How to protect yourself from digital “multiple personalities”
If someone uses your personal data online, it can get expensive – and not just when the criminal uses your name to order goods in an online shop. If a provider turns you down for a loan or mobile phone plan even though you believe your credit is good enough, the culprit may be identity theft. A criminal has ordered and received goods or services using your name, but hasn’t paid the bill.
Identity theft can have serious consequences for you. Rely on our tips to protect yourself.
How to find out if your identity has been stolen
Unfortunately, it is difficult to find out whether your personal data has been misused. If there is more than one indication, it is generally already too late. If you are suddenly flooded with requests from sellers and businesses, or perhaps even warning letters or filed charges, criminals have used your own personal data.
It is a good idea to be informed about whether personal information has been posted online, for example on the dark web – and not just when you actually suspect that your identity may already have been stolen. There are various sites that will test for this free of charge. At each of these sites, all you have to do is enter the email address that you want to have checked. You will receive a reply telling you whether or not data is already publicly accessible – and if so, which data. To check, try the security test at BSI or the security check by the Hasso Plattner Institute.
How to prevent identity theft
- Share information sparingly.
- Think carefully about the sites on which you disclose information. If you use social networks, create your own groups on them, then share different things with your close friends than you do with your co-workers.
- Don’t accept just any friend request.
- It is better to connect yourself with people whom you have actually met.
- Be discriminating about your public identities. For example, to enter lotteries or discussion forums, use a different email address from the one you use at work or to communicate with friends.
- Try to remain anonymous.
- By turning off tracking in your browser, you will disclose as little information as possible about yourself.
- Keep your devices up to date and download updates regularly.
- Use virus scanners and your systems’ firewalls.
- Never click links in emails from unknown senders, and do not open data attachments if they come from people you do not know.
- Take care to create strong passwords – or even better, use 2-factor authentication
- Before entering sensitive information such as your address, date of birth or payment information, make sure to check the shop for legitimacy
- When you are traveling, be sure to use a VPN connection.
- If you want to sell, give away, or dispose of a device, make sure that there is no longer any personal data on it.
The right way to respond
If, despite all precautions, criminals are successful, what follows for the victim is an irritating and tedious process. Of course, no one is responsible for what others do, but the victim still has to show in each instance that they themselves were not the source of the order, the unlawful shop, or the defamation.
This may incur a cost, for example if you have to hire an attorney. Cyber insurance can mitigate such risk. Often it covers automatic monitoring of the dark web, where a search for compromised data is conducted (for example, by OwlDetect).
Specific steps to take
- Go to the police and file a report. This is recommended for liability reasons as well.
- Do not put off responding to warnings and seller inquiries; instead, seek dialog with them. If you are in doubt, get legal advice.
- Change the login data on all of your user accounts with all online services and sites.
- Let friends and acquaintances know of the data theft so that they will check messages from you or supposed posts on social media in the future.
- Check all of your devices for viruses and other threats using up-to-date applications.
- Take a closer look at your account and credit card statements. Keep a close eye on documents, even over the long term, in order to detect unauthorized charges more quickly.
- Get an up-to-date report from the credit bureau. This is the best way to identify transactions that you did not order.