Happy Data Privacy Day!
That’s right. Today is National Data Privacy Day. And though it is not a “real” holiday, it is certainly an important one.
I’m sure you have all heard about at least a couple of the major data security breaches that took place in 2017.
One of the most publicized was the Equifax Data Breach that we learned about in early September 2017.
The numbers initially reported by Equifax estimated that 143 million were affected by the breach though later reports estimate that the number was closer to 145.5 million. In a statement released in Equifax in September, the company revealed that the breach began mid May and continued through July of that year. There was no clear explanation as to why they waited an additional 5 weeks to alert consumers.
There is not much that you can do to avoid a security breach to a company that you have no control over, but there are steps that you can take to guard your data privacy.
The information below was primarily derived from articles posted by Norton, one of the largest computer safety software companies.
Keeping your information safe.
There are several ways that identity thieves can get their hands on your information and not all of them are high tech.
Dumpster Diving
An old, but unfortunately proven effective way for your info to be stolen is for your information to be taken from your trash. Old bank statements, expired credit card offer etc. should all be shredded not just through in the trash. Though not a dumpster, your mailbox can also be a vulnerability you should take care of. Empty your mailbox daily and consider replacing your mailbox with a locking one like these. Locking mailboxes on Amazon
Phone Scams
Never, ever give out your information to someone on the phone unless you are 100% certain of who you are speaking to. Keep in mind, just because your caller ID shows the name of company you recognize, it doesn’t mean that the call is really coming from them. It is fairly easy for scammers to trick the system so the caller ID shows something different than the actual phone number that they are calling from.
If you get a call from a company stating that they need to verify your information, or maybe confirm that a charge was made to your card, tell them you will call them back. Hang up and call the number you have for that company, not the one they called you from.
Phishing
Phishing is the practice of sending an email to someone pretending that it is from a reputable company or one that is known by the recipient.
How do they know what companies you would recognize? They do their homework. They troll the internet, including social networks, to gather background information about your family, your interest, your activities, your work history etc. That information then allows them to craft an email or phone call script that will make them more believable.
The goal is to get you to click on a link that will either automatically download malware or that will take you to a site that will install that software or trick you into thinking it is a legitimate site. The end game is to gain access to your information. They don’t care if it is by gaining access to your device so they can steal your information off it or by tricking you into providing user names, passwords or account numbers.
Just like with phone scams, do not provide your information directly. Unless you are expecting an email for a password reset or a link you requested, if you receive an email with a link, don’t click on the link. Open a new browser window and go to the website you normally for that company. If a company needs you to update your info, change your password or provide any other information, it will be on there.
Public WIFI
Connecting to the free public WIFI at Starbucks might be a convenient way to save on data charges but it can leave your data privacy vulnerable. Once you are connected to the network it may be possible for someone to access all of your information without you knowing.
And the same can be said for your home WIFI network if it is not password protected.
And speaking of passwords
One very important part of data privacy is keeping your information secure with a good password. Fortune magazine published an article listing the 25 worst (and most used) passwords of the year.
- 123456 (The reverse order was #26)
- Password (Add 1 to the end and you get #29 on the list)
- 12345678
- qwerty (
- 12345
- 123456789 (more digits in a sequence does not make it better)
- letmein
- 1234567
- football
- iloveyou (sweet but ineffective)
- admin
- welcome
- monkey
- login
- abc123
- starwars (New to the list in 2117)
- 123123
- dragon (game of thrones inspired?)
- passw0rd
- master
- hello
- freedom
- whatever
- qazwsx
- trustno1 (including your password!)
If you use any of the passwords above, or a variation of them, STOP! Change your password immediately.
Yes, keeping track of all of your passwords can be seem daunting but using the same password for all of your accounts or using easy to guess passwords could be a disaster.
How do you create a more secure yet easy to remember password?
First let’s look at the don’ts which are obviously in play in the list above.
- Don’t use short passwords, they are easier to crack.
- Don’t use names or dictionary words, that’s a piece of cake for a hacker.
- Don’t use part of your user name or account number
- Don’t use sequential characters (1234, qwerty, abcd etc.)
- Don’t use repeating characters (111, aaaa)
Now for the Do’s.
- Use at least 8 characters
- Use lower and upper case letters, numbers and special characters.
But how do you then remember the password?
Easy! Turn your favorite song lyric or saying into a password.
Let’s say that you are a Barry Manilow fan and your favorite song is Copacabana
Let’s take the first line of the lyrics: Her name was Lola, she was a showgirl (hopefully this song is not playing in your head on a loop like it is for me now!)
Your base password would be: Hnwlswas …. Now add a number and a character and voila! Your new password is Hnwl1swas!
Ok, but how do you then make sure you use different passwords for each account and still have it be easy to remember? Customize the password formula for the account type.
Add the first 3 letters of the site you are visiting to the password. For example. If you are logging into iTunes, you could use: Hnwl1swas!itu
To make it even more difficult for the hackers, pick a different line in the song or a different song for each account type. One for banks, one for shopping, one for computer access, etc.
Ensuring complete data privacy might not be a realistic goal but there are a lot of things that you can do to keep yourself safer. Now go change your easy to guess passwords, take those documents out of the trash and shred them and delete all suspicious emails!
If you have any questions on this topic or any other mortgage or real estate related topic, by all means reach out to me.
Send me an email
Give me a call – (858) 3-LOAN-SD
Text LOANINFO to 44222
Connect with me on Social Media.
Thanks for checking out this week’s The Mortgage Minute.
Please hit the like button if you enjoyed the Article.
Share it with your friends.
And of course, don’t forget to subscribe.
I’ll see you next week.
———————————————————————————————-