In a world where we’re becoming increasingly reliant on technology, it’s more important than ever to protect your personal information online so that it doesn’t fall into the wrong hands.
People are also using digital channels more and more for online banking and other financial services because they are easy, convenient and a faster method for fund transfers. But our growing reliance on digital services brings with it a raft of security and data privacy issues, with higher numbers of potential attack vectors opening up more backdoors to instances of identity theft.
Stolen personal information can be used to create fake accounts or carry out illegal transactions in the name of authorised users. This misuse of digital identity can have serious consequences, especially if perpetrators are involved in money laundering or terrorist financing.
Many place their trust in traditional security methods such as passwords and knowledge-based authentication, but as fraudsters become more and more sophisticated, these methods are no longer sufficient to protect our digital identity and personal information.
It’s not all doom and gloom, though, as there are several steps you can take to protect your personal information online.
Passwords are the easiest way scammers can access the gateway to your online identity. If your primary email becomes compromised and you use the same password across many sites, it could cause serious damage to your life and finances.
A password manager will help you create, store and manage complex and unique passwords for every new digital service you are using. Password managers also assess the strength of all your existing passwords, identify those that are especially vulnerable, and suggest alternatives.
Taking it one step further, some password managers support two-factor authentication to safeguard your access into the password manager. Two-factor authentication requires you to use two factors to authenticate yourself, preferably a combination of: something you know (a password, PIN code or passphrase); something you have (a physical token, USB key, your mobile device); or something you are (fingerprint, face recognition, hand gesture).
Remote authentication tools such as face, iris (eye), voice and fingerprint detection, as well as behavioural biometric scans are becoming more and more widespread.
With biometrics, you become the password. Biometric authorisation is increasingly being used for identity verification on smart devices such as laptops and smartphones. It is a more secure way to protect your identity as it involves characteristics that are unique to you, and therefore almost impossible to replicate. While it might be relatively easy for a fraudster to guess your password, it’s much harder for them to fool a system that uses your unique physical characteristics to verify your identity.
There are a large number of online portals that require or entice users to enter personal details such as lucky draws, voting sites, event participation, shopping sites, enquiry submissions, dating sites, and contests. Whenever you enter your personal details on such websites, a fragment of your digital identity gets left behind, which fraudsters could then use to commit fraud attacks or identity theft. Once information is shared online, it’s almost impossible to remove completely – even if it’s later deleted or modified.
As such, be careful about the types of details you share about yourself online and be aware of unfamiliar sites asking for too many details. If you have any doubt about the legitimacy of the requesting webpage, be safe and investigate the source first.
Phishing emails are fraudulent ways scammers use to trick you into giving them your personal information. They often pretend to be from large organisations, such as the ATO or your bank, and try to steal your online logins, credit card details or passwords by sending you fake emails or text messages.
There are ways you can spot a phishing email. Take a look at the email address the email was sent from. A lot of times the address may look similar to the real deal, but there’s always one or two discrepancies. Phishing emails also tend to ask for personal information, have unsolicited attachments, and are generally poorly written. They also have suspicious links, and a sense of urgency to make you panic and take action quickly.
If you have the slightest doubt that an email might be suspicious, you can verify their details by searching for the business online before responding or clicking on any links within the email, to avoid compromising your computer or accounts.