Data Privacy Week Is a Time to Consider What You Share

By
Services for Real Estate Pros with IDTheftSecurity.com Inc

This is Data Privacy Week, when everyone who uses the Web is encouraged to think about, and limit, the amount of personal data they share online. We often think of data privacy and data breaches in terms of someone stealing information we have shared. During this week, that thinking should be reversed: Ask what you share, where you share it and whether sharing is even necessary.

Data Privacy Begins with You

Thieves cannot steal what you do not share. If you never give your credit card number, name, address or phone number to any website, you have zero data privacy risk. This is impractical if you want to shop online or use services such as email and social media. Most people get so used to sharing personal information to do things online that they share freely in all spaces online, making them targets for data theft and phishing attacks. Some sites, such as Linkedin and Facebook, encourage a level of sharing that creates significant risks to your personal information. Companies may share more than necessary if they try to market their employees, as detailed in Is Your Website a Bait Shop for Phishing Attacks?

Cyber crime would be much lower if everyone followed the rule taught to all children: Do not talk to strangers. Do not tell them your name, where you live or the route you take home. Do not share where you went to high school and college, what you studied, or your employment history. Never give them your mother’s maiden name, your pet’s name, your birthday, the name of your prom date, the name of your favorite teacher, or your favorite grocery items.

By now you should have a window into all the ways you deliberately (social profiles) and casually (social media quizzes) surrender your digital privacy. While sharing online can feel normal, it invites predators. Cyber criminals will gather as much information as they can about potential victims through your posts and profiles. They then use this information to target attacks against you or people you know.

Easy Ways to Improve Data Privacy

Data privacy should be protected on two fronts: Limit what you share initially, then limit how long it remains online. “Online” includes both publicly available information and information you share with others to shop or use services.

  • Use guest checkout. Nearly every shopping site now offers a guest checkout option. When you choose this instead of setting up an account, the business should not build a profile about you or store your information permanently. Use this feature whenever you buy something online for the first time. If you come back, consider opening the account. If you never come back, you will have less risk if that business suffers a breach.
  • Never respond to online quizzes. Facebook has significant, ongoing problems with data-harvesting scams masquerading as quizzes. Because Facebook requires people to give their real names when they sign up, even the most innocent-looking quizzes can yield meaningful data. Criminals often look for clues to passwords or try to fill gaps in an individual’s data profile, or get information they can use to commit fraud. In one example, an image shows several food staples, such as eggs, milk, cereal, orange juice and bacon, then asks which one you dislike the most. Choose eggs and a criminal now knows not to buy eggs when they try your stolen credit card number at the grocery store.
  • Skip the optional fields when you sign up. Whenever you sign up for a service, your goal should be to give as little personal information as possible. This can be challenging if your browser automatically fills in all of your data, or if you fill out forms without looking to see what is actually required. Be wary of businesses that ask for credit card information for a “free” trial, or that want your email, phone and mailing address for services that do not require physical mail.
  • Only post recent, relevant information on social sites. No one needs to know your entire work history, or that you got a Masters Degree from Harvard unless that experience is highly relevant to your current work. This is challenging for thought leaders and those with specialized skills who market their abilities based on experience. Consider using less-specific descriptions, such as “Ivy League educated” instead of “Harvard Class of ’92.” Criminals need specific data points for social engineering fraud. The more you provide, the easier you make it for them.
  • Never post your personal email or phone number. Many small businesses believe posting emails and phone numbers increases the number of contacts they receive. There is no real data to support this. Contact information on a website should go to a generic inbox, such as “info@mysite.com,” and phone numbers should forward to an unpublished office line. One of the leading scams right now harvests personal phone numbers, matches them with company email addresses, then targets employees with texts that appear to come from senior executives, often asking for gift cards or passwords. This scam exploits the abundance of seemingly innocent information that individuals share.
  • Never post photos or videos from your workplace. If you or your company must Instagram what it does, set up a location in the lobby and only allow photos and videos to be shot there. Photos and videos should never be allowed in work areas for any business, because they can give away private or proprietary information. Criminals can learn about your security procedures and your workplace layout, and sometimes find passwords on notes or white boards in the background. Those who work in health care have an additional duty to protect patient privacy, as well as their own.
  • Remove anything personal in the background of your video conferencing space. The rise of video calls and videoconferencing has encouraged people to treat their home office like a television set, with strategically placed books, awards and mementos, information that is valuable to criminals. Another risk, once again, is the whiteboard or bulletin board with sensitive information. Something as simple as a diploma or family photo can be the hook a criminal uses in a targeted attack. Keep anything identifiable out of frame, or use a generated background for your calls.
  • Close all outdated accounts and subscriptions, then ask for your data to be removed. This one is last because it is a little harder. If you have ever canceled a Netflix subscription, you know how easy it seems. They turn off your service and stop billing, but they keep your information by default. Under data privacy laws in the United States, you have the right to have that information removed, which is what you must do to protect your personal data. Every online business has a process for this, and you may need to hunt for it in their Terms of Use or Privacy Policy statements. Get in the habit of reviewing and removing unused accounts at least once a year.

If you maintain strong data privacy, you will be at a far lower risk from breaches and targeted attacks. This is part of the personal approach to data protection that Protect Now promotes through its CSI Protection Certification program, which boosts cyber security by teaching employees the importance of personal as well as professional data privacy. To learn more, contact us online or call us at 1-800-658-8311.

Comments (10)

Nina Hollander, Broker
Coldwell Banker Realty - Charlotte, NC
Your Greater Charlotte Realtor

Good morning, Robert. Fantastic advice. I already do a lot of that, but need to do a deeper dive into some of the other recommendations.

Carol Williams good morning again, Carol. My recommendation for Second Chance Saturday.

Jan 28, 2023 05:39 AM
Kathy Streib
Cypress, TX
Home Stager/Redesign

Robert- Keep reminding us about this because we all get too complacent. I do my best to use Guest Checkout when on a new site. I read that if someone has the year you were born and where you were born, they have what they need to get your Social Security number and more.                                                            

Jan 28, 2023 05:48 PM
Kathy Streib
Cypress, TX
Home Stager/Redesign

Jan 28, 2023 06:38 PM
Leanne Smith
Dirt Road Real Estate - Golden Valley, AZ
The Grit and Gratitude Agent

All outstanding privacy behaviors. Years ago I attended a seminar hosted by a couple of FBI retired cyber sleuths as well as as IT cyber person. All three individuals advised those in the audience never to use online banking regardless of how safe the bank states its security is. To this date, we do not do online banking and always use the guest function when purchasing. I have have the site save my credit card information.

Jan 29, 2023 05:39 AM
Dorie Dillard Austin TX
Coldwell Banker Realty ~ 512.750.6899 - Austin, TX
NW Austin ~ Canyon Creek and Spicewood/Balcones

Good morning Robert,

I'm so glad that Kathy Streib featured your post in her light bulb moments for the week. We do get complacent so we need this extra nudge to make sure we are being vigilant. I try and always check out through guest checkout if I'm on a new site. Thank you great points we all need to to review!

Jan 29, 2023 08:43 AM
AJ Heidmann ~ CRS
McEnearney Associates, Inc. - Alexandria, VA
YOUR Alexandria & Arlington, VA Real Estate Expert

Robert ~ A great post and reminder of what we should all be doing to stay safe in today's environment.  This post is a lot like your Zoom meetings here, like drinking out of a firehose.

Jan 29, 2023 09:23 AM
Hannah Williams
HomeStarr Realty - Philadelphia, PA
Expertise NE Philadelphia & Bucks 215-820-3376

Robert Siciliano This is outstanding information and something people including myself should take very seriously as online crime and phishing are rampant right now. I recently had someone trying to charge my PayPal account. Luckily they were denied.

So glad Kathy Streib   featured this as I missed this post 

Jan 29, 2023 10:27 AM
Jeff Dowler, CRS
eXp Realty of California, Inc. - Carlsbad, CA
The Southern California Relocation Dude

This is excellent information and advice, Robert, as always. Bookmarked to reviewing periodically. There is so much to know about what not to do and how to best protect ourselves.

Jeff

Jan 29, 2023 03:41 PM
Sheri Sperry - MCNE®
Coldwell Banker Realty - Sedona, AZ
(928) 274-7355 ~ YOUR Solutions REALTOR®

Hi Robert, 

There is a lot of really good info to be obsorbed here.  Thank you

Jan 29, 2023 06:20 PM
Laura Cerrano
Feng Shui Manhattan Long Island - Locust Valley, NY
Certified Feng Shui Expert, Speaker & Researcher

I have a friend who says that he never put anything on mine that he would never want to keep a secret in any way. Might be a good idea in this case..

Jan 29, 2023 09:31 PM