How to protect each of your identities from theft

• The comparison
• Tutorials
• How to protect each of your identities from theft

The concept of using similar documents and fake documents to mislead people is not new, but the introduction of the Internet and easily accessible online services has made identity theft an industry in itself.

One world, several identities.

The basic principles of cybersecurity are to first understand what you're trying to protect, and then what you're protecting it from, so you can put the right controls in place. Therefore, to prevent identity theft, you must know who you are, both in the physical world and in the cyber world. Once this is understood, you can ensure that you have the correct controls in place to protect the aspects that define your entire identity. In the physical world, your identity is defined by government identification documents, such as passports, national insurance cards, driver's licenses, and other important documents, all of which can be forged or stolen. However, most people are aware of the risks of stealing a passport or driver's license, and the government is implementing measures built into the document to make forgery much more difficult for criminals. It's very different from the online world, where most people aren't fully aware of what really identifies us online. This makes it much easier for criminals to steal and abuse those identities, because if you don't know what to protect, how can you protect it? In the physical world, we essentially have a singular identity. In the cyber world, we have many identities in the course of legitimate online activity, and compromising any one of those identities can start to cause big problems that transcend the real world.

Think beyond your physical identity

Protecting your identity starts with the basics: minimize what identifies you, keep this information in as few places as possible, and don't share it with anyone. Keep your identity to yourself and do not reveal it, because the less you reveal about yourself, the less likely it is that this information will fall into the wrong hands. It is well known that this is information that can be used to identify a person:

• National insurance number
• Speak to
• Email
• Telephone
• Connection identifier
• Social media posts
• Biometric information
• Digital images

However, there are also:

• Geolocation
• Behavioral data
• IP address

How many people know your secrets?

If we think about your basic online identity, it's basically a username and a "secret." You can use the same identity on all websites, but it becomes a risk, because if that identity is stolen, criminals have the key to unlock access to whatever you use online. Your credentials (such as a username and password) are not always stolen directly, they are most often stolen from the operators behind the systems you log into. You only need to look at the volume of credentials that have been leaked due to breaches to realize that if you've only been using the Internet for a few years, some of your credentials are susceptible to being stolen and published. online since a data breach.

Try not to be yourself

According to Moore's Law, computing power doubles every 18 months, which means that every 18 months, the time it takes to deploy a brute-force attack on a password will halve. That is why recommendations for password length and complexity increase over time, because a key length that was secure 10 years ago will not be secure now. For best practices: When choosing and changing your password, NCSC recommends three random words that are unrelated to each other and also not yours. Therefore, the name of your pet or your hometown should be omitted as an option when creating your password. This is because knowing something about someone is a good starting point for guessing their password, and in today's world, you really don't need to physically know them, most people. These days, people will gladly share details of their loves and hates on social media, which can be harvested by those who wish to steal identities. It wouldn't take a stroke of genius to realize that someone posting pictures of their pet could probably have similar words in their password. However, as we know, passwords are frequently stolen, so it is important to change them regularly, but it is also important that online identities are protected by more than one set of credentials. This is where multi-factor authentication comes into play. Recommendations for verifying a person's identity in the real world include the use of multiple documents. There are three basic factors in the cyber world:

• Something you know, like your mother's maiden name
• Something you have, like a security token or a phone number
• Something you are - Biometric credentials

The same factor can be used multiple times, but it's not as strong as using multiple factors, and for true 2-factor authentication (2FA) there should be two independent factors. The second factor should not depend on the first, so using the same username and password for one system to open your email account and retrieve a security token is not true 2FA. While biometrics is generally considered a reasonably strong factor, it can be circumvented through the use of fake fingerprints, voice recordings, or photos: think about how many photos you have of yourself on social media, like Instagram, Facebook, or LinkedIn, and remember that this can provide a rich source of images to fool facial recognition.

Has your identity been stolen?

Let's go back to the origin of identity theft by becoming an industrialized industry and not a managed business in the Internet age. The basic online identity of a username and password isn't very useful on the dark web, but if it's a password you use for multiple accounts, it can become a rewarding purchase if the person is willing to dig a little deeper. However, it is the wallets that consist of identification numbers, addresses, dates of birth, credentials, medical records, etc., that attract the best prices. If someone is looking for your full computer and physical identity and is willing to do anything, chances are they can get it if you're not careful. Other than that, 99% of people involved in identity theft are looking for money quickly and easily. They're also likely to be in a different country or continent than you, so they won't be able to line your pockets or break into your house to steal devices; They are not state spies. However, it is those who will seek their cyber identities that are much easier to identify, so it is important to educate yourself about the risks and not reveal crucial information that can be accessed remotely. There are several steps you can take to reduce the risk of identity theft both in the real world and online. In the real world:

• Securely store documents that contain personally identifiable information, such as your name, address, etc.
• Safely shred these documents when you no longer need them
• Monitor your bank accounts and credit score for any suspicious activity
• When moving to a new home, make sure all contacts are up to date and mail is redirected
• When disposing of electronic equipment, make sure it is dry

In the cyber world:

• If you are shopping online, take the time to review the website and make sure it is secure.
• Learn to recognize online scams
• Quizzes on social media are often a way to keep track of respondents - copy and paste the link instead of clicking directly
• Secure your passwords and use different passwords for different accounts
• Don't secure your password vault with the same credentials you use online
• Use multi-factor authentication whenever possible

Finally, in all circumstances, you should always disclose the minimum amount of information to ensure maximum security. At the end of the day, your identities are an integral part of you, so don't lose control. Stay alert and you won't be disappointed.