- Guard your social security number
- Memorize PIN numbers
- Carry a minimum of personal information
- Monitor bank statements and credit card bills
- Secure your postal mail
- Treat personal information with care
- Install a firewall
- Check your credit report
The last step was actually a detection and/or reaction measure:
- Consult with a CPA
I will comment upon each of these measures in turn.
Guard your social security number
This is a good idea and should be extended to other valuable identifiers (e.g. driver’s license, passport ID, bank account numbers). This has become very difficult to do as you Social Security number is used and required by many sources. Don’t expect a good national ID card anytime soon. It would be difficult and expensive to implement and many in the information security field are also political libertarians and instinctively recoil at the idea thus there is little positive work being done on this.
Memorize PIN numbers
This is good advice. It has also been increasingly difficult as the number account/password combinations increases and the reliability of passwords decreases. Future Purpleslog will discuss this matter soon.
Carry a minimum of personal information
Good advice. In modern society, it is impossible to not care some identification. So this measure reduce identity theft only slightly.
Monitor bank statements and credit card bills
Secure your postal mail
I don’t have much to add here. The recommendations here are: deposit outgoing mail that could be used to compromise you identity directly at the post office or a secure postal drop-off, don’t leave your mail sitting in your open post office box for people to grab, and when you are going to be gone for awhile stop your mail until you return.
Treat personal information with care
Duh. Remember to consider all mediums that you use: Verbal, Paper, Email, Web, CellPhone, Pay Phone, preprinted checks, etc.
Install a firewall
This should be more explicit: protect your home digital assets (PC, Mac, PDA)
Use a software or hardware firewall (e.g. Zone Alarm)
Use desktop anti-virus software preferably with built-in adware/greyware/scumware detection (I use free AVG for my PC)
For personal email, use a web-based system with built-in anti-virus and anti-spam (don’t use MS Outlook)
Don’t install software from unvetted source
Make regular backups of important information (e.g. burn CDs, burn DVDs, extra USB hard drive, use a internet backup service)
Don’t setup and use unsecured WiFi access points
Check your credit report
Get a copy of you credit report free once per year from each agency and review it looking for incorrect and weird stuff.
Consult with a CPA
If identity theft has occurred, several experts should considered for help: CPA, CPA/Lawyer, Lawyers, Financial Adviser, and local law enforcement. Have fun for the next couple of years. 😦
Other measures that should be considered in the future
- If you become a victim of identity theft, get a civil judgement against the perpetrator and publicize it. Ruin their credit. Retaliate with InfoSec Lawfare against the direct perpitrator and those organizations and individuals who enabled the perpetrator.
Other links of interest on the topic of Identity
Filed under: Information Security |