Home > 2014 > Identity Theft > The Lie That Could Keep You Safe From Hackers

The Lie That Could Keep You Safe From Hackers

Advertiser Disclosure Comments 0 Comments

The hack that created millions of morally challenged voyeurs—and, depending upon which celebrity they downloaded, child sex offenders—also provided us with a teachable moment. It exposed the use of security questions in online authentication as a quaint artifact of an antiquated Internet culture.

We talk a lot about personally identifiable information (PII) in the data security business, but rarely do people realize exactly what that can include, and how much of that information is readily accessible online—not to mention how much PII they may be unwittingly putting out there in the overheated look-at-me world of social networking. For celebrities who are profiled and interviewed all the time, PII is everywhere.

As the smoke clears from this latest attack on privacy and our collective sense of decency, it’s becoming more and more likely that a deft use of personally identifiable information was used to unlock the nude celebrity photo troves that flooded the Internet with requests for all those ill-gotten images and videos.

Specifically, it appears the hacker (or hackers) targeted their victims in a mechanical way. The specifics are still unknown, but a good guess would be that whoever was behind the attack started with an email address and drilled down into specific iCloud photo folders using PII gleaned from material readily available online to answer security questions.

Even if it turns out that this was not the way it happened here, it’s time for a little moral jiu-jitsu to neutralize the threat of PII-based attacks. But before I say another word, it’s imperative you bear in mind that there is no fix here. Identity theft and data-related crimes are the third certainty in life. They vie for primacy with death itself. You are going to get got, and you may even get got taking my advice—but you owe it to yourself to make yourself as safe as you can. The wolves of cybercrime pick off the weakest among us first. Regularly monitoring your credit scores, credit reports and financial accounts can help you catch an identity thief quickly (you can check your credit scores for free every month on Credit.com), and smart account security can make you a less-attractive target for hackers.

So what should you do? Lie. You heard me—lie through your teeth. Fabricate, prevaricate, dissemble and say things that resemble nothing that might be construed as being even the slightest bit truthful regarding the particulars of your life. Lie like you were in a nose-growing contest with Pinocchio.

Mark Twain once famously said, “If you tell the truth, you don’t have to remember anything.” Wise advice, but he didn’t know anything about hackers, PII or online security questions. If the flood of hacked celebrity nude photos of late taught us anything, it’s that security questions must always be answered with lies. When creating answers to your security questions, it’s all about consistency — not veracity.

The fact of the matter is that any site containing anything of value that belongs to you—whether photos or finances—should safeguard that data on encrypted servers protected by multifactor authentication. It’s definitely time to get rid of the challenge-answer formulas, and knowing the “right” secret image won’t protect you forever because a patient thief can guess as many single-try logins as are needed until they find the right answer. Lies can at least get you past “what you know” to something more like “what you created,” and for now that may be your best bet.

Of course it would be ideal if all the places we go online used better authentication protocols (and that’s where things are headed), but in the meantime—whether you sext or not—consider the lie. Have some fun with where you were born, or who your favorite guitarist is, all the while keeping the wolves at bay—or at least out of your personal files.

More on Identity Theft:

Image: Roman Barelko

Comments on articles and responses to those comments are not provided or commissioned by a bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by a bank advertiser. It is not a bank advertiser's responsibility to ensure all posts and/or questions are answered.

Please note that our comments are moderated, so it may take a little time before you see them on the page. Thanks for your patience.

Certain credit cards and other financial products mentioned in this and other articles on Credit.com News & Advice may also be offered through Credit.com product pages, and Credit.com will be compensated if our users apply for and ultimately sign up for any of these cards or products. However, this relationship does not result in any preferential editorial treatment.