It is not uncommon to hear of spear phishing and hacker stories who broke into some company systems and stole many of their client names, emails and other personal information. And you may wonder what can I do? This is out of my control. But you may be wrong with this kind of limited thinking. First, you can avoid sharing your personal information with others unnecessarily. Second, even if you realize you already shared your email address with many online companies, you can still opt out of their mailing list. Of course, they can still retain your information, email you again, or even share your information with others even if you opt out, but, by taking action to remove your name and personal information, you reduce your risk and every bit of risk reduction is a good thing.
There are also those cases where your personal information is collected from various sources, processed, analyzed, packaged and sold without your approval. You may or may not be aware of where your information might exist and in what form and I doubt that everyone knows exactly which company owns how much of their information and in what formats. Thus, as a matter of precaution, it is important to stay abreast of the latest hack attacks and stolen information. It is also prudent to be cautious when responding to emails which might appear to be coming from legitimate sources. You see, stolen personal information might be used in a variety of creative ways to commit identity fraud and one of such criminal ways might be to use stolen emails and names to obtain account IDs and passwords. You may have heard of or even seen emails appearing to be from a legitimate source like your bank which asks you to update your personal information by clicking a link because the bank suspects your account was emptied by identity thieves. But in fact, your account gets emptied when you click the link and enter your account ID and password. This is called phishing but when pieces of personal information such as name, date of birth and address are used with phishing to lure people into revealing more personal information such as their account ID and password, it becomes spear phishing and it is very dangerous because people tend to trust the phishing email even more when they see some of their personal information in the email and this is why spear phishing is much more dangerous because it entices people to voluntarily give away their most intimate information like account pass codes.
To reduce your risk of spear phishing and identity theft, follow these simple rules: