Skip navigation.
DIY Online Security
Because it matters and its easy once you know how!
 Basic Computer Security | Online Safety | Terms Of Use | Risks | Feedback
Home

Protecting Your Identity & Privacy

Protecting your identity and privacy is very important. You will be amazed how much information potentially can be obtained about you from various sources. Criminals will want to use your identity to commit fraud, theft, etc. At the other end of the spectrum it is now very common for employers to use the Internet to double check various social networking, blogging, friendship, dating sites.

Most people do not value their privacy or identity until something nasty happens – but by then it is too late. It may take years to repair your credit rating at a credit reference agency if your identity is use to commit fraud. So you must plan now a strategy for managing your identity and privacy on-line and in the real world. A lot of people delude themselves that their persona on-line is some how isolated from their real world existence. Search engines are very powerful tools for digging up information about people.


Most web-sites harvest the information about their users, for marketing purposes, e.g. sending out emails and other promotional material. A significant portion of websites then sell that information on to third parties, e.g. companies that collate and cross reference. Worse still some unscrupulous websites may sell your personal information to spammers, criminal gangs, etc.

If a website goes bust (this happened a lot just after the bubble burst in the dot com boom) then its assets are generally are sold off to pay the creditors. Your personal information in the website's operator's database is considered a business asset, thus it can be sold – so even if the original website owner stated that they would not use your personal details for spamming, you may still end up being spammed! This is furthermore made worse by jurisdictions that do not have personal data privacy laws.

It is very common for websites to be attacked and hacked by criminal gangs to steal the personal details of the users in the database – for the very purposes of spamming, identity theft and other criminal activities.

Protecting your identity and privacy in the real world is equally important. Thus you need to “cross shred or confetti shred” all papers, documents, old credit card / bank statements, business documentation and even envelops with your name and or address on them. This includes junk mail application forms for credit cards, catalogue shopping etc. It is very common for criminals, drug addicts, snoopers and even some unscrupulous journalists to go through other peoples' rubbish to learn information about you. Your rubbish has a monetary value to the criminals!

Examples of suitable cross-cut paper shredders

For all of the above reasons you must be very careful to protect your identity and privacy.

Note: Sometimes it is unavoidable, and you must reveal your personal information, e.g. when buying airline tickets on line, or other e-commerce transactions. However, there are things you can still do to protect yourself. The most important one is to tick the box which says something like “Please do not sell or use my personal information for marketing purposes, and do not give it to third party and associated companies”. Also with every communication with that organisation you should say “Please do not use my information for any other purpose and I do not wish to receive any junk or spam messages as a result of this transaction.”

There are so many “good deals” on the Internet that it would be foolish to pay over the odds for something if you can get a better deal online. But you must weigh up the risks and the benefits before entering into a transaction online. Thus if it sounds too good to be true – it probably is a bad deal. Trust your instincts. See the online shopping pages for further information.

Rules for protecting your on-line privacy and identity. Some of them are obvious others are not.

Rule 0

Make sure the computer you are using has a basic level of security, i.e. as described in the "Minimum Security Steps " section of this website. There are lots of spyware, malware, trojans, etc which can infest your machine and steal your personal information and or passwords, etc.

Rule 1

Never post your real name, email or real home (snail mail) address or telephone number in any on-line forum, news group, blog, or web-site.

If you want to post to forums, news groups, chat rooms, etc. Always use a pseudonym which bears no relation to your real name! Furthermore, do not post photographs, or any other information that can directly or indirectly identify you.

Rule 2

Never reveal any personal information on forums, websites, etc, including your sexual preferences, your past behaviour, etc. This may seriously negatively prejudice your application for a new job.

Rule 4

Use different email addresses for a designated purpose.

a) An email address for work related matters only

b) An email address for family, friends, social contact, etc

c) An email address for shopping only. You can further sub-divide this into sub-categories, i.e. if you use on-line auction sites use different email address.

d) An email address that is only ever used for on-line banking. This is very important. Since you don't want to receive spoof email for criminals luring you to reveal bank information. Banks NEVER ask for you to click on a link in an email and or reveal your user name and password or an email or website which is linked to from an email.

e) An email address for your on-line games activities.

You can use the popular free email services from the big portals for any and all of the above.

Finally use throw away “one time only” email addresses if you want to sign up to web-sites that you do not plan to use in the long term but that require you to provide an email address as part of the sign up process (this assumes that you will not want to receive further emails from that website.). By throw away “one time only” email address we mean an email address that is temporary and you only use it for a day or so. See www.mailinator.com for throw away email addresses. This service does not require you to sign up – it automatically generates a unique email address when you visit that page. Just copy it and remember the link whilst you go through the sign up process of the site you want to sign up to.

Rule 5

If you must publish an email address, for example you run a website, publish it in such a way so that it is human readable, but cannot be easily harvested by a “bot”. Spammer use computer programs call “bots” to seek out email addresses from forums, websites,etc. See the section on "spam and phishing " for more details.

Rule 6

NEVER open an obvious spam message. The email message may contain malicious code and or an automatic link that confirms that the email is valid when you open it. Set your email client preferences to view all email messages as text only. See the section on spam and phishing for more details.

Rule 7

Never respond to spam or junk email. By responding to it you are confirming that your email address is valid and someone i.e. you have read the email. Even if it is say to reply and we will unsubscribe you from the mailing list. When you respond your email address goes into a higher value database since it is a confirmed email address – spammers pay more these types of email addresses.

Rule 8

NEVER, click any link in a spam message which say something like “click here if you do not want to receive further emails from us”. This typically is a ruse by the spammer to confirm that the email address is valid. As soon as you click it you will be flooded with even more spam!

Rule 9

Periodically check your own credit reference record with the credit reference agencies operating in your country. Most of the credit reference agencies offer a service (for a small fee) to individuals to check their own credit report (credit rating). It is vital you do this check since you can detect early on if a scammer has taken out loans in your name or has registered credit cards in your name but at a different address or any other such anomalies. Make sure you check all your details not forgetting name, address, previous addresses (if applicable), date of birth, court judgements against you, etc.

Note: In most countries there are typically more than one credit reference agency operating and thus unfortunately you will need to apply to each one to get a full picture.

For example there are three credit reference agencies in the UK:

  • Experian
  • Equifax
  • CallCredit

If you have your identity stolen and you live in the US you can refer to the “Identity Theft Assistance Centre ” for help. This is a service to help you to deal with and recover from an identity theft or fraud committed in your name.

Rule 10

Make sure you dispose of your old computer (hard disks) properly. It is amazing how much personal, private and confidential information can be found on second hand hard disks – even if the owners think they have deleted the data. See “Computer Disposal ” for a good way of permanently destroying your personal data on your old computers.

Rule 11

Cookies are small files left on your machine by a website. They can be used to track your surfing habits by any website. Active content such as javascript, java, ActiveX are extensions to the browser but they can be abused to violate your privacy.
Where possible, disable cookies, javascript, java and for Microsoft Internet Explorer additionally disable ActiveX and Scripting. Some websites may not work properly if you disable any of the previously mentioned items. However, in that situation enable temporarily and then disable after you have finished with that particular website. Also make sure you clear out the cookies at the end of each session or set the browser to do so when it closes.
Note: If the browser asks you whether to set a cookie look at it and if it is not from the originating do not accept it.

In Firefox go to the:

“Tools -> Options -> Privacy” click “for originating website only” also select Keep Cookies “ask me every time”. Then when it asks to save cookies you can choose either to “Deny” or “Allow for Session”.
and
“Tools -> Options -> Web Features” untick java and javascript.

Microsoft Internet Explorer

“Tools -> Internet Options” then click the Security & Privacy tabs and slide the sliders and high as possible – read the implication of doing so. As with Firefox you may need to allow cookies and javascript on certain websites.

Next Page - Safe Use of Emails

Bookmark/Search this post with:
delicious delicious | digg digg | reddit reddit | furl furl | yahoo yahoo
» login or register to post comments | email this page | printer friendly version