Our identity is fundamental to our sense of being, so we guard it tightly. When people question who we are, we react with anger. If someone pretends to be us in public, it can be a criminal offence.
But in the online world, we sometimes seem less strict about protecting our identity. Poor security knowledge and risky behaviour is a routine among internet users, leaving the door wide open for identity thieves.
We want to change that, and we think we know how. To help you take protective action, here are the major online threats to our identities, with easy to follow ways to neutralize those dangers.
Threat 1: Data gathering by corporations
Search engines like Google are notorious for tracking their users in the background, before using the data gathered to build in-depth personal profiles of an individual’s likes and dislikes, connections, location, and even their health.
But this isn’t just a problem limited to Google. All sorts of smartphone apps and websites routinely gather data from users, meaning that the web generates billions of profiles. These function like little copies of our identities that are used to make money or – in more sinister cases – to manipulate our behaviour.
What can you do?
If you’re concerned about corporate data gathering, you can change your privacy settings on almost every site you sign up for (including Google). But this only partially solves the problem. A much better solution is to always have a Virtual Private Network (VPN) running in the background.
VPNs encrypt data and assign anonymous IP addresses to every user. That way, corporations won’t be able to connect your real life identity to online activity.
But beware: low-quality VPNs will not provide much protection if any. For a provider, you can rely on, have a read through our ExpressVPN review, or check out suppliers like NordVPN, Private Internet Access, or Cyberghost.
Threat 2: Spoofing
Spoofing has been around for as long as IP addresses, and it remains a commonly used tactic among cybercriminals. It’s also something that – despite its age – few people seem to be aware of. But they should be.
Spoofers take the identity of others in order to perpetrate crimes. So, they could assume the identity of a trusted company, running a fake website, which then tricks users into handing over personal details.
More importantly for us, spoofers can steal your identity on unsecured wifi networks, and use your account as a vehicle to carry out illegal activities. And often they aren’t the ones who get caught: you are.
What can you do?
The key to avoiding nasty spoofing episodes is to make sure you have total protection when using public wifi networks. Try to avoid using temptingly unsecured wifi hubs when you are out and about. These could well be run by criminals as a kind of honeypot scam, and you just can’t tell whether they are safe.
But you can be targeted on properly secured coffee shop wifi as well. The only real protection here is to use a secure VPN with your laptop or smartphone. That way, criminals won’t be able to latch onto your IP address, and your traffic will remain hidden via encryption.
Threat 3: Data Leaks
2018 was a year of data leaks. From British Airways to Yahoo, huge companies had to admit that their customer records were far from secure. And revelations emerged that billions of personal records were being bought and sold on the so-called Dark Web.
This is great news for identity thieves. While not all leaks involved credit card numbers, most provided enough information to run social engineering or phishing campaigns against the victims of data leaks.
What can you do?
We rely on companies to buy flights, store cash, and stock up on consumer goods. So totally avoiding handing over payment details isn’t really feasible. But if you can pay via cryptocurrencies, you’ll be at much less risk of betraying personal information.
When data leaks take place, change your passwords immediately (and stay informed via sites like TechRadar to know when these breaches occur). It also makes sense to beef up your antivirus and VPN protection, as phishers kick into gear when data falls into their hands.
Threat 4: Viruses and malware
Our final identity threat is another old one but still catches many people out. Malware, known as keyloggers, has long been able to track the data you type (although they tend to find it harder to penetrate today’s antimalware shields).
More recently, new forms of malware have emerged with even more powerful means to harvest user passwords. Nicknamed Smoke Loader, and delivered via MS Word attachments, this agent exploits the architecture of Windows to drop malware and skim off sensitive data. It’s not likely to be the last in its class.
What can you do?
Fundamentally, you need to have the strongest antimalware and antivirus tools available. But Smoke Loader also shows how vital it is to update your OS frequently. And, just as importantly, attacks like this demonstrate the importance of regularly changing passwords.
Strong passwords, VPN protection, and a healthy scepticism about unsolicited email attachments can help as well. And, as with all of our threats listed here, some common sense can’t hurt.
If you source the right security tools and keep your wits about you, it’s possible to minimize the risk posed by identity theft. But if you don’t keep your identity secure – and most of us don’t – you run the risk of financial ruin and even criminal prosecution.