Protecting Your Identity

Only you can protect your online identity. Identity theft is a serious problem on the Internet.

  • Don't give out your personal information online - do not respond to emails requesting personal information. These are often "phishing" attacks.
  • Use secure websites that encrypt data when providing personal information. Look for "https:" in the address bar of the website.
  • Be careful with providing credit card information online. Work with reputable sellers that have secure shopping facilities (these links start with https not http). These sellers use secure servers which receive and store your personal information in encrypted form, so that if anyone intercepts your transaction, they won't be able to decode the data and get your details.
  • Avoid using the internet for private communication (including shopping) on public computers. On a public computer, other people might be able to view what you've been browsing or even retrieve your personal details after you have finished; or, the computer could have a keystroke logger, which is a program that records what you type.
  • Use secure logins and passwords. Don't use anything obvious like your name or the names of your family members or the word “password”. Don't write the login details down. Use a combination of words, letters and symbols in your passwords Come up with a password and then test it on Microsoft's password checker.

Phishing Schemes

Phishing is an electronic attempt (usually email) by criminals to acquire sensitive information, such as usernames, passwords and credit card details, by pretending to be a legitimate entity like PayPal, eBay or an online bank.

Be careful:

  • Watch out for “phishy” emails asking the recipient to “confirm” personal information.
  • IT will never ask you for this information via email and if you receive an email from IT that does request this information, it's a phishing email. Report these types of email to the Service Desk.
  • Don’t click on links within emails that ask for your personal information. Criminals use these links to lure people to phony Web sites that impersonate real. Hover over the link and look at the destination link closely in the bottom bar of the window. To check whether the message is really from the company or agency, call it directly or go to its Web site (use a search engine to find it).
  • Beware of “pharming.” Pharming is a virus or malicious program secretly planted in your computer that hijacks your Web browser. When you type in the address of a legitimate Web site, you’re taken to a fake copy of the site without realizing it. Be aware of how your browser is behaving. Run antivirus software if you're suspicious of anything.
  • Never enter your personal information in a pop-up screen. Use browser pop-up blockers.
  • Only open email attachments if you’re expecting them and know what they contain.
  • If someone contacts you and says you’ve been a victim of fraud, verify the person’s identity before you provide any personal information.
Tips and Tricks

Act immediately if you’ve been hooked by a phisher. If you provided account numbers, PINS, or passwords to a phisher, notify the companies with whom you have the accounts right away.

For information about how to put a “fraud alert” on your files at the credit reporting bureaus and other advice for ID theft victims, contact the Federal Trade Commission’s ID Theft Clearinghouse, or 877-438-4338, TDD 202-326-2502.