Monday, January 31, 2022

January 31-February 4 is Identity Theft Awareness Week. Take a minute to how consider how identity theft works and what you can do to protect yourself.

Staying safe requires a mix of mindset and practices. Be aware—even skeptical—of every request for personal information or data. Adopt proven methods for protecting passwords, systems, and other potential vulnerabilities.

Most cyber scams used to steal identities involve some form of social engineering that aims to lure unsuspecting targets into doing what a scammer wants.

Victims might voluntarily disclose personal information—logins, account numbers, etc. Or they may be tricked into installing malicious software on their computers/devices, allowing the crooks to harvest data.

Caution and swift action can usually foil plots by hackers and scammers. Other times, however, weak defenses leave individuals vulnerable to repeated attacks. In the worst cases, scammers steal identities and:

  • Reroute bank deposits to anonymous accounts
  • Open new lines of credit or online services
  • Trick individuals into becoming money mules and laundering criminal proceeds

To combat identity theft, stay alert for social engineering campaigns (especially during busy periods like tax season). Consider adding layers of defenses that reduce your odds of becoming a victim.

For example, when setting up or maintaining an online account, consider:

  • Creating a strong password that’s hard to guess (password manager apps can help)
  • Using multi-factor authentication whenever it’s available
  • Creating unique answers to security questions (remember, answers don’t need to be “true”—they just need to be answers you know and others don’t)
  • Changing passwords and other login information as needed

In this example, each bullet represents a layer of protection that makes your account more secure.

Become attuned to the hallmarks of social engineering attempts—personal appeals for help, inflated sense of urgency, or seemingly innocent queries that open doors to intrusion. And always look out for suspicious applications, files, or links.

When in doubt, don’t respond to requests for personal or work-related information. Contact your local IT support or a university help desk team for assistance.

For more information, see a guide to recognizing and avoiding phishing scams and information about the university’s Identity Theft Prevention Program.