As another year rolls to a close, a lot of you will have already hit the online sales in preparation for Christmas. With either Black Friday or Cyber Monday being two particularly high-spend days for e-retailers already been & gone. You’ll also be aware thanks to news reporting that our data & online security is ever-more fragile from Banks, Hotels & online stores losing our data. Despite this over £7 billion has been spent on these two days alone & millions of pieces of personal information h&ed over too.
It’s clear you cannot guarantee security, & even though you never could, things have never been worse than they are now. Whilst this is a grim picture, & millions of transactions go without trouble I’m writing this blog post to help those who shop online how to protect themselves, their identity & the pro-active steps you can take to avoid your data getting into the wrong h&s. I’m also telling you what I do which works for me.
Mixing the real world with the virtual one.
I stayed at a hotel recently. They asked for a copy of my Driving license for ‘security’. I asked them what type of security would that be, & the lovely woman on the front desk couldn’t really tell me other than mumbling something about ‘hotel policy’. I declined. She informed me equally politely that I had no choice otherwise I would not be staying at the hotel. I asked again about the policy & could she show me that policy. She declined & now quite flustered reminded me I would need to hand over my Driving Licence. I declined & asked to speak to the GM. Two minutes later I was checked in without h&ing over my Driving License! I watched others blindly hand over their documents, the lady promptly scanned the Licence into a computer digitizing this valuable piece of information & linking it to (what I presume) is your guest account. I was alarmed at how often this type of thing happens to us without even thinking. Anything with age verification often we hand over our Driving License because it’s in our wallet & it’s easy. We rarely think about the company we’re giving it to then digitize it making it vulnerable to theft. Same for Passports when you are abroad, who is handing over their passport at hotel receptions?
The Information Doci-Do – you give us your data, we’ll give you something for free.
It’s commonly known that there’s no such thing as ‘free’ when it comes to the Internet. You often have to handover your information for a download, or an e-book, or to trial a piece of software. You don’t often think about this isolated information you’re giving out – besides you are busy & you want that free download or account. However, by doing so you are contributing to a data landscape handing over pieces of information when you don’t need to, & increasing the potential damage caused if your data were to be stolen. Time & time again the influx of SPAM emails, or follow up sales calls you can get through the lax giving up of our personal information.
Becca recently had her ID stolen. Fraudsters used her details with a company she’d never even transacted with. Ever. It left her feeling vulnerable & shaken. Yet when I heard she used the same card online for purchases that she used for everything in her real life, I gasped with shock. Identity Theft is up by 44%
So what can you do to protect yourself online? Here’s what I do. Basically, you should do what I do, because I’m awesome at this stuff!
- Internet Bank with virtual cards – use a Company such as Revolut who offer ‘virtual’ card services. These are cards which can be generated on-the-fly one-time for single purchases online. Details are obfuscated & means once you’re done with them, you can kill them & your primary main account is safe. There are others, but Revolut do this the best.
- A burner email address – set up an email address to be used solely for online registrations or for information h&over. Make it nothing to do with you or your own identity. This allows you to keep SPAM away from your primary inbox.
- Alternative ID – a contentious one this, because if you go to this length, & use it for nefarious purposes, then you’re probably breaking the law. But I use the email address I’ve set up above & associate it with a Facebook account (often needed for some account verifications) & I can use a combination of that Facebook account & the email address & pretty much sign up for everything & anything I want, without exposing myself to SPAM, Marketing messages & pestering’s from various companies. It goes without saying I’m not pretending to be someone I’m not here (even though I am) I am merely creating a false fictious identity for the reason of being able to trial software, download eBooks or register for trial accounts for things.
- A burner phone number – Now this is classic ‘Maz’ going to the extremes but what I also have to go with my online virtual ID is a phone (PAYG, cheap network) which I use for WhatsApp & tie that in with my fake accounts above. Why do I do this? Because often as part of any online sign up you often have to submit a phone number. So by having a firewalled Phone number I can safely give this number to online services & no I can just switch it off when I don’t need it.
- Shop at reputable websites – so no dodgy non territory websites based off shore or typically in Asia-Pac. Look for an SSL (see below) certificate and make sure if you’re not sure, then don’t buy.
- Passwords – whenever you are asked to register, please set a secure password using a password generator to create it.
- Watch out for SPAM emails or phishing emails from people claiming to be from your bank. ‘Security’ checks from your bank mid-purchase are often phishing schemes.
- If you receive password reset links from a company in email – don’t click on them. Go to the website of the company in question, log into your account & change your password from there.
- Be cautious of Digital Downloads. – Watch those e-Books or MP3s, or films. They can have keyloggers embedded in them. Watch out for files auto downloading too.
- Wifi – it’s all fun and games picking up those extra Christmas presents from a Starbucks whilst you’re on the move. But are you really connected to the store’s legitimate Wi Fi network, or are you connecting to a hacker spoofing an access point and who is slurping your details whilst you slurp your coffee? Stay off public Wi Fi for any transaction involving
I hope this helps some of you with protecting yourself online. For more information contact me on Twitter @marioc