7 tips to protect yourself against online fraud and identity theft
March is Fraud Prevention Month! We’ve put together a list of tips that you can use to protect yourself and your friend and family. Take a quick read through it could help you to spot potential fraud before it happens.
1. Don’t take the bait
This is one of the number one ways that fraudsters and hackers can gain access to your information. Don’t open up links, pictures, or attachments from any unknown contacts or simply if you are suspicious. Red flags could include content that your contact wouldn’t likely share, pictures claiming to be you, or an attachment sent from a person you have little to no contact with. If you are suspicious about any of the above or something feels off about the content, do not reply to the email. Make sure to verify with the sender through another communication tool such as calling the company or sender over the phone to make sure that they did in fact send the item themselves and that it wasn’t maliciously forwarded from a disreputable source. Other forms of bait could be being “randomly” selected to be a winner of a prize of a contest you did not enter, or too-good-to-be-true offers online, long lost contacts, or online “virus” scanners. These are very general but aim to give you an example of what a potential scam may showcase in an attempt to convince you to click on their content.
2. Change up your passwords, and use strong passwords
Your username password is usually the only thing stopping a potential scammer from gaining access to information sites like your personal email, social media, or more. Avoid using easy to guess passwords, such as “Password”, your birthday, etc. The number one password according to a recent study, was 123456. Several of the top 10 were related number combinations. By using a password like this, it makes it very easy for a hacker to simply guess your password without even having to know you or take further action. When creating passwords, use strong password criteria such as passwords that contain multiple instances of numbers, upper and lower case letters, and special characters when available. To take this a step further, activate two-factor login authentication that can be as simple as answering a secret question set by you, or having a 4-6 digit pin number texted to a smartphone of yours that you’ll need to enter into the login to access your account. This is the preferred method as it gives you significantly higher security and a scammer wouldn’t be able to access your account without your password, secret question, and personal device.
3. Use sites that contain only HTTPS URLs
This is one point that is extremely important to take note of. If you are on any site that you are looking to make a purchase from, or enter personal information into, at the very least make sure that the secure icon is displayed, and that the very first letter preceding the “www” are https:// and should show up in your web browsers address bar like so:
Depending on your web browser, it may display differently so make sure to take note of the actual letters in the URL address.
4. Stay up to date on current scams going around
Staying up to date is by far one of the best ways to make sure you’re protected against fraud and identity theft. If you are aware of the scam going around you will be significantly less likely to fall victim to the scammer’s intent. Some of the common scams going around could potentially be dating services, computer services, charity organizations, and even people posing as government agents such as Canadian Revenue Agency (CRA). There are several more common types, make sure to check the Little Black Book of Scams and stay up to date with some the common and current scams going around.
5. Keep personal information confidential
Unless you are very confident about the site you are using, be wary of entering information on sites that are looking for your personal information. Be especially wary of sites asking for any financial information, address and birthday, or middle names. Most sites do not need this information and have very little use to collect this, especially all in one place. A huge red flag is if a site (aside from a verified government website) will be if they are asking you to input your social security number or any other personal identification number, your Personal Health Number, Drivers License Number, or Birth Certificate ID Number. There are very few organizations on the internet that will actually need this information so be wary and do your due diligence before inputting any of this information into an online site.
6. Don’t respond to phone calls about your computer asking for remote connections
Unless you have otherwise contracted an IT company to fix your home computer, which is probably unlikely, anyone who phones to try to gain remote access to your personal computer is very likely up to no good. These scammers will tell you that they are updating your version of Windows, fixing an error they detected on your machine, offer to clean up and speed your machine up, and many other stories, but in the end they are looking to do none of these things. Often, these types scams will lock down your computer and demand that you pay them to unlock it for you, in which it won’t stop there. Once you give them your payment details they now have your personal information to do what they wish with. The best thing that you can do to anyone that you don’t know asking for remote connections to your computer is to hang up on them without saying a word.
7. Be wary of unusual payment requests
Lastly, be wary of any merchant or any website accepting payment forms that are out of the ordinary. Websites that only accepts payments in the form of bitcoin or other e-coin, pre-loaded debit cards, gift cards, or iTunes cards are most likely doing this so that they are unable to be tracked and generally there is a reason for this. Any reputable online retailer will likely be able to process credit cards on site instantly, or through a well-known payment processor such as PayPal or Square.