You don’t need to wait until you fall victim to a scam or identity theft to start protecting yourself against scams. You can be proactive and take action now to implement a strong defense system against scammers and identity thieves. Here are some basic tips on how to protect your accounts, sensitive information, and devices.
Keep Your Software Up-to-Date
One of the easiest things you can do to preemptively strengthen your scam defenses is to keep your computer, phone, or tablet software up to date. This includes the operating systems for your phone and your computer, your internet web browsers, and any other apps that you use. Downloading software updates will protect you because outdated software can make it easier for criminals to access your devices. This is because software updates contain protections against weaknesses that existed in the older versions of the software. By updating your software, you can defend yourself against these weaknesses.
Password Protection
Protecting your passwords should be an essential part of your scam defenses. You should have strong passwords to make it harder for scheming criminals to break into your online accounts. Here are some tips for making strong, secure passwords and keeping those passwords secure:1
- Use at least 10 characters, though 12 characters is ideal
- Be unpredictable – don’t use common names, dates, or words that may be easy for someone else to guess
- Mix up numbers, letters, capitalized letters, lower case letters, and symbols
- Don’t use the same password for multiple accounts – using the same password for multiple accounts makes it easy to break into your accounts because once your password is stolen from one account, the thieves can use it on your other accounts
- It’s fine to write down your passwords. In fact, your passwords should be so complex that you cannot remember them. Wherever you write down your passwords, keep the information safe, out of sight, and don’t share it with others
Two-Factor Authentication
Two-factor authentication provides an extra layer of security for your online accounts. Two-factor authentication adds an additional step when you log into your accounts by requiring you to have two, or even three, types of credentials when you access your account.2 Here’s how two-factor authentication works: you want to log into your online bank account so you successfully enter the correct username and password for that bank account. Instead of allowing you to log into your online bank account however, the bank then emails or texts you a secret code. You must enter this secret code to log into the account. Only after you enter this secret code, will the bank allow you to log in. In this scenario, the username and password are step one, while the secret code that you must enter is step two, hence the term two-factor authentication.
Two-factor authentication is not foolproof, it simply makes it harder to log into your accounts. For some, the inconvenience of the extra step added to your log-in procedure may outweigh the benefit of two-factor authentication. The inconvenience aside, two-factor authentication is something you should consider for those accounts that are most important to you, such as your bank account or a healthcare related account.
Be Cautious When Sharing Personal Information
Don’t share your passwords with others, even if someone asks for your password. Legitimate companies will not ask you what your password is. If someone does ask you for your password, proceed cautiously because it may be a scam. If you shop and bank online, you can protect your information by only using websites that use encryption to protect your information. To figure out whether a website is encrypted, just look for the letters https at the beginning of the web address. If the website’s address starts with https, then the website is secure.3
Other tips:
- If you throw away an old computer, tablet, or smart phone, erase all files on the device and sign out of any online accounts before you throw the device away4
- Never give control of your computer to anyone who contacts you about a problem with your computer
- If you are using a public computer, never have the internet browser that you use save your passwords and log out of all accounts when you are finished working. Delete any documents or downloaded files from the computer if they contain personal information, otherwise the next user may be able to view your information.
1 Federal Trade Commission, https://www.consumer.ftc.gov/articles/0009-computer-security
2 CNET, https://www.cnet.com/news/two-factor-authentication-what-you-need-to-know-faq/
3 Federal Trade Commission, https://www.consumer.ftc.gov/articles/0009-computer-security
4 Federal Trade Commission, https://www.consumer.ftc.gov/articles/how-protect-your-data-you-get-rid-your-computer