< CISSP Networks & Telecomms Domain Presentation | German Gov says Google is the Devil; SRWare performs exorcism >
Ritasha Jethva, our Privacy & Data Protection competency lead added some nice tips to a publicity piece that made it otherwise more useful than it would have been. I'm republishing them here along with some other stuff I've found of late.
You may already be a victim of identity theft if:
- Items have appeared on your bank or credit-card statements that you do not recognise.
- You've applied for medical or other benefits but are told that you are already claiming.
- You've received bills, invoices or receipts addressed to you for goods or services you never purchased.
- You've been refused a credit card or loan, despite having a good credit history.
- A mobile-phone contract has been set up in your name without your consent.
- You have received letters from lawyers or financial institutions for debts that aren't yours.
- Mail expected from key organisations the likes of your bank have not arrived, or even if you are not receiving any mail correspondence at all.
The following tips will help you protect your identity and prevent criminals from committing fraud in your name:
- Turn off extra features in any technology that you aren't using.
- Always think before you click or press a button; personal awareness is key.
- Don't throw away entire bills, receipts, credit-or debit-card slips, bank statements or even unwanted post in your name. If you do need to destroy unwanted documentation, do so using a shredder if possible.
- Keep your personal documents in a safe place, such as a lockable drawer or cabinet.
- Be vigilant around what you publish about yourself, especially on internet sites.
- If your passport, ID book or drivers licence has been lost or stolen contact the issuing organisation immediately.
- Keep your passwords safe and never record or store them in a manner which leaves them open to theft, such as in your purse or wallet.
- Check statements as soon as they arrive. If any unfamiliar transactions are listed, contact the company concerned immediately.
- Never divulge personal information via email or sms' no matter how trustworthy the request may appear to be
Then, to add some stuff I've picked up (mostly from a technical level) that has worked well:
- Give out as little information as you need to, just because they ask for your phone number on the form, doesn't mean you need to give it. Apply your intelligence to when this is appropriate, you will always need to give some people some information. Yusuf, for example has lots of fun signing into 'front-fence security' with ridiculous names that should trigger any half conscious security guards spidey sense, such as "Osama bin Laden" (he has yet to be called on it).
- You can easily pulp lots of bills by putting them in a bucket or sink with hot water and a solvent (ammonia-based cleaners work well). It is much easier than ripping up each bill into tiny bits.
- My new favourite temporary e-mail service is Guerilla Mail, especially since TemporaryInbox and Mailinator rarely have mail successfully delivered to them (likely blocked thanks to spammers). Also, keep your eyes on stuff like Jangl for a telephonic equivalent. US users can use inumbr now.
- AdBlock Plus has always been a great way to block adverts which usually try and invade your privacy in new and exciting ways, including delivering malware. However, I've recently discovered the element hiding helper extension to AdBlock, which makes quickly nuking ads placed in-line (e.g. FaceBook's ad sidebar) quick, easy and permanent.
- Cookie blockers are also useful. I prefer CookieSafe which operates much the same as NoScript.
- Read your e-mail in plaintext, tracking <img>'s are regularly used. It will also stop you from writing irritating and/or poorly structured mail.