A recurring theme in our ongoing ITFIRM.COM blogs is about protecting your data and network systems, but what about your cybersecurity at home? Your business can be severely damaged or outright ruined by a data breach, but your own life can by devastated by Identity Theft.
With the thought in mind that ‘If it’s connected, it’s dangerous,’ let’s look at a few common-sense precautions – some of which are fairly obvious, like not putting anything with any account information or your SSN (Social Security Number) in the trash, but with the technology available today, it’s wise to look at seemingly innocuous objects like anything with a wireless connection.
You cannot put it past cyber crooks to use child’s toy to steal your personal data, because this literally happens all the time. Every time a new connected IoT (Internet of Things) device comes on the market, hackers are looking to exploit it. But it isn’t all electronic theft - how about your trash can sitting outside? Is it a treasure trove for an identity thief trolling the neighborhood at night?
Virtually any kind of everyday objects can lead to identity theft if they’re online, but people tend not to think about them, instead focusing on their computers and cloud accounts. It’s important to have strong passwords and use antivirus and Multi-Factor Authentication (MFA) on your devices, but you also need to be wary of other ways that hackers and thieves can get your personal data.
How do hackers get your information?
Outdated Smartphones
Statista reports that smartphones are replaced about every two and a half years. That leaves a lot of old phones laying around containing personal data.
Many among us virtually live on our mobile phones, so just think of all the personal information they hold. We have synchronized connections with cloud services. Phones also hold banking apps, business apps, and personal health apps. These are all handily stored on one small device.
With the advancements in chip technology, smartphones can hold a whole lot hold more ‘stuff,’ like documents, spreadsheets, and reams of photos and videos (some of which the owners may not want to have show up in the public realm).
Hackers can easily strike data theft gold by finding an old smartphone. You shouldn’t just throw electronics away like normal garbage. For one thing, they contain varying degrees of toxic components, so you should also dispose of them properly. Make sure that you clean any old phones by erasing all data - at least remove the SIM card and destroy it.
Wireless Printers
This is an often overlooked cybersecurity concern, and these days most printers are wireless. This means they are not just connected by a cable to your computer, they are part of your home or work network. Printing from another room is convenient, but the fact that your printer connects to the internet can leave your data at risk.
Printers have memory, and can store sensitive documents, such as contracts and tax paperwork. When putting data security protections in place, most people don't think about the printer. If you are not thinking about your printer, cyber thugs are – and they are looking for ways to hack them. When this happens, a hacker can not only glean data from the printer, but they could also leverage it to breach other devices on the same network.
Keeping your printer’s firmware updated ensures that they are protected. Always install updates as soon as possible. You should also turn it off when you don’t need it, because when it’s off it’s not accessible by a hacker.
If you work from home and use the printer for work, your in-house IT services team or Managed Services Provider can handle this for you.
Flash Drives (USB Sticks)
They practically hand these out like candy on Halloween. Have you ever run across a USB stick laying around or received one by surprise in the mail – as a promotional give-away? Perhaps you thought you scored a free removable storage device or maybe you’re a good Samaritan and want to try to return it to the rightful owner. BUT you need to plug it into your computer to see if the owner’s identity is in the flash drive.
When you reach to plug a USB device of unknown origin into your computer, the hairs on the back of your neck should stand up. This is an old trick in the hacker’s book, but it still works. They plant malware on these sticks and then leave them around as bait. If you plug it into your device, you can be infected even if you didn’t access any data on the drive.
Old Hard Drives
You’ve upgraded, so it’s time to dispose of your old computer and its removable drive – what do you do? First, make sure it’s clean. Just deleting your files isn’t enough. Computer hard drives can have other personal data stored in system and program files, which you can’t readily see.
Another danger is if you’re still logged into a browser, because a lot of your personal data could be at risk. Browsers store passwords, credit cards, visit history, and more.
Getting help from an IT services professional is your best bet in properly erasing your computer drive. This will make it safe for disposal, donation, or reuse. Either that or get out the sledgehammer – a method a lot of guys prefer.
Trash Can
Is there anybody out there who still thinks it’s okay to put Personally Identifiable Information (PII) in a trash can outside? Identity theft criminals aren’t just online. They can also be trolling the neighborhood on trash day. Be careful what you throw out in your trash.
Trolling through trash to enable identity theft is a very common practice. It can include pre-approved credit card offers that you toss out as ‘junk mail’ – if you don’t sign up for the card, they probably will. Your trash can also hold voided checks, old bank statements, and insurance paperwork. Any of these items could have the information thieves need to commit fraud or pose as you.
It’s worth the cost to buy a shredder. You should shred any documents that contain personal information before you throw them out. This extra step could save you from a costly incident.
Children’s IoT Devices
This where connected Barbie comes in. It seems like everything is connected these days: electronic bears, smart kid watches, Wi-Fi-connected dolls – these are all toys that hackers love. Mattel’s Hello Barbie was found to enable the theft of personal information. A hacker could also use its microphone to spy on families.
Parents know that when kids really want these futuristic toys, the nagging and begging won’t stop until you buy it. Maybe the parents think they’re cool, but don’t consider their data security. After all, what could be more innocent than children’s toys? But that often means they can be easier to hack. Cybercriminals also zero in on these IoT (Internet of Things) toys, knowing they aren’t going to be as hard to breach.
It’s important to be cautious with any new internet-connected devices you bring into your home - including toys! Anything connected is not necessarily benign. Install all firmware updates. Additionally, do your homework to see if a data breach has involved that particular toy.
Frequently Asked Questions
What is considered PII?
Personally Identifiable Information or PII, is sensitive data that could be used to identify, contact, or locate an individual.
What are examples of PII?
PII can include personal identification numbers: social security numbers (SSNs), passport numbers, driver's license numbers, taxpayer identification numbers, patient identification numbers, financial account numbers, or credit card numbers. Personal address information: street address, or email address; personal telephone numbers.
How secure are shredders?
When disposing of highly sensitive information, such as those that include Social Security Numbers or financial statements, you should use a level P-5P or higher. A P-5 shreds your document into 2,000 pieces, while for just a little more money, a P-6 shreds it into 6,000 pieces. A P-4 shredder is the minimum security level for sensitive information, but as it only shreds a document into 400 pieces, it does not deliver enough cuts to be considered high security – some crooks may be willing to piece 400 cuts back together.
How do IoT devices get hacked?
There are a few ways to hack these. One extremely popular method of attacking IoT devices is brute-forcing passwords on Telnet and SSH services that are not disabled. Once access to these services is gained, attackers can download malware to the device or gain access to valuable information.
How secure is your network?
As a longstanding, reputable member of the Charlotte IT Support community, ITFIRM.COM offers a FREE, no-risk network and cybersecurity assessment. We perform a non-intrusive scan that allows us to deliver a comprehensive report of the state of your system and its vulnerabilities that is yours to keep. There are no strings attached, and you are under no obligation to ever to use our Managed IT services.
The two best defenses are next-generation network cybersecurity to protect your data from theft, and a top-notch Managed Services Provider (MSP) to ensure continued reliability and defenses against newly emerging threats.
We put our 100% Money Back Guarantee in writing, so there is no risk in trying us out. Because we do not require a ‘hard’ contract, our clients can fire us at any time with 30 days’ notice. We have to be good.
Among the Managed IT services we provide:
IT HelpDesk Service
Onsite IT Support
Cybersecurity
Cloud migration and management
Email migration services
Backup and disaster recovery
VoIP phone systems
IT disposition and recycling
Office moves
White label services (IT to IT)
Planning an Office Move?
Contact ITFIRM.COM today! We have the experience to ensure a seamless transition. After the office move, your employees will arrive at the new location to find their IT infrastructure ready and open for business!
For more information on office moves, or to receive your FREE no-risk network and cybersecurity assessment, just fill out the form on this page or call us at:
704-565-9705
