There are a number of things you can do to minimize your chances of becoming a victim of identity theft. While there seems to be a lot of advice below, it all comes down to one simple principle to follow - don't give out any personal information to any person or organization unless they truly need it to interact with you and you trust them.
Identity theft, the impersonation of a person using personal data collected or stolen, has become a more serious problem with so much of our information passing over the Internet.
Your personal data, including name, address, date of birth, Social Insurance Number (SIN), and credit card details can be used by criminals to obtain credit cards, open new bank accounts, or make fraudulent purchases. Although there are programs that may compensate you for some financial losses, you may still face unwanted bills. You will certainly lose a lot of time trying to clean up after having your identity stolen - replacing credit cards, changing passwords, reviewing credit card and banking statements looking for losses, and contacting organizations to clean up your online reputation.
Use strong passwords
Weak passwords include simple words that can be found in dictionaries, portions of your email address or your name, personal information like important dates, among many others. Many tools exist to guess passwords, and avoiding weak ones can help prevent hackers discovering them. Using a phrase instead of a single word, or mixing letter cases, digits, and symbols can make a password stronger. For example, instead of using "bluejay" as a password, use something like "bl00Jaze1993" or "ElectCitoGaston4Premier".
Use different passwords for every site you use on the Internet
Breaches of databases at Internet sites occur often. Among high-profile sites, the most recent data loss occurred at Kickstarter, with usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords being stolen by unknown hackers. Hackers may be able to retrieve the actual password. They then use the combination of the email address and password to try logging in to other popular sites in an attempt to use your identity.
Give out only the minimum personal information required
Websites often ask you to fill out personal profiles. Don't provide any information not needed for your use of the site. If a site requires you to provide information not relevant to your relationship with the site, don't create an account there are all.
This advice also applies to social media sites. You are generally encouraged to give up as much personal information as possible, but you should avoid this.
Be careful where you use personal information
When logging into banking or retail websites, don't follow links in email messages or from other websites. Criminals create forged versions of websites and try to lure people to them with similar URLs. Use your own bookmarks or type the website URL yourself. Websites that are used for financial transactions should always use encrypted communications, which you can identify by their use of "https:" as a URL prefix, rather than "http:", which indicates that the communications are not encrypted. Some web browsers will display icons indicating that the site uses encryption to protect your information in transit.
Protect your credit card number
Never provide your credit card number online unless you are familiar with the organization you are communicating with, have used the correct URL for the organization's website, and are using secure communications.
Keep your computer safe
One way your personal information can be stolen is for criminals to hack your computer. Ensure that your operating system is up to date, and any patches to correct problems are installed. Install software from only from known, trusted sources, as "Trojan Horse" software that can steal your passwords and data is often distributed in the guise of games, media players, or other innocuous seeming programs.
Don't use public computers for banking, purchases, or password-protected sites
Public computers, such as those in libraries, can be compromised by anyone with physical access, and they should not be used for any confidential purpose, including logging into a webmail account. Your personal information is more easily stolen from such computers.
Don't reply to email soliciting passwords or financial information
Criminals try to trick people into disclosing personal information through "phishing" attacks - sending email purporting to be from a legitimate organization. They might ask you to provide an email address so they can correct a problem with your account, or they might claim that you have unusual activity in your bank account and need to log in at an unusual URL. In both cases, they hope to harvest a password from you that they can use. Never reply to such messages and never disclose such information.
Thanks to our guest blogger, Terry Labach.