This Identity Management Day, take a moment to reflect and secure your online identity. Identity theft, while not always attributed to a cyber attack, can absolutely be a consequence of phishing, reuse of passwords and relaxed communications. Recent cyber data breaches have compromising many individuals accounts by revealing identifying information, including their email addresses, legal documents, addresses and more.
And, it’s not just individuals that are exposed, 56% of mid-sized businesses surveyed in this study experienced credential theft.
To protect yourself and your business from identity-based cyber attacks, follow these 6 crucial steps:
- Strong Passwords: Create unique, complex passwords for all your accounts. Use a mix of uppercase and lowercase letters, numbers, and special characters. Enable two-factor authentication (2FA) where available for added security.
- Regular Monitoring: Keep an eye on your social, bank and email accounts for suspicious activity. Respond promptly to notifications of potential breaches, change your passwords if you have reused in the past and always report spam.
- Secure Communication: Be cautious with sensitive information. Do not share personal or financial details via email, text, or social media messaging apps. Adopt a zero-trust policy over individuals and businesses and never disclose any information.
- Security Awareness Training: Educate your team on cyber security best practices. Teach them how to recognise phishing attacks, use only secure networks (no public WiFi), and follow company guidelines for data protection.
- Update Software: Keep your devices, software, and operating systems up to date. Regular updates include security patches that help protect your digital identity.
- Obtain a victim's certificate: You can get these from your government, depending on the type of identity fraud that occurred.
A sign of identity theft or account compromise in cyber attacks that often goes unnoticed is the sudden influx of spam or phishing emails to your inbox. While many people may dismiss these as annoying but harmless, they can be an early sign that your personal information has been compromised or sold. You might be smart enough not to fall for phishing attempts, but if you are suddenly getting more than usual, it might be time to take stock of your accounts.
Cyber criminals who have obtained your email address may sell it to other criminals and use it to launch targeted phishing campaigns to verified email addresses. These emails aim to trick you into providing sensitive information or clicking on malicious links, which can lead to further compromise of your personal data or even financial loss. This is why you’ll see repetitive spam and phishing attempts ‘from’ people in your address book.
Internally speaking - protecting data and confidential information should mean using role based IDAM (identity and Access Management) in your organisation to ensure that the right users have the right authority and access to systems in your network.
To stay safe, it's important to be vigilant about checking your email for potential phishing attempts and reporting any suspicious messages to your email provider. Additionally, ensure that your spam filter is up to date and properly configured to catch malicious emails before they reach your inbox.
Looking for more support with your security awareness training? Get in touch with the phriendly team today for a free personalised demo.