If you think – “No one cares about stealing a password from lil’ol me” – you’re right.
Password theft is not a crime targeted at any one individual. No one wants to steal a password from just you – they want as many as they can get.
Identity Theft: Bigger Than Drugs
According to the U.S. Department of Justice Statistics, identity theft is now the number one crime in the nation, surpassing drug trafficking. That’s something to think about.
Gartner research holds electronic theft of sensitive information as a leading cause of certain types of fraud in 2007, including credit card, debit/ATM card and bank account transfer fraud.
So the target is not you but pretty much anyone with an email account, a bank account, a mailbox, a credit card. If you fit into one of these categories (and who doesn’t?), you may be at risk.
And Still on the Rise
Identity theft fraud has climbed more than 50% since 2003, reaching over 15 million victims in 2006. Every minute about 28 people are affected – that’s one person every 2 seconds.
This adds up to a reported monetary losses to consumers of over $1.2 billion in 2007, with an average of $349 per person, making identity theft the highest on the Federal Trade Commission’s list.
Don’t Panic, Get Informed
Now there’s no reason to delete your email accounts and cancel your credit cards just yet. The best way to avoid identity theft is simply being informed.
“Often times, consumers have no idea how criminals hijack their accounts and/or identities,” Ms. Avivah Litan, vice president at Gartner. “All sensitive electronic data needs to be protected, but enterprises should be aware that the low hanging fruit for the criminals is electronic card and checking account numbers, as well as user IDs and passwords for online financial accounts.”
Know Your Enemy
Malware & Bots: One method in gaining sensitive data for fraudulent use is done through bot programs. These programs are specifically designed to scan through your info and browser and catch you when you are off guard. They are not always so obvious and most of the time you don’t even know it’s happening. Such programs are sent randomly to a large quantity of computers and browsers, scanning for precisely what they are looking for – for ex. files containing passwords or account info etc. Here’s a video demonstrating just how this is done.
Phishing Scams: Another very typical method of fraud is phishing. You have probably received an all too familiar email from a seemingly reputable institution – usually from a site that you already have an account with like Paypal or Amazon. The email will probably ask you to change your password or enter into your account for various reasons, sometimes even for “security purposes”.
Once you sign into this fraudulent site and hand over your password and account info, you have been phished. Hook line and sinker.
What’s the Problem? (It’s Not You)
You are not the target of fraud — bad habits are. Reusing the same password for more than one account is a bad idea. By doing so, if one of your accounts is compromised, ALL of your accounts with the same passwords could be at risk as well.
The problem is, people are reusing their passwords. The average internet user has 6.5 passwords each of which is shared across 3.9 different sites. Each user has about 25 accounts that require passwords.
The weak link always comes back to passwords. They can phished, scanned, reused and generally abused.
Protecting yourself can be as easy as protecting your passwords:
- Make sure they are always kept in encrypted form – so scanners and bots can’t read them.
- Make sure both the passwords and the encryption protecting them are good and strong – so hackers can’t guess them or crack them open.
- Always use a completely different password for each and every one of the websites you visit – in case you fall victim once, it won’t be a catastrophe.
Sound impossible? It’s not….
The Easy Solution
All you need is a password manager. Password managers come in two flavors: online and offline. There’s a pros and cons comparison here.
Regardless, you’ll want to make sure you choose something which is easy enough for you to actually use. An automatic login feature will save you the hassle of typing passwords all day, and a password generator to do the password inventing for you.
So, shop around, make your choice wisely but remember: choose – and use – a password manager. It’s the easiest way to protect your passwords and yourself.