I’m a list maker. I carry around various lists for different parts of my life, and add and delete as I work my way through the tasks. While much in my life has become digital, I always write these lists out on paper. No digital task lists on my Blackberry or in my e-mail system.
But in other ways, I’ve eliminated a significant amount of paper from my life. One benefit is that fewer important pieces of correspondence have to compete with the avalanche of catalogs that seem to pour into the mailbox with astounding regularity. However, there are risks.
As part of my role at Vanguard, I think a lot about information security, and I’ve seen how the fear that someone will steal personal information from a physical mailbox has shifted to the fear of someone doing the same thing with an electronic mailbox. Guarding personal data online has become part of our lives, according to the Identity Theft Resource Center, much like looking over your shoulder on a dark night. In fact, identity theft has been the number-one complaint category at the Federal Trade Commission—accounting for 26% of all reported complaints in 2008—for nine years in a row.
While I think fewer of us are willing to bet that identity theft will miss us, the fact is that many people still feel like they’re in their own little world as they sail through the Internet.
We aren’t, and I believe we need to adjust our attitude.
Start by assuming your computer has already been compromised. Imagine that someone has placed “malware” on it, hacked into it, or “slaved” it to another machine. If you find these scenarios hard to believe, think about the last time you had repair people in your home. Did you leave your passwords next to the computer or in the top drawer while you left the room? Do you store the backup for your PDA on your desktop? If so, you’re inviting an information thief to come along and “scrape” all that data—such as that file in which you store all your passwords.
So, how do you reduce the risk? By making things harder for the fraudsters out there. Just as locking your doors, keeping lights on, and arming your alarm system will discourage thieves, so too will a few precautions on the Web.
You wouldn’t leave your bank statement on your kitchen counter during a party—you’d put it away. That same information should be stored digitally in a password-protected file. It’s not foolproof by any means, particularly if you use the same password for everything, but it lessens the chances you’ll be targeted. The object is deterrence. If someone really wants to break into your home, they will. The same goes for your computer.
Never click “Reply” on an e-mail and give out any personal information, including passwords. People do this all the time and lose personal data immediately. Make sure you have antivirus software, and when the message pops up that says it’s time to renew or update, don’t click “Tell me later.” Get it done right away. When shopping online, always use the same credit card—not a debit card—to help catch false charges. And before you click “Submit,” look for that yellow padlock in the lower right-hand corner of your browser.
More tips: Know who you are buying from, because the highest percentage of online fraud is from undelivered merchandise, according to the Internet Crime Complaint Center. Password-protect your home wifi network—not doing so is tantamount to leaving your front door wide open. Also, think about “diversification of data.” Just as diversification helps reduce risk in investing, it can help reduce the risk of losing personal data. That means not storing everything in the same place, even if it’s password-protected. Split it up. If you’re targeted by thieves, maybe all of your data won’t be taken, and you’ll have a chance to protect some of it.
We take this topic very seriously at Vanguard. Please check out our Security Center for more information.
• Links to third-party websites mentioned in this blog post will open new browser windows. Vanguard accepts no responsibility for content on external sites.
• This information is for educational purposes only.