Whether you are new to college, single and dating or newly divorced (because you panicked and confessed when news of the Ashley Madison hack hit the media), I’ll bet there is at least one socially transmitted disease you haven’t started worrying about: identity theft.
If you use Facebook, you’re making easy work for identity thieves. The same goes for the whole cosmos of social media whether you favor Twitter, Instagram, Reddit, Pinterest, YouTube, LinkedIn, or prefer to Tumblr your thoughts, preferences and predilections to anyone who cares to know what they are. The more you put out there in publicly viewable spaces, the more your personal identity mosaic is exposed. An identity thief’s day job is piecing together that mosaic into a passable, or useable, version of you: one that will get through the authentication process of financial, medical or governmental organizations.
The echo of another kind of disease here is intentional. Like the more widely known kind of STD, the socially transmitted diseases that fall under the rubric of identity-related crimes are contracted by unsafe personal information practices. Unlike the more familiar variety, where safety is taught in high school, tacked to college community boards and heralded by countless other media new and old, not as many people these days know how to stay as safe as possible from the threat of identity theft, especially online.
How to Practice ‘Safe Social’
Don’t overshare. It’s OK to let the world know you’re on vacation so long as you have a great security system at home, or you have a house sitter. Traditional trespassers use social media to know when houses are unguarded. It is far better to share the memory than report the experience as it’s unfolding.
Be careful when posting pictures. While it’s fun to brag about a new purchase–whether that be a diamond ring, a new car or the smartest TV on the market, just be aware that anyone following you now knows where they can get your newest trophy or indulgence for free.
Geotagging is for victims. There is no upside for you here. Companies like geotagging photos and other people-powered media assets because it gives them bankable information that could lead to future sales. Whether you are letting Twitter or Facebook or FourSquare narrowcast (or broadcast depending on your privacy settings) your location, failure to disable location services on your device permits geotagging, which also gives thieves bankable info that could lead to future crimes.
Know your privacy settings. Make sure you understand how your posts are being displayed or distributed by the social network you use. For instance, on Facebook you can set a post to “Public” or “Only Me” with many choices in between.
Lying is good. Facebook especially is a perfectly acceptable place to not be forthcoming about your age, hometown, place of employment, or even the college you attended and what years you were there. Identity thieves comb social sites for information to complete dossiers of personally identifiable information that will allow them to correctly answer security questions and thus open new financial accounts or empty existing ones. If you don’t want to actively fabricate answers to these questions, just don’t fill out those parts of your profile.
Beware of quizzes that require personally identifiable information. Make no mistake, your email address and name count.
There Is No Immunization
Unlike the other kind of STD, the socially transmitted disease of identity theft is not avoidable. There is no immunization, no safe way to avoid it–not even complete abstinence. There have been too many breaches with too much data for anyone but those living entirely off the grid to be completely safe. (And even still you can’t be sure.)
Your best bet, in my opinion, is a system detailed in my book (forthcoming in November). A key element to that approach is acceptance. Specifically, you need to come to terms with the fact that it’s no longer a question of “if” but “when” you will become a victim of at least one, if not multiple types, of identity theft. Anyone who tells you that they can keep you from getting got is selling snake oil. In fact, they are running afoul of the Federal Trade Commission. There is no guarantee. There are, however, best practices.
The Three Ms
If you accept the basic premise that you are at risk for identity theft no matter what you do, here are some thoughts as to how you might stay as safe as possible. The good news may actually be that you are a seasoned and intelligent user of social media, because that means you already have several of the habits in place that you will need.
1. Minimize Your Exposure
The same strategies you can adopt to make yourself a harder-to-hit target on social media goes for the rest of your life. Whether that means saying “no” when asked for your Social Security number, limiting the amount of sensitive personal information you provide to anyone who contacts you, making sure all your accounts (email, social networking, financial or retail) have different and unique user names paired with unique long and strong passwords, properly securing your computers and mobile devices, or freezing your credit — there are a variety of things you can do to make your attackable surface smaller.
2. Monitor Your Accounts
If you use social media regularly, you are used to checking in on a regular basis — the Pew Research Center found that 70 percent of Facebook users check in daily as did about half of Instagram users, and nearly 40 percent of Tweeps. The same behavior, applied to your financial life, may keep you from getting got… or help you undo or minimize the damage in case you do. Get free annual credit reports at AnnualCreditReport.com. Review your credit reports, and get your credit scores — many sites offer them for free, including Credit.com, which updates your scores monthly — to watch for changes. Check your bank and credit card accounts daily. Other things you can do include signing up for free transactional monitoring alerts at your bank, credit union or credit card provider, or purchasing more sophisticated credit and non-credit monitoring programs.
3. Manage the Damage
When the dark day comes that your daily practice of monitoring your credit or financial life yields a compromise, you need to get on it immediately by informing the institution of the account that is involved as well as law enforcement and the fraud department of at least one credit reporting agency. Since many insurance companies, a number of financial services organizations and the human resources departments at a number of companies offer complimentary or low-cost identity theft assistance as a perk of your relationship with the institution, check to see if you are covered or if not, how you can get covered. Resolution experts can greatly help you speed your way back to normalcy.
Identity theft is a permanent threat. The best way to stay safe is to change your behavior. The above tips are only some of the ways to do that. In the age of universal data vulnerability, practicing safe information hygiene is a must – lest you contract the one STD that may haunt you for the rest of your life.
Adam K. Levin is a consumer advocate with more than 30 years experience in personal finance, privacy, real estate and government service. A former director of the New Jersey Division of Consumer Affairs, Levin is Chairman and founder of IDT911, Chairman and co-founder of Credit.com and serves as a spokesperson for both companies.