Personal information is any information that can be used independently or with other information to identify an individual. This umbrella encompasses many pieces of information, not limited to the list below:

► Name, address, and date of birth
► Email address, phone number, job title
► National ID number, passport or driver’s license number
► Sex, gender identity, ethnic or racial origins
► Medical, criminal, or financial history or identifiers
► Banking, loan, or credit card numbers or details
► DNA, fingerprints, and voiceprints
► IP address, if it can be traced to an individual

To protect this information, you should only share these and any other types of personal information when absolutely necessary and only with recipients you know and trust.

Phishing emails are one of the most significant threats to personal information. Cyber criminals use them to trick individuals into clicking on a suspect link or downloading a malicious file to steal their data, install malware to their device, and more.

To defend against these manipulative emails, you must:

► Avoid opening emails from unknown senders. If you’re unsure if a sender is legitimate, you can always reach out to them over the phone to investigate further.

► Never click on links in unsolicited emails, as these can take you to a phishing website or download malware to your device.

► Don’t respond to emails asking you to provide confidential or personal data. No reputable organization will ask for personal information by email.

► If something sounds too good to be true, it probably is, so ignore any emails proclaiming that you’ve won a prize or are eligible to receive a special discount.

► Before clicking on ANY links or attachments, verify that you know the sender, including the name, email address, and signature (if applicable).

Emails aren’t the only medium that cyber criminals use to try and trick victims into handing over their personal information. Fraudsters will also use SMS messages and voice messages to trick users into giving up personal information.

For instance, an attacker might send an SMS message to an individual saying their password is about to expire, with a link prompting them to update it. Then if the user clicks on the link, they’ll be taken to a phishing website where the attacker harvests their details.

Users can counter vishing and smishing attempts by never handing out personal information over the phone and never clicking on links included in unsolicited SMS messages.

If you encounter a phishing scam in your email inbox, don’t just ignore it; report it. Reporting the email to your IT department, IT provider, or another governing body can help prevent the fraudster from scamming other users.

Most email solutions like Outlook, Gmail, and Yahoo give users an inbuilt option to report email scams. However, it’s worth noting that most countries also have a board that deals with phishing scams, which you can contact via email to report scams. Some of these boards include:

► In the United States: the Cyber Security and Infrastructure Security Agency

► In Canada: the Canadian Anti-Fraud Centre

► In the United Kingdom: the National Fraud and Cyber Crime Reporting Centre

Contact your IT department or local law enforcement to inquire further about the appropriate organization to contact in your region.

While online work and shopping are massive parts of many people’s day-to-day lives, they’re also a prime target for cyber criminals. This reality means it’s vital to take extra steps to protect your data when using an eCommerce site or third-party transaction platform.

You can make your online experience safer by taking the following actions:

► Make sure the site is legitimate. The first thing you should do when shopping at a new ecommerce site is to check its legitimacy by doing the following:

→ Check that the website has a closed padlock that indicates a secure transaction, and if an “http” is shown, it should have an “s” at the end (i.e., “https://”) confirming encrypted communication.

→ Look at the site’s security certificate – In some browsers, you can click on the lock icon and a “Show Certificate” option to view who the certificate was issued by and when it expires.

→ Look for seals of approval from third-party security vendors.

► Beware of identity theft and related fraud. In 2020 alone, the FTC had 4,720,743 fraud and identity theft reports, which means users need to be prepared to spot scams independently.

► Use multi-factor authentication wherever you can. Many online sites will ask you to create an account before accessing content or completing a purchase. If you do, create a strong password and set up multi-factor authentication if it’s offered.

Using public Wi-Fi may be convenient for getting work done on the go. Still, it can put your information at risk, as hackers can snoop on data transmitted throughout the network. That means you should never transmit sensitive information on a public Wi-Fi connection.

If you absolutely must work online while connected to a public Wi-Fi access point, use a Virtual Private Network (VPN) to protect your data in transit so that it can’t be tracked and harvested by cyber criminals.

Regularly update your operating system (i.e., Windows or MacOS) with the latest security patches and updates provided by the OS vendor.

Enable automatic updates whenever possible to ensure you receive critical security fixes promptly.

Keep an eye on security bulletins and news from your OS vendor to stay informed about vulnerabilities and updates.

Install reputable, reliable antivirus and anti-malware software on your system and keep it up to date. Configure your software to perform regular scans of your system and files. Most platforms will allow you to schedule automatic scans for convenience.

Enable real-time scanning to detect and block malicious software in real-time.

Keep the antivirus software's virus definition database updated to detect the latest threats. Update anti-malware software regularly to stay protected against new malware threats.

Keep all software (including web browsers, plugins, and applications) updated to the latest versions. Enable automatic updates whenever possible to ensure you have the latest security patches.

Regularly check for software updates from official sources and apply them promptly. Remove any unnecessary or unused software to minimize the potential attack surface.

Be cautious when using USB drives from unknown or untrusted sources. Scan USB drives with antivirus software before accessing any files on them.

Disable the "autorun" feature on your computer to prevent automatic execution of malicious code from USB drives.

Consider encrypting sensitive data stored on USB drives to protect it in case of loss or theft.

If available, consider using biometric authentication methods such as fingerprints or facial recognition. Ensure the biometric data is securely stored and encrypted by trusted systems.

Regularly review and update your biometric settings and authentication preferences.

Be aware of the limitations of biometric authentication and consider using it in combination with other authentication factors.

Enable multifactor authentication (MFA) whenever possible. Use a combination of different factors, such as passwords, biometrics, SMS codes, or hardware tokens.

Choose MFA methods that suit your needs and provide an additional layer of security.

Create strong and unique passwords for all your accounts. Use a mix of uppercase and lowercase letters, numbers, and special characters.

Avoid using easily guessable information, such as birthdays or pet names, in your passwords.

Consider using a password manager to generate and store complex passwords securely.

Keep your devices physically secure, especially when in public places. Lock your computer and your phone when you step away from them, even for a short period.

Be cautious about sharing personal information online and limit the information you provide on social media. Regularly review your privacy settings on social media platforms and adjust them according to your preferences.

Approach online activities with caution and skepticism. By taking a moment to evaluate the legitimacy and potential risks associated with emails, links, or requests for personal information, you can avoid falling victim to phishing scams, malware infections, or identity theft.

Being mindful of the information shared online and practicing good password hygiene empowers you to make informed decisions, seek verification when in doubt, and adopt a security-conscious approach to your digital interactions. By incorporating critical thinking and exercising caution, you can significantly reduce your vulnerability to cyber threats, and protect your online identity and personal data.