A friend had his email account hacked recently. He is a director of a large public company. Luckily the hackers were only sending spam out. But what if they had malicious intentions against his company?
It’s pretty easy to get your identity stolen online! But if you want to make it hard for someone to hijack your identity then there are some simple rules to follow.
These rules won’t prevent someone from accessing your bank account online (there are still more rules to help stop that): but they should at least protect your Twitter and email accounts.
- Don’t use an easy to crack password. Never use a word or a name, especially one that is related to you in some way. Use one that is at least 8 characters long and has some capital letters, lower case letters, numbers and special symbols (yes some of all of these) but doesn’t contain any recognisable words (and that includes words with numbers substituted in an obvious way e.g. “p455w0rd” for “password”). And don’t use the same one for multiple accounts, especially important ones. Use a service like LastPass to help you manage your passwords. Remember, the more high profile you are, the more secure you need to make your passwords
- Don’t allow your portable devices (laptops and phones) to remember your passwords, even if you have password protected the device itself.
- Do install an anti-spyware programme on any device you use to access the internet – including your phone.
- Do ensure that you have used the appropriate privacy settings on your social media accounts. You really don’t want to help people to build up a detailed picture of your life that they could use to steal your identity.
- Don’t publish information that could be used to answer your passwords security questions. Often these questions are fixed and include things like “What is your mother’s maiden name”, “What is your birthday” and “What is your pet’s name”. It’s hard to keep some of this information to yourself but having standard “internet answers” that don’t reflect reality can help.
- Separate your professional identity from your personal identity. For instance set up two email accounts such as firstname.lastname@example.org as a personal email and myfirstinitialandsurname@email provider.com as a professional email. In social media have separate identities as well so you can excite your personal twitter followers about what you had for lunch and inspire your professional twitter followers with your latest industry insights (after all your friends will be even less interested in these than in what you had for lunch).
- Don’t assume email is secure. Never send information such as passwords or information that could be used to steal your identity by email.
- Don’t assume public wi-fi is secure either.
None of these rules mean that you can guarantee the safety of your online identity. But by following them you can at least make yourself more secure. So don’t make it easy for them! Good luck…