Editorial Policy

12 Pro Tips for Shutting Down ID Thieves

Marcia Frellick

September 12, 2012

Some cities outshine others when it comes to ID protection smarts.

Virus protection firm AVG Technologies set out to find the most security-savvy North American city in its September survey of Internet users. The winner? Austin, Texas.

Rounding out the top 10 of the 15 U.S. and Canadian cities studied were New York; Los Angeles; Denver; Washington, D.C.; Atlanta; Chicago; Seattle; Portland, Ore.; and Montreal.

So what are the residents in these cities doing right? According to the survey, they’re using just one card to shop online, checking bank statements more than once a week and keeping their passwords to themselves.

These good habits (along with changing passwords, updating anti-virus software and watching out for phishing scams) are the building blocks for routine security. But here are a dozen smart security steps that will take your data protection to the next level.

1. Get a new credit card number every year. This is a tip that credit card companies don’t like, but it’s one that consumers can benefit from, says John Sileo, online security expert and founder of Sileo.com. Ask for a new debit or credit card number each year after a big spending season (after the holidays, for example), and tell your issuer you want it for security purposes.

The downside:  You have to remember to change the card number for any automatic payments you have set up. The upside? Regularly starting fresh and making your old number unusable for any thieves who may have gotten ahold of it.

2. Sign up for credit card alerts.That way your issuer will let you know each time your card is used. Many issuers allow you to receive alerts via text or email.

“Of course, that doesn’t stop the theft, but it does minimize the damage” by letting you know quickly if an unauthorized or suspicious charge appears, Sileo says.

3. Use a prepaid card. You can get a prepaid card at any convenience store, use that number for online shopping and then destroy it when you no longer need it, Sileo says. Just be aware that you may be charged activation and loading fees.

4. Don’t store your credit card number in your browser. When your browser (Internet Explorer, Firefox, Safari, etc.) asks if you want to store your credit card information or password, say no, says Kevin Johnson, senior security analyst for Secure Ideas. In fact, disable this prompt so it doesn’t pop up and tempt you to say yes.

“The attacks that hackers can do against your browser are so varied and so common, that no data in your browser should be considered safe,” Johnson says.

5. Limit the sites that store your credit card information. Allowing online sellers to store your credit card information can make future check-outs more efficient. Yet, while an Amazon-sized company likely spends millions on making sure your information is secure, a smaller store may not be able to make the same promises, Johnson says.

6. Use a passphrase instead of a password. Better yet, use a short sentence with upper- and lower-case letters and spaces. Johnson says this is done so rarely and makes passwords so long that hackers’ attack programs aren’t programmed to look it those yet. If you get a message from a website that your password is too long, you may be out of luck — but at least complain to the company and let it know that longer passwords help secure your information, Johnson says.

7. Limit the information that travels on your laptop. When you carry a laptop, leave the most sensitive information on your home computer or store it in the cloud, says Tony Anscombe, senior security evangelist at AVG. That way, if your laptop gets stolen, the damage will be minimized.

8. Avoid backing up with USB port. It’s important to back up information, Anscombe says, but this small device can be easily stolen, broken or misplaced. A better alternative is to use an online service for storage and access.

9. Use one credit card with a low limit for online purchases. Monitor this account regularly, and report any suspicious activity immediately to the bank or lending institution. The low limit will curb the amount of the thief’s spending spree.

10. Question why a mobile app needs access to your information. When you download a mobile phone app, you may get a notification saying an app needs access to certain stored information. Just make sure the use matches the request. If the app is for a flashlight for your phone, for instance, it doesn’t need access to your address book, Johnson says, although an app that notifies you of friends’ upcoming birthdays would.

11. Don’t wander away from a charging phone. “How many times have you walked into a Starbucks or walked into an airport and there’s a phone plugged into the wall and nobody’s around?” Johnson says.

Credit card information, address books and work projects could all be exposed to thieves. Before you wander, Johnson says, take your wallet out and put it on top of the phone or laptop — and ask yourself if you are still comfortable walking away.

12. Research online companies before giving them your business. Keeping your data secure should start with a gut check, Johnson says. You wouldn’t do business with anyone who approaches you on the street and wants to sell you something but also wants your account numbers. Online diligence should be no less clear-cut, he says.

Digital security should also be as important to you as getting fair prices or good customer service. If a company has had a security breach, think long and hard about giving it your business, Johnson says.

“Until people start saying to companies, ‘I’m not going to pay through you; I’m not going to buy from you; I’m not going to do business with you, unless you treat my data safely, it’s never going to change,” Johnson says.