Want to Protect Your Family from Cyber Thieves? There’s an App for That

Dan Tynan
Updated
Want to Protect Your Family from Cyber Thieves? There’s an App for That

In the 1930s, a reporter asked gangster Willie Sutton why he robbed banks. “Because that’s where the money is,” he famously replied.

If Slick Willie were alive today, he wouldn’t be robbing banks. He’d be hacking corporate networks and infiltrating the computers at major chain stores. He’d be stealing credit card numbers by the millions and auctioning them off to the highest bidder on the Internet black market. He’d be using the information he stole to perpetrate all manner of other crimes, from identity theft to extortion. And he’d be doing it without having to face down a single armed guard or to hire a getaway driver.

This is the world we live in. Violent crime has been on a steady decline for the past decade, according to FBI statistics. Cybercrime, however, is skyrocketing. The recent hacks at Target, Neiman Marcus and other retailers are just the latest examples of the shift in criminal tactics. It’s going to get a lot worse from here on out.

David Pogue already wrote an excellent primer on what happened and what you can do about it. I’m going to talk a bit about a few other things you can do, and some tools that make it easier to do them.

What, you, worry?

Essentially three bad things could happen to your family as a result of breaches like the Target hack, which exposed not only bank account data but also personal information such as email and physical addresses. The first is that bogus charges could show up on your account. The good news is that your credit card issuer won’t hold you accountable for any fraudulent charges; the bad news is that it’s up to you to identify the false ones and to bring them to the issuer’s attention.

The second is more serious: Thieves could use the information they stole to open up new accounts in your name — classic financial identity theft — and use these accounts to run up thousands of dollars in charges, thoroughly trashing your credit rating and your reputation. According to the Identity Theft Resource Center, it takes victims an average of 600 hours and thousands of dollars just to clear up one instance of ID theft.

The third threat is the scariest, in part because it’s most vague. Thieves could sell your information to other criminals, who can then use it to run scams directed at you and your loved ones. Typically these involve sending you so-called “phishing emails” — messages that appear to be from your bank or your employer, which direct you to a site that steals your password info and/or infects your computer with malware. From there, the criminal can gain further entry into your life, access your employer’s networks or take control of your computer entirely without your knowledge. Scary? You bet.

App yourself

How do you protect yourself and your family against these bastards? As with liberty, the price of doing business in the digital age is eternal vigilance. Fortunately, there are tech tools that make this slightly easier.

Start by scanning your bank and credit card records to identify anything that looks suspicious. Financial apps like Mint help keep an eye on your account and alert you when things look weird. Tell Mint, for example, how much you spend each month on dining or phones or electricity, and it will alert you when you’ve exceeded the budgeted amount. So if you’ve suddenly exceeded your electronics budget by $3,000, and you haven’t just bought a 70-inch HDTV, you’ll know something is amiss.

Next, make sure there aren’t any bogus accounts out there with your name on them. The old-fashioned way is to order your credit report from one of the big three agencies (Equifax, Experian, TransUnion) and laboriously go through each one line by line, looking for accounts you don’t remember opening. An easier way is to install the free Credit Karma app, which takes the information from TransUnion and puts it in an easily digestible form on your phone. Credit Karma can also alert you if your credit score suddenly changes, which could be the result of someone opening a new account in your name.

(If you do decide to go old school and order a paper report, be sure to do it from AnnualCreditReport.com, which provides one report a year from each agency free of charge. Other sites with similar names will attempt to dupe you into paying for them.)

If you’re one of the unlucky 100 million or so caught up in the Target data breach, you will probably want to take advantage of Target’s offer of a year’s worth of free credit monitoring from Experian’s ProtectMyID. This will help keep strangers from opening accounts in your name or alert you if your Social Security number starts showing up for sale on the Net. And there’s an app for that, too — for iPhones and iPads, at least.

Finally there’s the threat of scams to come. There are two things you can do. One is to make sure your computer security software is up to date and that you’re using the most recent version of your Web browser. Chrome, Firefox, Safari and IE 12 will all alert you if you land on a suspected phishing site. McAfee’s free SiteAdvisor software can also warn you if you’ve gone where digital angels fear to tread.

The other thing? Don’t let yourself be duped. Be on the lookout for any emails that seem a bit off, especially if they’re marked “urgent” or otherwise try to command your immediate attention. Call your bank (or your company’s HR department) to make sure that email really came from them. Don’t open any attachments or click on any link to a website in your email; type the address into your browser instead.

Don’t let Target make you a target

There’s another, more extreme way to prevent companies you do business with from letting cyber thieves have their way with your data, and that’s to make sure they don’t have the data to begin with. This is where shopping online using alternative payment methods can be safer than going to the store with a pocketful of cash.

If you use PayPal, for example, the merchant receives far less personal information than it would if you used your credit card. Or you can use a “masked” credit card, like the one offered by Abine’s MaskMe privacy suite. For $5 a month, MaskMe can give you a temporary MasterCard number to use for online purchases that you can then throw away when you’re done. Abine acts as the intermediary in the transaction; the merchant won’t even necessarily know your name (though it will probably need to know where to send the stuff you’ve just bought).

Finally, if you’re adventurous and the vendor is willing to play along, you can pay via Bitcoin, a new “cryptocurrency” that is gaining in popularity. Instead of using your name and a 16-digit credit card number, you make purchases using a Bitcoin address consisting of 34 apparently random numbers and letters. You can use a different Bitcoin address for each transaction, limiting the amount of data that can be traced back to you. More than 20,000 businesses and charities accept Bitcoin worldwide, with major online retailers like Overstock.com joining them earlier this year.

You can even use Bitcoins to buy a gift card from Gyft.com that lets you shop at Target. How’s that for irony?

The downside? With the value of the virtual currency in constant flux, the $20 you spend in Bitcoins today might be more or less in the future. Which may be a small price to pay for your privacy, or not.

Bottom line? Be safe, be smart and be proactive about protecting your data. That’s the best way to avoid being a victim.