Gretel Egan | January 28, 2015

Five Quick Tips for Improving Your Data Privacy

Last updated: January 24, 2018

Wombat_DataPrivacy2015January 28 is Data Privacy Day, an international effort that’s held annually. At the root of Data Privacy Day is the idea of “Respecting Privacy, Safeguarding Data, and Enabling Trust.” In honor of that mission, we offer you five relatively simple ways to shore up the privacy of personal data.

1. Be Cautious About Social Connections

A Facebook friend request here, a LinkedIn connection there…all pretty harmless, right? Not really. Scammers frequently create fake social media profiles in order to connect with individuals and mine for data. Think about the information a Facebook friend is likely to have access to: names of family members, birth dates, anniversary dates, maiden names, photographs…the list goes on and on. Since users freely share these details with their connections, scammers send out hundreds of friend requests for fake profiles and hit a virtual data goldmine with every acceptance.

The issues don't end with consumers; attackers also use shared info to create believable spear phishing and business email compromise (BEC) attacks that impact organizations via outcomes like credential compromise (which gives scammers direct access to email and other accounts) and fraudulent wire transfers (which rob companies of cash).

The safest rule of thumb for data security? Do not connect with people you don’t know. Period. 

Read our infographic to learn more about identifying and avoiding BEC attacks. And if you suspect a Facebook profile is fraudulent, report it

2. Stop Thinking ‘It’s Just My Email Address’

I’ve been guilty of this one myself; the old, “Well, it’s only my email address. No big deal.” If anyone else has thought this, it's important to realize that email offers a lucrative inroad for scammers: phishing attacks.

Quite frankly, an email slip-up is a phisher’s best-case scenario. An unaware user can quickly put themselves in hot water by clicking a malicious link, downloading an infected file, or filling in a phony form. And because phishing attacks continue to get more sophisticated, it becomes harder and harder to spot the fakes.

Given the proliferation of malicious messages, now is the time to be more selective about sharing your email address.

color_bar.png

Learn more about protecting yourself from malicious emails with our "Phishing Decision Tree" infographic.

View the Infographic

color_bar.png

3. Stop Trading Personal Data for ‘Stuff’

Legitimate and malicious companies often take similar approaches to special offers: They dangle a carrot (a free software download, a promotional item, the promise of a discount code) in exchange for personal information about you. How often do you turn over your address, mobile phone number, birth date, and/or other personal data in the name of getting free stuff? Have you thought about where that data might travel to and how that data might be used down the road? Legitimate company or not, you’re still putting your information out there for someone else to control.

The next time you’re presented with a form like this, ask yourself: Do I really need it? Will I really use it? Do I really trust the person or organization that’s asking for my data?

4. Help Protect Your Friends’ Data as Well as Your Own

There are plenty of apps — mobile and otherwise — that encourage you to connect through social media channels like Facebook and Twitter. Still others open channels of communication between your device and those on your contact lists. Before making those connections, stop and consider: Should I really share my friends’ contact information with this app?

Sometimes, the answer is going to be yes. But if you’ve been on autopilot, do your friends a favor and consider opting out of these requests from more frivolous or questionable sources.

Dig deeper into the privacy-related concerns associated with specific apps at PrivacyGrade.org. 

5. Get a Better Handle on Privacy Policies and Terms of Service

The legal jargon, elevated language, and formidable length of online privacy policies and terms of service understandably deter the average web user from taking even a cursory glance at this content. And things got even more complicated in 2018, with the data privacy specifications in the General Data Protection Regulation (GDPR) prompting many organizations to rewrite (and expand) their privacy policies. Daunting though they may be, blind acceptance is not doing you or your data any favors.

There is help out there, though. Sites like Terms of Service; Didn’t Read and this article from the Wall Street Journal can help you cut through the legalese and reveal the hidden dangers on specific sites.

Subscribe to Our Blog

2018 State of the Phish Report  Protect your organization from phishing attacks. Download Now
2018 Beyond the Phish Report  Protect your organization from threats including and beyond phishing. Download Now