Identity Theft is when a hacker uses your personal identifying information and pretends to be you in order to commit fraud or to gain other financial benefits. Thieves look to steal user’s personal information: full name, home address, email address, online login and passwords, Social Security number, driver’s license number, passport number, or bank number.
How do they get My data?
Some of the most common ways personal information is stolen is through phishing attacks, skimming attacks (stealing this data off your magnetic strip of your credit card) by placing a card reader over top the real card reader at a Gas Pump, or ATM machine, and even WiFi hacking. They can also purchase this information on the dark web from hackers who have breached company databases and sell access to “Identity” information dark web forums.
What harm can they do with my data?
Additional Reading: How To Protect Information From Identity Theft
What should you do as an SMB Owner?
- First and foremost, to prevent identity theft and the issuance of credit in your name, lock your credit with all four credit agencies as outlined below (see below).
- Second, train employees on cybersecurity basics, helping them become more aware of the threats they face when interacting online. (Phishing, Social Engineering Attacks)
- Phish Test Employees
- Be wary of public, unsecured WiFi (use a VPN if dealing with sensitive information)
- Govern employees with the proper policies, following NIST Guidelines (WISP, Acceptable Use, Password Policy, etc)
- Employ a Password Manager, require it in your Password Policy
- Enable Two-Factor Authentication wherever possible
- Work with your IT staff or third-party vendors to ensure your critical data is being encrypted properly
- Regularly back up critical data according to the 3-2-1 method
- Use the principle of least privilege
- Subscribe to CyberHoot’s Newsletter to stay current with the always-changing cyber threats.
By implementing these measures at your business you’ll become more aware and more secure. You may not have perfect security but you’ll be doing what you can to reduce the risks you face.
How and Where to Lock My Credit:
Anytime static data that cannot be recreated is breached there are long-term consequences which is the case with the Equifax breach of Social Security Numbers, birth dates, home addresses, and driving license numbers. Putting a credit freeze on your account will protect you largely from hackers taking credit out in your name, but doesn’t prevent them from submitting fraudulent tax returns in your name. Get your tax documents in order and submit them as early as possible.
Visit the following Credit Bureau’s and Freeze your Credit to protect yourself from hackers taking out credit in your name.
Transunion Credit Freeze
Equifax Credit Freeze
Experian Freeze Center
Innovis Security Freeze
ChexSystems Security Freeze
Certegy Security Freeze
Clarity Services Security Freeze
CoreLogic Teletrack Credit Freeze
CoreLogic Credco Credit Freeze