What is PII data?
Try as you might, there’s just no getting around sharing personal information on internet shopping sites, remote working services or simply doing your taxes. Whether you’re ordering something, sharing photos, or sensitive information with your family, knowing how to protect your personal data should be considered a key competency.
Personally Identifiable Information or PII is the term given to any data that can identify a specific person. Your address, email, and phone number all count as PII data in a traditional sense, but you also need to be aware of more under-the-hood information, such as IP addresses, logged-in devices, and social media pages marking you out online. And with the rising use of face and fingerprint IDs, biometric data is also being added onto the list of information that you have online.
The risks of personal information online
With 1 in 10 Americans falling victim to identity fraud each year, cybercrime is only becoming more prevalent as more of our lives move online. Here are just some of the threats we all face online:
Data brokers are one of the major issues, and yet, one that has almost been completely normalized. At this point, you’ve invariably encountered ads online that seem to perfectly reflect your most recent searches or your general interests. This is because data brokers have trawled the net for information all about you and sold this data collection to companies. Granted, ad companies are more interested in your age, gender, and disposable income than your address or phone number, but they still use this information to target specific customer profiles.
There are varying degrees of identity theft that can take place, from using your information to sign up for a credit card to using your image in the emotional blackmail of someone else, known as catfishing. Shockingly, the threat of ID theft is real from the moment you are assigned a social security number and figures show that this type of cybercrime is on the rise.
Phishing is a type of scam where you are contacted by a person posing as a legitimate business, financial institution or government body. This is typically in an attempt to solicit bank account numbers or log-in details. The classic example of this is a foreign prince or dignitary needing access to a native US account for “storage.” While that version is something of a joke now, these scams have become more sophisticated, and all a cybercriminal needs to start it all is your email address or mobile number.
What can cybercriminals do with my personal information?
Aside from the above where your information will be sold, used falsely or used against you, online hackers and thieves can also:
- Purchase things online using card numbers
- Apply for loans, running you into bad credit
- Fraudulently approach your contacts requesting money
- Take over your accounts and lock you out/blackmail you
How to protect your information online
Depending on the platform, there are different ways to keep your information safe and improve your cybersecurity:
Try not to give away crucial information in your email, even if it has become the norm. For example, John Doe, born in 1990 is easily guessed from firstname.lastname@example.org. Don’t send important information and documents by email if you can help it, and once you do, delete all traces of them from your account (sent mail folder, outbox, cloud storage etc).
You should also never open mail if you’re unsure of the sender, and certainly never download any attachments. If an official organization emails you asking you to download something or share information, then you should call them directly to confirm this request—many don’t email as the first step of correspondence.
On social media
Social media platforms are often the weak spot in anyone’s online presence. A quick glimpse gives away all sorts of private information, from your location and age to your job, work hours and even the periods when you’re on vacation—which can leave you open to burglary.
Make sure you’re familiar with all the data privacy settings on your account, and set it to private where possible. If this isn’t a possibility, make sure you don’t give too much away—for example, you can upload vacation snaps after you return. Certainly make sure there is no sensitive information in your selfies and photos, you’ll be surprised to find that criminals are both very determined and very capable when it comes to finding your information this way.
On online stores
Everyone has a favorite online store they use regularly, and typing in your details every time can be tiresome, but it’s worth the effort. If you save your card details online then all a criminal needs is your email and password to have free reign of your finances. This goes for your web browser as well—if you save your card details in browser, anyone who is able to access your browser profile will have access to them.
With credit cards and banking
Tying into the above, if you need to use your card online to purchase or book something, see if your bank can’t offer extra steps for security. A key security tip, multifactor authentication is likely offered by your bank. This is when simply inputting a password isn’t enough, another step is needed such as a unique user number or a multi-device log-in process. In this way, even if a criminal were to get a hold of your password, phone number, birthday etc. they won’t get any further unless they also have your phone.
As hard as it may seem, try your best to not to use the same password for all your accounts. It’s only human to not want, or even be able to, remember a dozen different strong passwords, but you should at least keep separate ones for your email account and any site that uses your credit card details. Use an online password checker to make sure it's as secure as possible—or, better yet, use a password manager to log-in securely on all your devices and platforms.
Make a backup
Maybe you’ve accidentally downloaded an attachment or let your security slip and a piece of ransomware or malware has taken hold of your PC. Ransomware is a virus that locks you out of your files, where access will only be restored if you pay a ransom—doing so is strictly advised against by the FBI.
While there are programs that can wipe the original virus from your PC, there is a chance you may not be able to recover your files. So long as you have a backup, either offline on an external hard drive or online using a secure cloud storage solution like Dropbox, your files will still be accessible and safe.
Protecting young people online
The issue of security is doubly important if you care for a young person. Here are some tips to ensure your children can stay safe online:
Monitor their social media
Online criminals are extremely manipulative and will pose as a child of similar age in order to gain another child’s trust. Given enough time, this fake friendship can reach the point where a young person is happy to give away key information about themselves. Foster an environment in your home where talking often and openly about what your child does online.
Make a separate account or keep a different PC
You might have tried your best to keep your PC free from threats but a few minutes in the hands of an unknowing teen and it might all be undone. If you want to keep your files and settings secure, have a different family PC and your own business PC, or at the very least separate user/online accounts for you and your child.
Monitor your own approach
As mentioned, communication is key when it comes to young people. Don’t be overly harsh about things or paint certain concepts as forbidden and therefore appeal to any child’s rebellious streak. Be open, be natural and make sure your child feels confident to come to you if they’re approached by someone they don’t trust online or if they’ve received a strange email.
Young people are born to a digital world, so don’t put online safety down to “the talk” you have when you give your child their first smartphone. Make sure they understand it’ as crucial a life lesson as road safety or stranger danger, and make it a constant message in your household.