It has been a crazy two days for me, I was an MC at a CyberSecurity conference and have been running around like a chicken with my head cut off. One of the questions that came up for our panel of experts related to the validity of identity theft “protection” services. While the question wasn’t really on topic it certainly caught my attention as a personal finance blogger.
I really think someone should come around and slap these people for being so bold as to put the word protection anywhere near their logo. What they should really call themselves is personal assistants with an insurance policy rider. They do not protect you from becoming a victim of identity theft, they really just monitor your credit to determine if you may be a victim.
At the point these services take any sort of action someone has already assumed your identity and is working to take out lines of credit in your name. They have just identified a theft that has already occurred and are working to mitigate that risk. Any credit monitoring service will notify you of inquiries or changes to your credit reports, their service(s) notify them so they can notify you.
Looking through the list of other services included with one of the majorly popular identity theft protection services I actually break out laughing.
- Wallet Protection – The service I am not naming, actually lists as a feature that they will personally handle getting your contents of your wallet reissued if you lose your wallet. All this really means is someone else will call and ask your bank to issue you a new ATM card, or call your credit card company to get a new CC.
- Junk Mail/Card Offer Reduction - It is crazy easy to stop getting credit card offers in the mail. You can do this for free, in less than ten minutes on your own. There is absolutely no reason you should consider this a feature of anything.
- Free Annual Credit Reports – Again, you are paying someone for something that is easy to do, and free. All you have to do is go to one website to pull your three free annual credit reports. Calling this a service is just a giant crock of ….. turkey butts.
But Kyle they say they are going to pay me $1,000,000.00 if my identity gets compromised. RTFP, they say they will pay up to $1,000,000.00 to help FIX the identity theft if was the result of a failure in their service. I don’t know how anything could be a failure in their service since they don’t prevent the fraud, they just detect it early on.
What you really end up getting is a dedicated “assistant” who takes your money and monitors your credit. If something changes they give you a buzz. They also help you do things that are dead simple, and free, for a fee. The only real value is in the money and you only get what it costs to fix the problem, not a real value to you.
Now I know I will get a couple of comments from people telling me the $120 a year or whatever is worth not having the hassle of calling around or dealing with credit bureaus on your own. I say it is a waste of money. What do you think?
Many people don’t know but this is National Cyber Security Awareness Month. As I have said in the past computer security is part of my job, it is my other passion if you will. I have talked about security in the past, but there is always more to share.
Our computers are becoming the centers of our financial universe. We automate everything, login to our accounts frequently, and monitor it all from single central place. Whether you use Mint, Yodlee, Quicken, or Budget Pulse the easiest way to your accounts and your money is through your computer.
This is a war and you are way behind, this my second post on security. Between the two of them you are well on your way to rocking out in relative safety.
Computer Management
You computer is like your car, or your home. Every now and then a problem will pop up that you didn’t know about before. The same thing happens with your PC or laptop. When problems come up that made it through debugging they need to be fixed. These problems can be minor, or the can be major security holes.
People actually get paid to do nothing but bang on software to find the holes, then develop a way to exploit that hole to take administrative control of your computer. For those of you who huff an puff everytime Microsoft releases a patch. I ask you to take an unpatched Windows XP machine and put on the internet unprotected. The firestorm that will ensue will be amazing. When a patch comes out, patch your machine. No reason to wait, you can’t possibly be doing anything that important.
Antivirus
This is one of my sticking points, antivirus is an extreme necessity, it is also an extreme pain in my, ahem. The problem with antivirus is it is resource intensive, most paid or free antivirus systems have an active scanning component which is resident in memory all the time. For the most part you are just going to have to suck this up. There is no way around it and you want to be sure you are running something for those instances where you click the wrong link. Through all my griping about it, it is worth it for the casual browser, it isn’t going to stop an determined attacker but will protect your from wild virus’.
Browser Choice
The browser you use to access the internet has a lot to do with your susceptibility to compromise and infection. Microsoft has the majority share of the browser market with IE. Because of this most hackers target vulnerabilities specific to IE. Just by switching to a browser like Chrome, Firefox or Safari you are cutting out a chunk of the browser attacks that are out there. I love Chrome because of its minimal interface and speed. I use it for accessing sites I know and frequent often. Random browsing always occurs in Firefox.
I use FireFox for random browsing because of one thing, and one thing only. No Script. No Script is a Firefox plugin which essentially blocks all scripts from running on a site unless I explicitly tell them they can. This will help to prevent zero day attacks that haven’t been patched. If you prevent them from running the code they can’t take control of your computer.
OS Choice
Most people don’t consider security as part of their OS choice, they only look at convenience. It is so much easier to just keep doing what you have always been doing then trying to change to something different. Typically Windows users don’t jump ship to Mac and vice versa. Even less utilized, but considerably more economical, is Linux.
The OS you operate is a big factor in your susceptibility to attack. The majority of computer exploits are for the Windows operating system, this isn’t to say the others don’t’ have their problems but why would anyone focus on something that has such a small market share.
So get out and get crackalacking on securing your PC and look for one more Cyber Security related post tomorrow.
