What private information do you share?
Privacy is a funny old thing. Some of us don’t want anyone knowing our business, whereas others happily share every what, who, when and where about our lives.
Often it comes down to our trust in an organisation that has our information, and for some unfathomable reason, many people trust social media platforms more than secure websites.
From 9-14 May 2022 the Privacy Commissioner is holding public online events, investigating Privacy: The Foundation of Trust. Before you yawn and move on, privacy and trust significantly affect all of us.
Recently, the Debtfix Facebook page was hacked, and the world’s leading social media platform was barely contactable to resolve the problem. The lack of human response to fix the cyber-hijacking has destroyed any level of trust Debtfix has in Facebook, but so many of us persist because the beast seems to have us hooked. Facebook is not unique and many organisations are frustratingly uncontactable, and it is not surprising our community has diminishing trust in big companies and government agencies.
However, many of us continue to share private information that can be used against us by cybercriminals and even legitimate businesses that have an interest in our affairs.
Why do cybercriminals and online scammers want your private information?
To make money. It is that simple.
In some way cybercriminals will use your information, passwords, accounts to fill their own pockets with your hard-earned cash. If they successfully hack into your credit card account they can enjoy an online shopping spree but often, this fraudulent theft is quickly picked up by banks, and you are instantly notified. Online scammers use your private information to get to know you, build your confidence and then con you out of money. They may send you friend requests on social media and look like someone you would or should get to know. They have studied your private information that you made public, and they know how to hook you into a scam.
Your private information can be fraudulently used to steal your identity and rack up debt in your name. Recent cases of identity fraud reported by the media have told the stories of people who knew nothing about the problem until a debt collector knocked on their door. Others discovered the fraud when they struggled to secure a loan because their credit score had significantly deteriorated.
What to do if you suspect identity theft is causing debt problems?
2.1 Check your credit score
In New Zealand there are three credit score bureaus; Centrix, Equifax and Illion. It is free to check your credit score and you’ll see what debts are currently on your record. If there are debts that are not yours contact the credit score agency and request a suppression on your credit file. Future lenders checking your credit score will see you are affected by identity thieves.
2.2 Check credit card and bank statements
In a busy world it can be difficult to invest some time regularly checking your bank and credit card statements, but it is worth it. You can follow up on unusual transactions and a bonus is you’ll have a better understanding of where your money goes. Contact your bank immediately if you see evidence of cyber theft.
2.3 Report the problem
Go to CERT NZ to report an issue. CERT NZ works to support businesses, organisations and individuals who are or maybe affected by cyber security incidents that involve money. The Government agency works with other cybercrime busters in New Zealand and internationally. If the incident doesn’t involve money, you are better to go to NetSafe. IDCare is a not-for-profit service in New Zealand and Australia that helps individuals and organisations to respond to identity theft.
2.4 Report cybercrime to the Police
You may feel angry, foolish or powerless, but it is important to report cybercrime to New Zealand Police to improve their understanding of the problems and prevent it happening to others.
2.5 Regain control of your accounts, cards and identity documents
Change your passwords immediately and log out of all devices that you may stay connected to. Reissue cards and identity documents, such as your passport and driver licence that may have been used to steal your identity.
What private information do legitimate businesses look for?
Sometimes it’s not just cybercriminals who are looking at all that personal stuff you share online. Some organisations you owe money to might check what you’re up to on social media, and then query if loan repayments are being missed. Any post can be seen, screenshot and shared by others and nothing is private on social media. That’s why it’s called social.
If you’re jetting off for a fun weekend and you post photos all over Facebook but you’re claiming hardship for outstanding rent arrears – you’ll need to have a good explanation. Maybe it was a prize or gift and if so, make that clear if you do feel the need to share your holiday snaps in the digital world.
How to protect your privacy?
There are some basic actions we can take to protect our privacy that don’t mean we have to live in the bush, away from every cell phone tower in the country.
4.1 Log off
When you leave your computer or stop using an account, log off, sign out and break the connection. Turn off your devices and use a password manager or other security systems to log in. This is extremely important when you are in a flat, workplace or on the move. Sometimes the cybercriminal is an opportunist sitting next to you.
4.2 Use decent passwords
Using multiple complex passwords is so frequently mentioned, but seldom actioned. People continue to use a couple of simple passwords that are easily hacked, and once someone is into one account, like Gmail or Hotmail, they can often access other accounts, like Facebook. There are several password management systems that create long and strong passwords and safely records them. CertNZ recommends using a password manager to protect yourself online but avoid using your internet browser, which can be used if you don’t log out of your computer or smart device.
4.3 Use two factor authentication
Using two factor authentication reduces the risk of an account being accessed when someone has hacked your password. This should be an essential action for all your online accounts.
4.4 Limit what you share
Telling many of you to stop using social media may be like asking you to stop breathing. If you just can’t quit, approach it with caution. As mentioned above, nothing is private, even if you use privacy settings. Sometimes our unfriendly friends will use your posts against you and give other people access to them.
4.5 Object to unnecessary data collection
Many businesses collect our data but don’t have good security systems. When you buy a blender does the retailer really need to know your phone number and email address to “send you the warranty”? Does the rental car company that takes your driver licence details have good cyber protection? Recently, a New Zealander who had their identity stolen and debt racked up in his name thinks his driver licence details were collected this way. We may have to comply with some data collection, but if we continue to query about their data security methods, it should make the businesses act.
When Debtfix was founded in 2018 the goal was to be transparent and to develop a Crew that maintained contact with clients every step of the way through their debt solution process. We believe your trust in Debtfix is essential and we continuously monitor our systems.
When the Crew works from home, they use company computers with cyber protection, and we have critical practices to maintain client privacy. And, yet our Facebook page still got hijacked. None of us are immune and we need to take privacy and cybercrime seriously.