Author and personal finance coach, Usiere Uko, writes on ways to protect your money from identity thieves
It is holiday season again and the children are home. We tend to spend more while at the same time get more exposed to risks as the children browse and download all manner of stuff on the family computer. It is also high season for online scams and identity theft – someone stealing your details to login into your account or use your card details as if it was you. As Nigeria is gradually going cashless, identity theft will likely increase as robbery and kidnapping become less attractive due to limited access to cash.
There are many ways identity thieves obtain your information. Common ways include but are not limited to:
Hacking, spyware and malware
These are thieves without borders who can launch an attack from anywhere in the world. Some hackers patrol cyberspace looking for exposed system to attack. Others access your system through a spyware or malware – software that collect your data and transmit back to base.
Continue reading after the cut....These are usually from downloads from some websites, often bundled with ‘free’ downloads. When you download some software free, you also download some programs that may be used to steal your personal data. Some come in form of a virus (malware) which also inflicts damage in addition to stealing your data.
Often the stolen data is stored in your browser. Browsers usually offer to save your passwords, which means they collect it first before they can save (you cannot save what is not in your custody). I am shocked when I log into my account online and my browser prompts me to save my password. Bank websites are supposed to be secure enough to disable this functionality. Never save your bank login to your browser. If you can help it, that goes for your email account too – you can pay heavily for that convenience. Many have had their email account hacked into and mails sent out on their behalf soliciting for help. I know of some cases people actually paid without verifying by calling the person directly.
We love free things, especially free internet access. Hackers and identity thieves know this also, so they spring a trap where people tend to gather in numbers e.g. airports, eateries, malls etc. You see free wifi and get excited when you connect without a password. If something is too good to be true, it usually is. Someone may be sitting in a car or room close by accessing your system (since you are connected to his network to browse) and trying to access your private information.
This is one of the most common. You get an email from ‘your bank’ or a bank you have no account with, warning you that your account may be suspended if you do not click on a link to update your details. If you hover your mouse over the link, you will notice a strange URL. If you click on it and provide your details, it will be received with thanks by identity thieves. No bank will ask you to update your details by clicking on a link. You should know your bank’s website address and login in by typing in same. Millions of these mails are sent out every day and a 0.1 per cent success rate is bonanza for the thieves.
Another trick, though not related to phishing or identity theft, but email harvesting is when mails are sent out for you to join a good cause, pass on to others, win a prize etc. It is common on Whatsapp and email. You get a chain mail asking you to forward to others. For example, Bishop A’s TV broadcast is about to be banned in the US and they need signatures to overturn the ban (they need Nigerian signatures to overturn a pending US ban?). Apple wants to give out a free phone, please forward to your friends. As you forward the mail to your contacts, one smart Alec is collecting email addresses free of charge for sale to marketers.
Sometimes the thief is someone in your vicinity – someone who can look over your shoulder to memorise your details as you type them in. The person then accesses to your system when you are not on seat. I have had to change my phone passwords severally as my children memorise my login. I often catch them playing with my phone which was supposedly locked. If they were thieves, they would have had access to my account balance information through credit alerts etc. Often we leave our computers for others to make use of, without creating a separate guest profile for such; hence they have access to our private information. They can easily download our passwords from the browser before we return.
Many people do not clear their browsers and files when they sell, give away or send their computer for repairs. They give it away with their login details stored in their browsers as well.
Take measures to protect yourself
One basic way to protect yourself is to reduce the amount of idle cash in your account. Save and invest first before spending. Don’t leave large amount of money in your account on idle mode for long. It should be working for you somewhere. When you must hold some cash for a period, you can leave it in a savings account without internet banking or ATM card linked to it. That means you can only access that account via the banking hall. This is inconvenient and old school but protects you from identity thieves online. The person has to physically impersonate you to access the account.
Another way is to enable pin (pass code or secure code) for online transactions (different from your normal pin). Most foreign websites only ask for card number, expiry date and security code. Few ask for billing address and post code. This means anyone can copy your card details and go shopping online on your behalf. Online pin adds another level of protection. However, as stated earlier, someone can steal your passwords from your browser through spyware. That is why it is critical to invest in a good antivirus and keep it up to date. Some banks require a one-time password which is sent to your phone by SMS in order to complete transactions on a 3rd party website. That way, even when someone obtains your details, he still cannot use your card without your phone. The same principle applies with tokens for online account transfers.
These are just some of the ways your details can be compromised online and ways you can protect yourself. There are syndicates that operate offline – steal your wallet or trap your ATM card in the machine etc. You need to remain up to date on how to protect yourself from these threats. Happy holidays.
- financialfreedominspiration [firstname.lastname@example.org]
Share your thoughts.....thanks!