.  Websites that are not secured with HTTPS may be vulnerable to hackers, who can intercept the traffic between your computer and the website. This can potentially reveal personal information, such as your username and password. Make sure to look for the lock symbol and HTTPS in the website address before entering any sensitive info.

What should I do if I suspect my sensitive information has been exposed online?

If you’re concerned that your personal data may have been compromised, acting quickly may help protect you from identity theft or help minimize the damage. Here are a few actions you can take as soon as you suspect something is wrong:

1.            Contact your bank, credit card company, and the credit bureaus

First, reach out to let your bank and credit card issuers know that you suspect you’ve fallen victim to identity theft. Ask them to cancel any contested charges and restore the missing funds to your account immediately. If the transaction has already gone through, you should still be able to dispute fraudulent charges and attempt to get your money back after the fact.

You should also contact the three major credit bureaus to place a fraud alert and ask that they block or remove any fraudulent debts.

2.            File a report with the FTC, the FBI’s Internet Crime Complaint Center (IC3), and your local police station

If your personal data has been exposed as the result of a cybercrime, such as hacking or identity theft, report it to the relevant authorities. Reporting your situation to law enforcement may help them investigate and address fraud on a larger scale.

3.            Freeze your credit

In addition to a fraud alert, you can request a credit freeze to try to minimize potential damage to your credit score. Freezing your credit blocks inquiries into your credit record, preventing cybercriminals from opening new accounts in your name. It’s completely free and easy to do, and the process of freezing/unfreezing can take as little as a few minutes. Just contact each of the three major credit bureaus individually to request the credit freeze, either by phone or online.

When you want to unfreeze (for example, if you’re planning to apply for an apartment or a new line of credit), all you have to do is log onto each credit bureau website using the same account you used to freeze. If you don’t have access to the internet, you may also be able to unfreeze your credit by phone or by mail if you provide sufficient identifying information.

________________________________________

Scammers have all kinds of tricks to try to get their hands on your sensitive personal information. Once they have info like your full name, address, phone number, date of birth, and Social Security number, they can use it to steal your identity and target you with sophisticated social engineering scams.  To learn more about how social engineering works, how you can spot it, and how to help avoid being victimized by cybercriminals, check out our blog. 

What next?

Keeping track of your personal information is an important part of helping to protect yourself against identity theft — but it can be intimidating to handle on your own. Sign up for credit and identity monitoring from PrivacyGuard to help track changes in your credit scores and other sensitive information.