Last century, people stole cars by breaking in to them....
These days they break into your house and steal the keys. Without the keys, the car is just a large object that cannot be moved: the engine and transmission are locked when the key is removed. So to get anywhere in the car, you need a key! And most people don't put their keys in a safe. They just put them on the kitchen bench. And that is not too hard to access if you break into a house late at night. Police are now reporting that this is what is being stolen from houses. A few nights later they come back and just drive your car right out of the garage. But once they have the keys... well they can just steal your car wherever you leave it parked if they want to avoid your house.
The same principle applies when someone wants to steal your digital identity. Usually, they don't try to 'break in'. They just collect up the data that you leave around the web and put it together. Just like putting a jigsaw puzzle together.
How can I 'harden' my digital security?
If you are a Telstra customer, remove your birthday from your Facebook page. Telstra will ask you as part of your identity verification...
"Can you please verify your first and last name and your date of birth for me"
If hackers have managed to get your birthday, then they just need your first name and last name, and Telstra will allow them to use your mobile phone number to override your Account number. From there they have access to your emails, internet usage and your phone details. Once they can access your emails, then the world is their oyster as they can use this to 'ping' your accounts with any service that you are registered with, as that is where they will send any email that is used to reset your passwords.
Whatever you do, don't use personal details for passwords!
Many of our clients (and you know who you are) use some of these gems as part of their password collection:
- their pets names
- their children's names
- their children's birth years- 9296 etc
- the year of their birth as the final digit of their username- 72, 81 etc
A quick scan of your Facebook page is a rich source of information about your children, pets... all sorts of information that can assist hackers to connect the dots about your digital profile. So make sure that you are not giving away this information so easily.
What about my bank accounts?
For bank accounts the same rules apply. Make sure the passwords are tough and difficult to guess. You can go one step further and use a Security Token that the bank provides you with. This means that you have to login to your account on the internet within a few seconds of receiving the security code on the token. A hacker has to have this numeric code and the details of your bank account to access your account. That makes it very tough to hack in. If you want a secure bank account, then this is where you are headed.
How can I manage my passwords to make them more secure?
At Simply Web Works we use and recommend LastPass Password Manager. This allows us to make our passwords complex and almost impossible to hack. It also stores these passwords so that we can access them as required and manage them across multiple devices. The downside is that it uses a master password that we have to keep somewhere safe. But it means that the rest of our passwords are pretty much off limits due to their complexity. This, combined with Google Chrome browser means that securing our digital presence is easy to administer. This is a much better solution than recycling your dog's name, your children or that old favourite, the year you were born. Much better...
Here is what can happen in the real world
This article outlines what can happen in your life when your digital identity is hijacked. A sobering reminder of just how much information can be laid bare if you allow it to be accessed easily.