Hackers and scammers often seek to access personal data such as names, addresses, bank details, and email addresses without the user’s knowledge. They misuse this information, obtained through criminal means, to make online purchases or subscribe to paid services, a phenomenon known as online identity theft.
Given the potentially severe and costly consequences of online identity theft, users must take all possible steps to prevent it and protect their data on the internet. Here are some important measures to help maintain privacy:
Minimise Sharing Personal Data Online
Users should be economical with their personal data on the internet. Stephanie Lüsing, Chief Detective at the State Criminal Police Office in North Rhine-Westphalia, Germany, advises, “Anyone logging in to websites should ask themselves whether the requested data is necessary or not.” This also applies when creating or modifying online profiles.
Be Skeptical of Requests for Personal Data from Strangers
Users should be wary of requests for personal information from strangers, such as identity data or PIN numbers for bank transactions, whether via text messages, instant messaging apps, or emails. Julia Rehberg from the Consumer Protection Centre in Hamburg warns against disclosing such information, noting that reputable banks and service companies never request data through these means.
Avoid Clicking on Links in Emails
Users should avoid clicking on links in emails from unknown senders, as these links often lead to fake pages that request personal information, which then falls into the hands of hackers and scammers. It’s also important not to open attachments from these emails, as they may contain viruses designed to infiltrate the user’s computer and steal sensitive information. This method of data theft is known as “phishing.”
Regularly Update Operating Systems
Users must regularly update their operating systems on desktops, tablets, and smartphones. Lüsing explains that updates can be checked and installed via settings, ensuring that the operating system is protected against the latest viruses.
Use Strong Passwords
Rehberg advises setting strong passwords when logging into websites and services. A strong password should be at least 10 to 12 characters long, complex, and include a mix of uppercase and lowercase letters, numbers, and special characters. Users should avoid simple passwords like “123456” or “abcdef,” and should not use personal information such as birthdates or addresses as passwords.
Enable Two-Factor Authentication
To further safeguard privacy and data, users should enable two-factor authentication in addition to strong passwords. This requires entering an additional code alongside the password. Lüsing notes that this feature prevents unauthorised access even if the password was leaked.
Verify Email Address Security
Users can check if their email addresses have been compromised and if their passwords are available online through services like the “Identity Leak Checker” from the Hasso Plattner Institute. If a password is found to be compromised, it should be changed immediately.
What to Do If Your Identity Is Stolen Online?
If a user receives invoices for products or services they did not order or notices unexplained charges on their bank account, their online identity may have been stolen. In such cases, Lüsing advises promptly reporting the incident to the police and changing all online account passwords.
If hackers have infiltrated a user’s computer and deployed ransomware, which encrypts data and demands a ransom for its release, users should ignore the ransom demand, change their passwords immediately, disconnect the affected computer from the internet, and consult an IT expert for damage repair.
Experts recommend regular data backups stored on external drives not connected to the internet to prevent ransomware damage.
