In this article:
It's easy to let your guard down online. Using a coffee shop's public Wi-Fi network to get work done might seem harmless, for instance. But take an online shopping break, and your credit card number could end up in fraudsters' hands.
Protecting your personal information online requires constant vigilance. Thankfully, though, there are proven ways to keep yourself safe. Use a password manager, lock down your social media accounts, limit your exposure to fraud by closing old accounts and familiarize yourself with the signs of phishing. Here's how.
How to Protect Personal Information Online
Safeguarding your information online will protect you from identity theft, which is when others steal your financial details or identifying information like your address or Social Security number.
Identity theft could result in fraudulent charges on your credit card, or even stolen tax refunds if your Social Security number is compromised. Follow these guidelines to avoid both the small headaches and more devastating consequences of identity theft.
1. Create Strong Passwords
No one should be expected to keep all their passwords straight based on memory alone. But that doesn't mean you should use the same one over and over.
Instead, create separate passwords for each online account that incorporate up to five words that don't ordinarily appear together, plus a mix of capital and lowercase letters and special characters. Or, as password manager Dashlane suggests, come up with a phrase that's meaningful to you, then create a password using the first letter of each word and unique special characters.
Even better: Download a password management tool like LastPass, 1Password or Dashlane, which will store your passwords and even help you generate strong ones. A recent study by security consulting firm Independent Security Evaluators found flaws in some password managers. Still, experts say they're one of the safest ways to store and organize your information.
When possible, use two-factor authentication. That means your account has a second layer of protection: You'll get a text message with a passcode to enter after logging in with your password, for instance.
2. Set Firm Privacy Settings
Regularly revisit the privacy settings on each of your social media accounts, including what information you share publicly and with friends. You'll be safest only allowing friends to see your posts, comments and profile information.
Social media companies' privacy policies may change, too, so take a deep dive into those to avoid being surprised by the entities that have access to your posts or demographic data. Update your settings so that you don't inadvertently share information with websites or apps connected to your social media accounts. They could sell your data or browsing history to advertisers, which may mean you have less control over your online presence than you think.
It's also best to avoid logging into other websites with your social media credentials. You may see "Sign Up With Facebook" or "Sign Up With Google" options, for instance, when prompted to create a new account on a third-party website. But condensing the number of passwords you use means one security breach could affect your safety on multiple sites and apps.
3. Avoid Oversharing on Social Media
You probably know that posting photos of your address, driver's license, credit card or other personal information on social media is a no-no, since that data could get into the wrong hands.
But you may share sensitive details without realizing it if, perhaps, you have location services enabled. Thieves could gather data from your posts about where you live or the fact that you're currently traveling, meaning your house or apartment could be singled out for burglary.
Check your phone's settings so that you're not accidentally sharing your location with any apps, even beyond those you use for social networking. Otherwise, someone who steals or hacks your phone could gain a wealth of information about your daily patterns of behavior, which could affect your physical safety.
Finally, make it a policy to accept friend requests only from people you actually know, even on a professional networking site like LinkedIn. The more strangers you're connected to, the less control you have over where your photos or personal details end up.
4. Close Online Accounts You No Longer Use
If you have a dormant former email address or social media account, shut it down. Any data stored there—sensitive information in your emails, photos or documents you sent as attachments, for instance—could be compromised in a security breach affecting those companies.
If you decide to invest in a password management tool, spending a few hours entering your current accounts and their associated passwords will help you identify ones you don't access often. The password manager will also end up serving as a database of all your online accounts, so you can review them once or twice a year and close unused ones.
5. Steer Clear of Phishing
Phishing is a way for fraudsters to deceive you into sharing your personal information, like usernames, passwords or financial details. For instance, a scammer may send an email posing as a reputable entity like your company's IT department or a financial firm, and include a link to reset a password or update your computer's software.
But clicking the link and sharing your password or personal information will put your security at risk. Following a link in a phishing attack may install malicious software, or malware, on your device, allowing fraudsters to find personal information that could lead to identity theft. Phishing can happen via phone or text message, too, and angler phishing happens when a scammer contacts you posing as a company you've recently complained about on social media.
To avoid sharing information you shouldn't, use caution when you receive a message from someone you don't recognize with a request to click a link or take urgent action. Familiarize yourself with telltale signs of phishing scams, like spelling errors in emails, a vague salutation that doesn't include your name, and email addresses or URLs in the message that aren't quite in line with the company they're supposedly associated with.
The more information you share online, the more that can be compromised by those who don't have your best interests in mind. But stay vigilant and communicate online with a healthy amount of skepticism, and data that's private will stay that way.