Consider these facts:
- As of the second quarter of 2018, Facebook had 2.23 billion monthly active users. So if it were a country, its 2018 population would be greater than the populations of the two most populated countries on earth, China and India.
- As of June 2018, Instagram, the popular photo and video-sharing platform had 1 billion monthly active users.
- In February 2018, WhatsApp, Facebook’s messenger app for Smartphones, hit 1.5 billion monthly users.
In addition to these social media numbers, a quick review of global internet penetration statistics reveals that as of 2018, 48.9% of the global population accessed the Internet in some form or another. That is well over 3.5 billion people who used the Internet to:
- Find information
- Watch films
- Conduct financial transactions
- Make travel arrangements
- Connect with friends or family
- Look for work
- Promote social causes
And so on…
Thus, even if we discount the time we spend ‘binge-using’ social media and messaging tools, it’s clear that we are online – a lot!
Now ask yourself this:
How many of these 3.5 billion+ users logged on to the Internet to:
- Steal financial information, passwords or other sensitive data
- Assume someone’s identity
- Commit a crime
- Stalk someone
- Bully, harass or abuse someone (also known as ‘trolling’)
- Buy or sell illegal items
- Engage in corporate spying or espionage
- Post pornographic content (especially of a child)
- Goad someone to commit self-harm, and in extreme cases, even suicide
And how did they get access to relevant information that helped them do any of the above with any degree of success?
Actually, knowing the exact answer to the first question is rather irrelevant. The objective of this self-questioning exercise is not to memorise statistics or quote them verbatim, but to understand the answer to the critical second question: that although online crime is perpetrated by criminals, the most important instrument that enables crime in the first place is that – INFORMATION – is often placed in the criminal’s hands by the victim(s) themselves. Even if this is done inadvertently (as is usually the case), the outcome is still the same. The victim’s personal information is misused by someone to hurt the victim or cause harm to their reputation, person or psyche.
So that was the bad news.
But is there anything we can do to protect our personal information and keep our reputation and identity intact? The good news is that YES, there is!
The aim of this article is to provide comprehensive answers to all questions related to personal information, so that you can make knowledgeable choices about what information you want to share, with whom and through what channel.
What Is Personal Information?
New Zealand’s Office of the Privacy Commissioner provides a good definition of ‘personal information’:
“Personal information is any piece of information that relates to a living, identifiable human being”.
It rarely matters if the person’s name appears in conjunction with the information. As long as there’s a reasonable chance that they could be identified from the information, it classifies as ‘personal’. Also, personal information does not need to be ‘secret’ or ‘sensitive’; it just needs to be about that person.
The following are all types of personal information:
- Name, signature, age, gender, sexual orientation, racial or ethnic origin
- Contact information – physical address, telephone number, email address, social media addresses
- Educational details
- National identification number (for e.g. Social Security in the US, Aadhaar in India)
- Birth and marriage records
- Bank account details – account number, PIN number, customer ID
- Details of other financial assets (or liabilities) such as stocks, loans, credit cards and investments
- Credit information
- Property records
- Biometrics – fingerprints, iris scans, palm prints
- Health information and medical history
- Employee records such as job history, job titles held, work address, salary
- Tax information – returns, tax ID number, taxes paid
- Passport, visa and travel records
- Criminal record
- Political opinions and affiliations
- Membership records – clubs, gyms, professional associations, unions
The Office of the Australian Privacy Commissioner states that personal information can also include information that is:
- “shared verbally
- captured digitally
- captured on signs”
This means that even photos, videos, voice recordings and DNA records can be classified as personal information, as long as the information makes it possible to identify that individual.
What Is Identity Theft?
As the name suggests, identity theft occurs when someone uses your personal information in an unauthorised manner (i.e. without your permission) for their own personal or financial gain or to commit a crime or fraud.
Identity thieves commonly get hold of the following types of personal information in order to steal a person’s identity:
- Address (current or previous)
- Email address
- Mother’s maiden name
- Place of birth
- Bank account numbers and PIN numbers
- National identification number
- Credit or debit card numbers and CVV numbers
- Login details and passwords
- Passport details
So, how do thieves get access to your personal information? Here’s how:
- Steal your mail to get access to credit card numbers, account numbers, PIN numbers, etc
- Steal your wallet or purse
- Use technology to eavesdrop on your phone conversations or track your computer keystrokes (especially for passwords)
- Steal your records from a business, medical or legal office
- Pose as an official and ask you for this information in person or on the phone
Once they have your personal information, identity thieves can use your identity to:
- Perpetrate financial frauds involving credit cards, bank loans, cash withdrawals, online shopping, tax rebates, government benefits or pensions
- Commit a host of other crimes, such as smuggling, cybercrime, cyber-stalking, money laundering, drug or human trafficking
- Enter or exit a country illegally
- Get medical care
- Get access to utilities or credit
- Apply for a place to live in or conduct business in
- Avoid arrest or deportation
- Post pornographic or otherwise embarrassing pictures or details about you, your family and children online
All of these are very real possibilities, and are only some of the reasons why you must protect your identity. And keeping your identity your own requires that you first protect your personal information and be very careful about sharing, discussing or disseminating it.
In the next section, we provide useful information on how you can safeguard your personal information and your identity.
10 Tips To Protect Your Personal Information & Avoid Identity Theft
There are a number of steps you can take to safeguard your information, both online and offline. You can:
1. Create Strong Passwords For All Your Online Accounts
For each online account, create passwords using a combination of letters, numbers and special characters. Make sure that each password is unique, i.e. not shared across accounts. This way, even if one of your accounts is hacked or suffers a data breach (probably through no fault of your own), at least your other accounts will be protected. Change your passwords regularly and never share them with anybody. To keep track of multiple passwords, use a ‘password manager’ tool or app. Norton Identity Safe is a good option.
2. Protect Your Devices With Pass Codes
Avoid carrying all your devices with you at the same time, and especially not in the same bag or valise. If you have to, make sure you protect them with strong pass codes or PINs. And if your device has a tracking feature, make sure it’s on, so you can track it even if it’s stolen.
Also, physically lock your laptop with a sturdy security device, especially if you’re using it in a non-secure public place (for e.g. a café).
3. Be Circumspect When Using Free Wi-Fi
There really is no such thing as a free lunch. Although free Wi-Fi is convenient and, well, free, it’s anything but secure. Because it is free and usually doesn’t require a password to log in, free public Wi-Fi makes it possible for identity thieves to eavesdrop on your online activity, log your keystrokes and steal your personal information. Avoid conducting financial transactions while logged into a free Wi-Fi. If you must, use a VPN (Virtual Private Network), which encrypts your activity and prevents others on the same network from seeing what you are doing.
4. Don’t Be Too ‘Social’ On Social Media
Social media tools like WhatsApp, Facebook and Twitter are great for staying in touch with friends and family and for building richer online communities. However, overdoing your social media presence can put your information in the wrong hands. Be very careful about what you post and limit your audience by adjusting your privacy settings (See this link for help on how to do this).
Also remember that your digital footprint has a very long shelf life and once you post something online, it is out there in the public domain. It is easier to not post something in the first place, than to later erase your footprint or scrub your social media accounts. Educate your family members, especially children, about the dangers of social media and how they can keep their information and identities safe.
It makes sense to extend this wariness to the offline environment as well. Only give out personal information if you absolutely must. Verify the identity of persons asking for this information over email or by phone. Be alert to impersonators and potential identity thieves.
5. Keep All Your Personal Records In A Safe Place
Lock all important documents and records in a safe place. This would include everything from financial, health and medical, to educational, taxation and professional – basically everything that contains any personal information that can identify you and make you a target for identity thieves.
Also, guard your wallet or purse and lock it in a safe place at work. Keep your information secure from everybody who doesn’t ‘need’ access to it. For e.g. your GP needs access to your medical history; your college roommate doesn’t.
Also, limit what you carry and take only the documents that you need – driver’s licence, debit card, etc. As backup, scan all important documents and upload them to a cloud storage service such as Google Cloud or Dropbox. Many of these services are free for personal use, and allow you to store massive quantities of data for years. Don’t forget to protect your cloud account with a strong password (see Tip # 1 above)!
Before throwing any document into trash, shred them. Before disposing of electronic devices, use a wipe utility programme to remove all personal information and scrub the memory or hard drive.
6. Be Careful About Opening Email Attachments Or Links
Cybercriminals and identity thieves often send emails purporting to be from reputable companies such as banks, utility providers, etc. to trick individuals into revealing personal information, such as passwords, PIN numbers and credit card numbers. Beware of such ‘phishing’ attacks and pay attention to the content and look-and-feel of these ‘copycat’ (i.e. fake) emails.
If it is from an unrecognised sender or includes spelling errors, unusual email addresses or unsecured ‘http’ URLs when it should be ‘https’ (for e.g. URLs for banks, credit card payment pages and eCommerce shopping carts usually start with ‘https’ instead of ‘http’), don’t click on it.
7. Upgrade Your Electronic Devices With Regular Software Updates
The pervasiveness of the Internet has created a new breed of cybercriminals who are finding ever-more sophisticated ways to spread malware, hijack devices and steal identities.
Install anti-malware/antivirus/firewall software from reputed firms on your devices. Keep the software updated by installing all necessary patches and security updates to prevent hackers and cybercriminals from taking over your system.
8. Backup Your Data
Inspite of every effort, a clever cybercriminal or identity thief may still locate and exploit a loophole in your system to infect it with malware or ransomware. Your device may also crash due to a hardware problem, causing you to lose all data. To prevent such occurrences, back up your data and do it regularly. This way, if you lose data, either due to human intervention or a system setback, it can still be recovered.
9. Browse Wisely
Your Internet browsing history contains information about your past activity. Web browsers track your downloads and website visits, save ‘cookies’ and keep a ‘cache’ memory. The main goal of storing all this information is to improve the browsing experience for the user.
However, this data can be hijacked by cybercriminals. It can leave you vulnerable to identity theft if the device is not passcode-protected or physically locked, or if it is used in a free Wi-Fi zone.
Protect your privacy by using the private or incognito mode in your browser. Alternately, erase your browser history and cookies, and empty the cache every time you exit your browser. Don’t use the automatic login or save password feature on any website. Also important, log off from your computer and shut it down. This way, even if your (passcode-protected) computer is misplaced or stolen, it will be harder for a thief to access your personal information.
10. Set Up A Google Alert
A Google alert for your name will help you keep track of anything someone might be saying about you on the web. Set up a Google alert here by telling Google to look for your name and send you email notifications. You can also include information on what kinds of web pages you want Google to search and how often. While this action may not entirely prevent identity thieves from trying to steal your personal information, it will still enable you to proactively monitor chatter and activity around your name, and take necessary steps.
In today’s world, it’s hard not to have an online presence when everything from networking to banking and making overseas payments is done online. Online remittance service providers store sensitive personal and financial information that can make you vulnerable. However, remittance service providers such as InstaReM have robust security systems that protect customer data from cybercriminals and hackers.
To initiate an international money transfer through InstaReM, you need to provide some personal information, including your:
- Full name
- Accurate address
- Phone number
- Email address
You also need to give some additional details, such as:
- The recipient’s name
- The recipient’s account number
- The recipient’s address
- The currency you wish to send in
- The amount you wish to send
One of the following, depending upon the country the funds are being transferred to:
- IBAN (International Bank Account number)
- ABA (American Bankers Association) routing number
- IFSC (Indian Financial System Code)
- SWIFT (Society for Worldwide Interbank Financial Telecommunication) or BIC (Bank Identifier Code)
However, before a transfer can be initiated, the account registration process needs to be completed by uploading updated copies of relevant identity and address proof documents. As a financial institution, InstaReM needs to conform to the local regulations of the countries of operation, therefore, this KYC (Know Your Customer) process is mission-critical.
InstaReM strives to maintain its own data integrity and is committed to protecting the confidentiality of its customers’ financial details. The firm has been awarded ISO 27001 certification, the Global Standard on Information Security Management Systems, which provides a host of robust and proportionate security controls to protect its clients’ information.