Which description best describes your password to access sites containing personal and/or financial information? A) at least eight characters long B) at least one symbol C) a combination of uppercase and lower case letters D) and at least one number How often do you shred (or otherwise render unreadable) documents that contain sensitive financial information before you put them in the trash? Do you store/reveal any personal contact information including phone numbers, complete date of birth (month/date/year), e-mail addresses, physical addresses, etc. on any social networking sites such as MySpace, Facebook, Friendster, LinkedIn, Twitter, etc.? If your answer to the first question is less than two of the options, the answer to your second question is never and the answer to the third is yes, then you, my friend, have just been identified as a potential victim of identity theft.
We’ve seen movies like The Net, Identity Theft and Unknown where people wake up one fine day only to see that they aren’t who they were anymore.
With their identity and life’s work stolen, they’re pushed back to below square one where they have to battle it out.
While the movies, being movies, naturally exaggerate such circumstances, the instance of identity theft isn’t that farfetched.
With the virtual world swamped with multiple double lives (read multiple profiles), one for work, one for family, one for friends, websites like LinkedIn, Facebook and Twitter are like a candy box for identity thieves.
Identity thefts have a wide range — from user profiles for websites to phony bank sites that mimic a reputed bank and steal credit card information.
There are also fake profiles of already existing ones that are created to try gleaning sensitive information from other users.
And of course, the usual hacking of a profile.
But the real deal isn’t just hacking.
In most instances, the hacker is known to the victim, pretty much like how most rapists are associated to their victims.
Usually a truant husband or disgruntled boyfriend or in other cases mischief-making classmates or colleagues, the majority of abusers know their victims well.
Says one victim of hacking, “Both my Facebook profile and Gmail account were hacked by an ex-boyfriend and the password was changed.
Thankfully my Facebook profile was linked to my Yahoo account, so I was able to retrieve it.” Another victim, Apoorva Bellubi, who’s a student, says, “My account has been faked around three times, while at one instance I received a request from one of the fake accounts with my picture on it.” At the moment, one in at least 15 people are victims of some form or the other of ID theft, be it user accounts or credit/debit cards.
People’s accounts which have been hijacked have either left their password lying around or have accessed their accounts from a system with multiple users — like a cyber cafe, college terminal, office computers — anyone of which might have encrypted the system to pick up other users’ information.
Agreeing, Bellubi says, “Though I don’t exactly know who did it, I’m pretty sure it was someone from my college who set up the accounts.
One of my friends also found their picture attached to a random profile as the display picture.” Prosfessional ethical hacker, Ankit Phadia explains that the percentage of hackers knowing their victims is high because the easiest way to crack a passkey is to guess it.
“Very commonly the password is guessed by the hacker.
That is usually because people use their birth dates, maiden name or hometowns as their password something that someone who reasonably knows you well will know.
The only instance that a random hacker is interested in you is when you’re famous or you’ve publicly declared you’re assets.” So how does a layman protect his account from unsuspecting close quarters? “A strong password is your best bet.
Besides that, you can also link your account to your mobile like you can with a bank account; you will be notified of any account activity.
For Gmail users, the service has a two-step verification that can be activated.
When you sign in, a random pass-code is generated on your phone which must be typed in.
So even if the hacker breaks your password, they will need physical access to your phone to access your account.”
You don’t need to be famous to become a victim of identity theft.
A harsh word in the wrong ear can be enough to cause trouble.
So make sure you use a tough password and ensure that your privacy settings are as good as they can be.
To check if your information is really secure, you can also take the safety quiz on the website www.idsafety.
Scored on 100, the closer you are 0, the safer.
Websites like these test your password skills and also suggest tips at ensuring that your content remains secure online.