An old joke from a newspaper cartoon goes “On the internet, nobody knows you’re a dog.” While online interactions are still characterized by a kind of anonymity, it’s changed a lot since the early days. Online profiles are more transparent, thanks to social media, but online identities carry more weight. With access to a person’s online account comes access to their correspondences, information, and payment details.
The allure of online identity theft has inspired several methods by which it can be carried out. Criminals can gain access to accounts through phishing scams, illicit surveillance, spyware (and other malicious software), and a variety of password cracking methods ranging from educated guesses to brute computing force.
This may seem daunting, but there are simple steps that any internet regular can take to minimize their risks of identity theft. Remember that while many online criminals have a wide array of resources available, most of them focus on opportunistic attacks on careless users. Ramp up your cyber security habits and you’ll be making yourself more secure and less of a target.
Here are some ways to get started:
The first step to protecting your online identity should be making it more difficult for anyone to get into your online accounts. A strong password is the foundation of a secure account, and can be bolstered by two-factor authentication.
The past few years have seen old best practices on password generation being debunked, once again thanks largely to a cartoon. Gone are the days of replacing letters with symbols and throwing in a few numbers. Now, it’s generally acknowledged that the best passwords—both strong and easy to remember—are long strings of words. You’ll get more mileage chaining together four words and maybe a few numbers than you would trying to concoct a short string of gibberish.
However, hackers are aware of this trend and have adapted their computing techniques to match it. As such, for a truly secure password, it’s best to use a password manager such as Dashlane. This will give you the freedom to use more complex passwords, even if they’d normally be difficult to remember. It also frees you from the tendency to reuse passwords, which amplifies the risks in flimsy passwords.
Two-factor authentication (2FA) is another way to significantly boost account security. 2FA requires that a user submit not just a password, but another piece of information (or, in not purely digital activities, sometimes an item) to access their account. Most forms of online 2FA involve sending a second key to another device or account that only the user can access. With 2FA active, potential hackers could guess the password and still be unable to access the account.
One way or another, a lot of internet security is based on offline details. Passwords often reflect hobbies or personal favorites. Meanwhile, personal history is often the basis of security questions, which are a backup for imperfect human memory, but also backdoors to online accounts.
It’s important, therefore, to disclose as little as possible in your online profiles that can be linked to any of your accounts. Even if you don’t actively use those information for your password or security question, they can still establish a trail of breadcrumbs to any accounts that require that information.
Sometimes, people use social media to get people to willingly, if unknowingly, give up this information. Be wary of games or quizzes that ask for access to your profile and posts, or chain images that give you a name based on some combination of personal details like birthday and initials.
Malicious software can also compromise your identity, so it’s important to minimize their chances of infecting your computer. A comprehensive security suite should be your first line of defense. A good one will cover both antivirus and anti-malware functions. You may need one program for established threats and one for new or emerging malware. Whichever programs you choose, be sure to keep their databases updated. This can be more important than the choice of program itself.
One common source of malware is online advertising, so you may want to utilize ad blockers, too. These are available as browser extensions as well as standalone mobile apps. If you’re using a free one, though, look into how it sustains its operations and make sure you’re not simply trading one risk for another.
Anytime you transmit information through the internet, there is a chance that it will be accessed by an illicit third party. To avoid that, opt for encrypted connections whenever you can. This can mean using secured networks. This is mainly relevant when in public, though you should generally avoid public WiFi. It also means using web pages with a secure connection, marked by the word “secure” in the address bar and “https://” in the url.
A more reliable way to encrypt your data is to use a virtual private network (VPN) service. When connected to a VPN’s server, all data transferred between your device and that server is encrypted, ensuring no third parties can view it. The server also changes your IP address to one from its region, effectively concealing your original IP address. This also protects you from unwanted surveillance. Furthermore, this encryption works even on public WiFi signals, which can mitigate some of the risks associated with them.
This may seem a bit complex at a glance, but making small changes can steadily boost your online protection. Try adopting these methods step by step, and you’ll find your online identity well guarded against attempts to steal it.