For Online Consumers, There's No Sure Bet
NEW YORK (MainStreet) When it comes to online consumer protection, there's no absolute way to ward off the risk of hackers without taking extreme measures, security and identity theft experts say.
"The safest thing to do is go into your bedroom and close the door and never talk to anybody," said Bruce Schneier, an independent security technologist and author. "Through away your computer and live like a hermit. It's also the stupidest way, but it is the safest."
[Read: Negotiating Your First Job Offer]
Other potentially more feasible precautionary security steps for the average person with an active sensitive personal trail online in form of banking, credit and government identification information exist, though are not as fool-proof as absolute seclusion.
Yet these measures may help divert walking into scary, costly and time-consuming traps.
Chester Wisniewski, a senior security advisor at Sophos, a company that provides anti-virus and security protection products to Toshiba, Nintendo and Harvard University, among others, cautions people be wary of online banking emails, which could be phishing emails designed to steal your banking information.
Identifying these phishing emails can be tricky. Indeed, a sophisticated phishing email, masquerading as an email from an Associated Press staffer, was responsible for the recent hacking episode on the AP's Twitter account.
Still, it's generally easier and safer to bookmark your bank's Web site and then visit the site directly, Wisniewski says. The same goes for other Web sites you might expect to routinely receive emails from.
"Absolutely the biggest online security challenge for everyone is the human factor of failing," Wisniewski said. "You can build all these great security products that detect all the nasty stuff, but as a human being tricked into clicking the wrong link or by submitting your password to the wrong site, all bets are off."
Cyber crimes cost 56 surveyed American companies last year an average of $8.9 million, up from the average $8.4 million it cost them in 2011, according to the Ponemon Institute, a research center that investigates privacy and information security.
The cost of online identity theft facing American consumers is also increasing, says Eva Valesquez, the CEO of the Identity Theft Center, a national non-profit organization based in San Diego. She says that identity theft has increased this year for the thirteenth year in a row, topping the list of complaints to the Federal Trade Commission at close to 12 million consumers, totaling in the billions of dollars in economic impact.
The risks range from someone accessing an existing account to opening a new account to filing for public benefits with your personal information.
[Read: The Price of Fraud]
"It may take a few hours to get this resolved, or you may have to deal with this for the rest of your life," she said.
People should always have some level of concern when any non-government entity is asking for information like a Social Security number.
"It shouldn't be appearing on things like invoices and you don't need to give a Social Security number ever for a financial transaction," Valesquez said.
[Read: The Identity Theft Flu: 5 Ways to Stay Healthy]
It's wise to get in the habit of using a service like Google's password authenticator, which sends a constantly changing password to the Gmail subscriber's phone when logging in. Having a range of varied passwords for e-mail, Facebook, Twitter, banking and other personal accounts is also a good idea. Another option is relying on password managers some free and some not to do the bulk of the work for you.
But Schneier maintains that Top 10 tip lists for online security can be misleading.
"People read them and think they can be safe online," he said. "Gmail authenticator could make it harder for someone to access your email, that's certainly true. Does it definitely make it harder? No."
[Read: Don't Get Skimmed at the ATM]
Valesquez agrees.
"There are no guarantees," she said. "But it's the same as guarding your other valuables. When I leave for work, I lock my house and don't leave the windows open. Make sure you read your credit card statements and check your credit reports. Shred your old documents, don't just throw them in the dumpster."
--Written by Amy Lieberman for MainStreet