How to Prevent Identity Theft by Common Sense Hackers
“An identity thief can easily hack into your account if he gets your password but he can also hack into your account if he knows how to get the right information to reset your password. Therefore creating a strong password or changing it regularly is not enough protection.” Gmail-Login.com
Identity theft is a common occurrence that affects thousands of internet users each year. Sometimes it does not take the evil Penguin character with advanced programming skills to hack into your Gmail Account or online Bank Account. You will be surprised to learn that it only takes a patient character with good research skills and common sense to steal your sensitive info and log into your online account. So how can someone with no programming skills hack into your account?
It’s easy for someone to get hold of your personal details if you are a registered user or owner of any blog, social or community site profile. Generally if you have multiple website profiles on the internet you are vulnerable to identity theft. A profile is an online bio or webpage that describes who you are. It contains your personal info that you often enter by completing a form when signing up to use the community site. There is a whole lot of community websites that require you to fill your profile, for example social networking sites,directories,classified ads sites, job sites,freelancer,marketplaces, outsourcing sites,forums,blogging sites and many more. So what can a hacker obtain from your website profile?
If your website profile is public (if any online visitor can see it by directly visiting the webpage ) then he or she may get details about you, for example, your country, state, location, college or university you went to and contact details such as email address. It is even much easier to get more information if the person is your friend, workmate or someone you know. The thief can aslo get extra info such as the person’s employer, bank, car license number, street address, doctor and postal address. If the person is from a developed country such as the USA, the cyber-thief will also assume that the person buys online and he or she probably owns a PayPal account.Indeed, most victims of identity theft and internet scams involving money are people from developed countries because they are perceived to be rich by cyber criminals.
Let’s say the hacker is trying to break into your bank account. The hacker will simply go to your bank’s login webpage and click the password recovery link. This link comes in many names such as [Forgot Password] [Cant Log In] or [Recover Password].Depending on the security features that the bank website is using, the website may tell you the specific email address that the password recovery link has been sent to e.g. firstname.lastname@example.org (That is if you registered with email@example.com). The hacker will know that he must break and log into this email address to click the password reset link for your bank account. If the bank website does not reveal the email address where the password reset has been sent to, it will ask you to enter the email address that you registered with. This gives the attacker more work as he will be required to guess your email address.However, you will make it easy for the hacker to get the right address if you are using this email on your online profiles. But an email address alone is useless if you don’t know the password. An identity thief can easily hack into your account if he gets your password but he can also hack into your account if he knows how to get the right information to reset your password. Therefore creating a strong password or changing it regularly is not enough protection. This is where sensitive personal information comes into play because the hacker can use this information to reset your password. When you try to reset a password, you will encounter a security wall. Most websites will ask you to answer questions based on the information you provided. These are security questions designed to thwart an attempted login by an unauthorized person.
As an example, one online payment processor asks you to provide only your Date of Birth and Email Address to reset your password. Other websites may require you to provide more information i.e. ZIP code, phone number, social security number, passport number, drivers license, tax number, bank account number and so on.
Now it’s easy for a hacker to get your Date of Birth by checking public records e.g. court records, divorce records, real estate records, DMV records and background records. These records often contain the person’s date of birth as a rule. A hacker can also get lucky with Facebook or MySpace. There are also plenty of internet services that allow you to obtain someone’s public records just by providing the person’s email address. You will see the person’s name, age, home address, phone number, gender, occupation as well as all the social networking sites that the person belongs to.
Once a hacker gets hold of this information, then voila, your online account has been compromised.
Tips To Prevent Your Account From Being Hacked [ Prevent Identity Theft ] :
– Do not use the same email address for all your accounts. Use a different email address for each account so that the hacker cannot break into your other accounts.
– Never join a social network or community site that does not give you an option to hide your personal details e.g. DOB, email address, home address etc.
– When signing up for a website do not choose security questions that ask you to provide personal info such as Place of Birth, Mother’s Maiden Name, State, Country, Employer Name, College Attended, Date of Birth, Social Security Number, Home Address or other information that can be easily connected to you or found. Choose difficult questions that require difficult answers. These are answers that cannot be easily guessed, for example, Gmail allows you to create your own question. You can create a question like “How many miles did I drive with my car last year” or “How many cubic metres of water did I use last year” Enter an exact number that you can quote from your last December bill e.g. 764511
– If you have a choice to use a Pseudonym then go for it rather than plastering your real name all over the internet.
– Only join reputable social networking websites like Google Plus which ask you to opt in or out of a certain feature. Some sites just set everything to default leaving you to find out for yourself and compromising your privacy in the process.
What To Do If You Already Have Your Details Plastered All Over The Internet?
If you have multiple profiles containing your personal details on the internet, you should know that they have been indexed by the search engines and probably distributed by scrapping sites or content aggregating sites. You might try to log into each every site and delete or hide your details. Even so, you will not be able to delete content that has been copied by other sites.