Identity Theft Protection and Online Safety

Apart from a standard practice like not clicking on links, Antivirus on PC/mobile, VPN protection, Darkweb monitoring , haveibeenpwned I like to hear what are your measure for Identity Theft Protection ? Do you use services like https://www.truyu.com.au/ or https://www.aura.com/?

Do you change your mobile numbers after certain years ?

Comments

  • +3

    Nice try scammer…

  • +9

    Paranoia beyond reasonable measures is not healthy. Continue to maintain standard practises. You do not need third party services that themselves could be security risks in future too.

  • Get a lock for your letterbox.
    Pay for a post office box.
    Have your bank statements available online only.
    If you're looking for a rental via an online platform used by landlords rather than agents, do not provide scanned copies of your ID, bank statements and payslips to the "landlord" for assessment of your suitability.
    If you move house, change your address on all services, banks etc immediately AND get a post office redirection for the first couple of months, for anything you miss.
    If you're thinking of taking out a loan, whether for a car or house, do not provide ID and income docs until you are sure you're ready to proceed - and keep an eye on your credit report afterwards.
    And FFS do not randomly complete an online biometrics check via link from bank etc unless you actually have the loan offer in your hot little hands - and NEVER complete such an ID process without initiating it yourself ie clicking the link that goes to your own phone. Never do one that was sent to someone else's phone, even if it's the broker who is helping you obtain a loan.
    Not just for online safety but ID takeover in general.
    Paranoid? No. Careful? yes.

    • Get a lock for your letterbox.

      I got rid of my letterbox entirely, and installed a parcel box instead.
      I don't want any stinking letters.

      Unfortunately, banks are adamant that they still need to send me interest hike letters for mortgage accounts to my address via snail mail.

  • -1

    My bank sends me a message when my credit card is used to make a purchase.
    Notify your bank if you are going overseas.
    Don’t leave credit card details online to make it convenient for your next purchase; put the card details in each time.
    Ensure you have unique passwords for different logins.

    • What is wrong with the person who downvoted these suggestions?

  • +3

    Use a fake name. JIMB0 isn't my real name, I changed it ever so slightly.

    • I suspected that, I always thought you sounded more like a JAMB0…

      • I always thought it's probably not all upper case is possibly on the nose a bit - Jim B0

        • I made it all upper case as there is no lower case zero and Jimb0 would just look odd. I also considered making it upside down but couldn't decide between oqɯᴉſ or ſᴉɯqo.

  • +2

    I also don’t use my real birthdate for signing up unless it is really needed. I usually give a false year.

  • +2

    After all those measures and tricks you sign for Optus or Medibank and voila… all down the drain.

    • It's got to the point that the main use for stolen identities, is to use them to sign up for legitimate services so you're protected when big companies inevitably let your information get leaked

  • Apart from a standard practice like not clicking on links

    What if it's an email claiming to be from your Australian bank?

    • A bank you've been with for many years
    • Telling you that you will soon receive another email from a domain that seems to have no relationship to the bank (and not an AU domain)
    • The non-bank domain email will contain an online link to complete an identity check.

    It then states, "If you don’t complete the identity check by 31 July 2024, your accounts will be blocked until this is completed."

    1. What's the chance this is legit?
    2. Would any Australian bank seriously encourage their customers to click links in non-bank domain emails and then provide their identity details?

    Answer: a webpage found on the bank's site suggests it's legit

    1. A lot of identity theft occurs through SIM swapping or SIM porting. I've stopped this dead by having a Porting PIN on my phone. Only one mobile provider in Australia has this at present https://www.cmobile.com.au/phone-porting-protection-pin/
      My number can not be transferred away from Cmobile unless I quote the 6-digit Porting PIN.
    2. Use MFA on critical sites like bank accounts. This can be risky if your phone is ported, but I'm confident about my Porting PIN.
    3. Use a password manager to prevent people hacking into your accounts. I recently migrated from Avast Password Manager to Bitwarden that got good reviews on ozbargain https://www.ozbargain.com.au/node/599844
      My wife migrated her Google Passwords to Bitwarden and she's changed them all from a few repeated 4 or 6 digit passwords to 16 character passwords that are different for each site.
    • One more thing when choosing passwords - it's easier to hack password like "H4rdT0Crack!!!$" compared to something like "Hard and stupid to crack".
      Now with new NVIDIA 4090 power simple pass (8 chars, mixed) can be cracked in less that an hour, compared to long and complex ones.

    • Its interesting that some of the Major banks don't have MFA for web based access. CommBank for example.

Login or Join to leave a comment