The IT Nerd

By Hank Schless, Senior Manager of Security Solutions at Lookout

January 31 to February 4 is Identity Theft Awareness Week and it’s the perfect time to safeguard your important information and strengthen your security to protect against risks.

Identity theft occurs when someone obtains key pieces of someone else’s personal information, including, Social Security number, home address, date of birth or bank account data, and uses it for fraud or other illicit purposes. It is widespread, and getting more so: The Federal Trade Commission (FTC) fielded nearly 1.4 million complaints about identity theft in 2020, more than double the 2019 total. 

Identity thieves have a range of tactics to collect personal and/or financial information that enable them to commit ID Theft. Lookout, the leader in delivering integrated Security, Privacy, and Identity Theft Protection solutions, says that many of these tactics are executed digitally – including scrapping information that is compromised as part of a data breach of banks, schools, retailers and other companies that often collect large amounts of consumer data. 

Due to the nature of technology and the internet, your personal information is always at risk. If you’re not carefully monitoring your credit and online accounts you may not notice you’ve been victimized until the damage is already done. 

Here are 5 key ways identity thieves can get ahold your data & how to protect yourself:

• Data Breaches: A data breach happens when someone gains access to an organization’s data without authorization. The most common types of information stolen in data breaches include email addresses, passwords, full names, Social Security numbers and credit card numbers. In 2021, data breaches reached an all-time high of 1,862, according to the Identity Theft Resource Center (ITRC) 2021 Annual Data Breach Report, which is more than 68% increase over 2020.
• Phishing and Spam Attacks: Scammers can use email, text messages, social media and other forms of electronic communication to trick people into sharing sensitive information. The message often looks like it’s coming from a reputable source and asks victims to give up one or more types of information.
• Malware Delivery: Malware is malicious software that can be designed to steal information. Fraudsters may use malware to collect your data or spy on your mobile device & computer activity without you knowing. 
• Wi-Fi Hacking: If you use your computer or phone on a public network, for example an airport or coffee shop Wi-Fi, hackers may be able to “eavesdrop” on your connection. This means that if you type in a password or credit card number while connected to an unsecure Wi-Fi network, a bad actor may be able to gain access to that information. 
• Password Compromise: When a company suffers a data breach, often your login credentials (your email and password for the breached service), can be exposed to thieves. If you also use the same password for other accounts, hackers can quickly try these same passwords to gain access to other accounts as well. If you use weak passwords that are easy to guess, that can also put your online accounts at a high risk of compromise.

How To Protect Yourself

1. Learn if your personal information may be compromised, and take steps to protect your identity.  
   • You can start by using Lookout’s free email scan tool to get a report of any data breaches that may be associated with your email and online accounts. 
   • If your email has been leaked, it’s important to change your passwords to the associated online accounts immediately. 
   • For an added layer of protection, enable two-factor authentication (like Google Authenticator) to protect your accounts. Two-factor authentication helps protect your account even if your account credentials are compromised.  
2. Monitor your credit regularly. Keep an eye out for illegitimate inquiries or suspicious accounts opened in your name. 
3. Install security software – like Lookout Security & Identity Protection – that helps keep your identity & financial information safe by protecting you from the key threats that can lead to ID Theft – including phishing scams, Wi-Fi attacks, and malware – as well as  provides ongoing ID monitoring and full remediation if a problem ever arises. 

In the last decade, Google Workspace has become one of the most commonly used platforms for email and collaboration with over 1.8 billion users worldwide. Asserting it’s mobile-friendly dominance, 75% of those users access Google’s apps on their phones for the reliability and convenience of staying connected on the go. 

Unfortunately, Google, and many other large companies – including Fedex, Amazon, and Netflix – are often impersonated by bad actors looking to phish users and scam them into sharing personal details and account information with incredibly convincing, but fake, login pages. 

Only 33% Of People Could Distinguish A Real Website From A Fake

Many of us would like to think we recognize Google when we see it on our phones. However, a recent survey conducted by Lookout, the leader in delivering integrated Security, Privacy, and Identity Theft Protection solutions, has discovered phishing pages are so deceiving that only a third (33%) of consumers could reliably distinguish the real Google login website from the fake website, below:

Note, in the image above, “Option A” is FAKE, and “Option B” is REAL

Learn the tips to protect your email and safeguard yourself against ID theft: 

• Google recommends that customers never enter their password after clicking a link in a message. If you’re signed in to an account, emails from Google won’t ask you to enter the password for that account. If you think an email that looks like it’s from Google might be fake, go directly to myaccount.google.com/notifications. On that page, you can check your Google Account’s recent security activity.
• Attackers will always try to create high-pressure situations that cause you to not think about what’s happening. If you’re ever contacted in this way and the individual is asking you to download an app or click a link, simply don’t. 
• Download a mobile security application on your device – like Lookout – that will block connections to phishing sites before they can do harm and alert you immediately if you download a malicious app.