Posted on 05/09/2019 by Mathew Howlett in News

In this day and age of the Internet, when, even from regional areas such as Warrnambool, Colac, Hamilton or Mt Gambier, so much of our daily lives can be organised, fulfilled and enhanced literally at the click of a button, it is easy to become complacent about the growing risk of identity theft.

Identity theft is a type of fraud, that sees the theft of your personal information, which is then used to commit crimes; bank accounts can be opened in your name; credit cards can be obtained and abused; an illegal business can be started and passports applied for and issued to people who are not you. At the severe end of the scale, money laundering and even terrorist activities have been conducted by criminals who have stolen the identity of an innocent citizen, and committed these acts in someone else’s name.

The reality is that the more we conduct our life online, the more at-risk we are of having our identity stolen – the types of criminals who perform these crimes are only become smarter and more sophisticated – and so we must ensure we become more aware, vigilant and protective of our details.

Identity thieves are after everything that contains your personal information: bank and credit card statements, social media account information, bills, driver’s licence, passport, investment reports, superannuation records, storage media such as USB devices, and any documents that contain your tax file number.

Your personal information is the key to your identity. Information such as:

  • Your full name
  • Your date of birth
  • Your current address
  • Your drivers’ licence number
  • Your passport details
  • Credit card details
  • Superannuation reports
  • Tax file number
  • Government portal login details

is information that many of us regularly enter into web portals or forms, or provide to institutions or people we trust, so often without a second thought.

But these are the very same details that identity thieves are after – and they know just where to look to find them.

So how can you best-protect yourself and your details to ensure you don’t become a victim of this modern and increasing crime?

1. Be aware

This is the first line of defence. Be aware that you should only share your information with:

  • People you trust
  • Organisations that have a legitimate need for this information

Requests for personal information should always be treated with caution. Before handing over any kind of information that’s unique to you, your family members or your household, make sure you:

  • Ask the person or organisation requesting the information to provide credentials – this is whether they ask via the phone, email, text message or in-person
  • Verify these credentials by phoning their organisation or place of work.

Also, be careful what you discuss in public. You’ll be surprised how much identity thieves can glean from phone calls and conversations you are having with others in public spaces.

2. Store personal information in a secure place

Carrying your birth certificate or passport in your wallet or handbag every day is a problem waiting to happen. If documents like this do not need to be ‘on your person’ every day, then keep them in a secure place at home.

Also, make sure you don’t store personal information such as your tax file number, pass words or credit card personal identification numbers (PINs) in your mobile phone. Even photos of your passport or birth certificate (which you might have taken in preparation for a holiday, for example) can be hacked.

A locked mailbox or post office box is another way to secure your information. And once you’re done with documents that include personal information (like Superannuation fund or bank account statements), shred them, rather than putting them straight in the bin. Never presume identity thieves are above searching through a dirty bin!

Personal papers or spare house keys left in the glove-box of your car could also be a target – again, thieves are well-educated in ‘typical’ behaviours and will look here as a matter of course.

Electronic documents that contain personal information must be securely stored in a trusted data vault website, encrypted or protected with passwords (that aren’t stored in your phone, or the same as all the other passwords you use!)

3. Be careful when on social media

The people that run identity scams are well-educated on the kind of information they need to convince you of their legitimacy – and sometimes it’s just one or two crucial details that will do the trick, so they can then unlock all the other details they need to steal your identity.

Social media sites can be a real magnet for these types of thieves – the information we unwittingly share with our friends via Facebook, Twitter, Instagram or Snap Chat can, if we aren’t careful, also be unwittingly shared with the millions and millions of other people around the world who use these platforms.

When it comes to your social media activity, protect yourself from scams by:

  • Not sharing personal information, like your tax file number, bank account details or myGov account on social media
  • Consider setting your personal social media profiles to ‘private’.
  • Accept friend requests only from people you know
  • Be careful not to post photographs that could expose you or your family members, such as photos of birth dates, or addresses.

Also, be aware that while Government authorities such as the ATO, myGov and banks are on social media, they will never, ever use these platforms to ask you for payment or personal, identifiable information.

4. Don’t share your electronic passwords, use varied passwords and use two-factor authentication wherever possible

The best way to ensure your password isn’t used without your knowledge or permission is to never share it. Better still, use different passwords for different websites (especially your email accounts) and setup Two-Factor Authentication wherever possible or change your password regularly if it isn’t.

Writing your passwords on pieces of paper that you have stored in your wallet or handbag is a disaster waiting to happen, as is clicking links or opening attachments in emails from an entity or person you don’t know. A few minutes spent resetting a forgotten password is par less inconvenient than months or years spent dealing with the fallout from identity theft.

Also, if possible, do not use a public computer to access personal information.

5. Keep your smartphone secure

Smartphones, with all their apps and in-built functions, have become a daily tool of modern life. So, protect the information they contain by:

  • Always using a password, PIN or screen lock
  • Only connect to secure or encrypted wireless networks, provided by trusted sources

6. Split your email correspondence across multiple accounts

Every website needs you to signup before you can do anything these days. But do you really want your bank accounts, investments and Medicare info linked to the same account as that dodgy website you only signed up to so you could buy that cheap smartphone that one time? Are they going to treat your privacy with as much respect as one of the big 4?

With a multitude of high quality and free email account options available these days, it’s much better to take all of your eggs out of the one basket and split your online presence across multiple email accounts. I recommend using three:

  • A “Protected” account for personal correspondence, and highly sensitive accounts e.g. financial institutions, government portals, professional services etc…
  • A “Trusted” account for trusted website accounts e.g. Facebook, LinkedIn, Netflix, etc…
  • A “Spam” account for everything else e.g. online stores, store cards, or any other random request for your email address

Once you set them all up on your smartphone, you’ll barley notice they’re separate. But if Bob’s Discount Digital Devices get’s hacked, the hacker will only know the email address you use for your Woolworths Rewards card, not your bank account or social media.

7. Use a registered tax agent

All accountants are trustworthy… right? Sadly, no.

But don’t find this out the hard way. Protect yourself by ensuring that the person helping you with your tax is a Registered Tax Agent – this can be done via the Tax Practitioners Board.

Registered Tax Agents like Sinclair Wilson will not require access to your myGov and ATO online accounts to complete your tax return – that’s because we – and other RTAs have our own system to do this.

Your myGov login details should never be shared with anyone – not even your Registered Tax Agent.

8. Ask for help

If you’re unsure about how you can be better at protecting your personal identity, talk to us.

We have IT specialists on-hand who ensure they keep up to date with practices and products that will keep your personal information safe.

Contact us today to find out how we can protect you, and your identity.