Here’s a list of tricks you can do to help keep identity thieves from stealing your personal data without reading the 48 page fine print legal talk that shows up with every smartphone OS upgrade.
1. Protect the “Fab 4” with Obfuscation:
Opening a credit line generally requires just 4 things: Name (last, first, middle initial), DOB, SSN and Address. So safeguarding these is paramount. They can be obfuscated – made unclear – which is what you want when showing them in the general public.
Of course, Name is hard to hide, but nicknames or shorter unofficial ones are good to consider. For example using one for eBay shipping purchases and another for Amazon, etc.
With your DOB, try to refrain from showing your birthday online, including on Facebook, but if you must then change your birth date to a different day than the one on file with credit agencies. It’s ok if your Facebook friends wish you Happy Birthday 3 days early.
Don’t give out your Social Security Number except when absolutely necessary. Many companies and forms ask for it, but do so because it is an easy identifier when in fact it is seldom required by law. So you can ‘accidentally’ type yours in with the last two digits set to your birth year.
2. The Unique Address Trick
This is how you find out who’s selling you out. When you sign up for frequent flier program, insurance, credit card, rewards programs, the girl scouts cookie order form, etc., create a unique identifier in the 2nd line of your address. For example:
John Wayne
123 Bourbon Street
Attn Delta-FreqFlierPrgm
New Orleans, LA 70116
The USPS doesn’t care what you put in that line. In fact, the USPS doesn’t even recognize a second address line as part of properly formatted address. It is meant simply for personal sorting after it arrives, so when you get the Geico or Capital One offer in the mail you’ll know who sold them your address because it will be right there on the Attn: line.
Hint: you can do the same thing with Gmail using the + symbol, see examples here.
3. Tiered Passwords
It’s hard to remember a different password for every website, so create levels of passwords or incorporate the name of the site to make the password unique to every site. You can keep 3-4 different passwords of increasing complexity using the most complex one on the most sensitive sites, like online banking.
Most Complex: Banks, Credit Cards, Paypal, AND the email accounts that are associated with them for password resets.
Complex: Online ordering platforms with stored credit cards (Amazon, Ebay, airlines etc.)
Less Complex: Facebook, Twitter, LinkedIn, etc. Sites of importance but easily fixed without monetary loss.
Least Complex: Online trials, rewards programs and sweepstakes, Starbucks app, and the like.
*Be sure to change all passwords once every few months while keeping the underlying increase in complexity.
4. Revamp Password Challenge Questions
If you’re worth it, a criminal can likely figure out your mother’s maiden name by going to sites like ancestory.com. As for your first car, based on your date of birth + 15 years, one can probably narrow the field down to about 40 models, so take the opportunity to use those challenge questions and come up with something harder to figure out. For example, change “Ford Escort” to something like “RedandWhiteFordEscort.”
Remember, it may be easier for a thief to hack your email address and then request a password reset with your bank, so keep that secure too!
Today, Service Objects is reflecting on our data security, and we hope you do too. We are proud to be one of several hundred organizations collaborating to generate awareness about the importance of respecting privacy, safeguarding data, and enabling trust.