It's a topic more and more in the news—cyber security.
In the first half of two-part report, WMRA's Kara Lofton looks at what you can do to keep your data safe.
Data theft is really all about the money. If someone can steal your personal information, then they can use it to either steal from you personally or to sell your identity to someone else who might want to use your identity for some reason or another.
So how do you keep your information safe? It sounds simple, but personal data security all starts with a password. Not 1234 or the word password for your password, but a real, complex, hard to guess combination of letters, characters and digits that have nothing to do with your favorite baseball team or childhood pet.
Jack Davidson is a professor of Computer Science at the University of Virginia.
DAVIDSON: You see these things now that banks and companies actually force you to pick a password that has letters and digits and special characters in it that have to be a certain length so that is makes it hard to guess.
In addition to requiring more complex passwords, companies are beginning to offer a service called two factor authentication, which Davidson says consumers should take advantage of whenever possible.
Two-factor authentication basically means an additional step to verify you are who you say you are before you can access your account. An example is being required to answer a security question after inputting your username and password. This process takes a little longer than single-factor authentication, but is much more secure.
But common security questions can be things like: what is your mother’s maiden name or in what city did you grow up? In a world where people share minute details of their lives on social media, the answers to these questions can be easy to find.
REID: For anything there is a good side and a bad side—for a lot of people they are sharing too much,
says Edna Reid, a professor of Intelligence Analysis at James Madison University.
REID: You can actually create a pattern of life analysis on people based upon what they share on social media. I can identify your family, where you work, what time do you normally get to work, what devices do you have, what are your hobbies, who do you socialize with.
She says the point is not to go and delete your Facebook and Twitter accounts, but rather to be selective about how detailed the information is that you share. Saying you went out to eat with friends is ok—announcing your location every two hours for weeks on end is probably not advisable.
In addition to using complex passwords and refraining from over-sharing, Reid said the biggest thing consumers should aware of is phishing emails. Phishing emails may look completely legitimate and appear to come from sources like your bank or your place of work, but the information they ask for is a little off.
REID: As a consumer I have to be very suspicious now about the emails I receive. Because some of the emails look very authentic, but then you have to do research on the links—does this look like a credible link?
A suspicious email might ask for your password or your social security number—it might also include a link to “click here and check your bank account” because it claims you have been hacked. In those cases, instead of clicking through the link, she says to type the URL of the company website into your browser instead of following what might end up being what is called a bad link, which exist in a variety of different forms.
DAVIDSON: One thing that they might do is to use that vulnerability to download software onto your machine that can then watch what you type on your computer and send it back to them—this is called a keylogger—and so they would install a keylogger onto your machine and every keystroke that you type to the machine will be sent back to them and what they are hoping you will do is at some point go to a bank site and login with your account number and password and now they have access to your bank account.
Another thing a bad link might do, and probably one most computer users are familiar with, is to download a virus onto your machine.
In reality, cyber security is a little overwhelming because hackers are becoming more sophisticated, we have so many devices, and the presence of flaws or vulnerabilities in the software are an inevitable part of developing technology. However, being proactive by doing things like using malware protection software, making sure all of your devices have passwords and developing a healthy sense of skepticism can make the difference between remaining a consumer and becoming a victim.