Category Archives: identity theft: identity fraud
Apple iOS devices* support a useful data security feature called ‘Erase Data’. This feature if enabled (and you use a passcode), will erase all your iOS data after 10 failed passcode attempts. Enabling this feature should be a priority, especially if you lose your device.
The 10 times failed passcode attempts is consecutive, not cumulative and performs the same data erase as General > Reset > Erase all content and settings. Here is how you enable ‘Erase Data’:
- Open > Settings > Tap > ‘Passcode’ option (see note below)
- Turn the toggle on next to ‘Erase Data’
- Confirm the change and tap > Enable button
Note: If you use Touch ID, this option is called ‘Touch ID & Passcode’
IMPORTANT: In the event, you accidentally erase your iOS device, it’s a good idea to regularly backup your device in iTunes, so you can recover your data.
How do you recover your data to your iOS device?
The encryption key will be deleted on the device when using the ‘Erase Data’ feature. You will then be forced into recovery mode to continue with restoring your iOS device, which can be done from a recent iTunes backup. If you don’t backup up your iOS device, your device will be restored as new.
Here in the UK, there is a trend for companies to sell your personal identifiable information (PII) to trusted third parties. Companies can gain significant commission from doing this, but ultimately this poses the question – why do companies expose your personal information to the risk of data breach and in particular identity fraud? Data breach is a serious issue which can compromise us all.
Mobile phone companies are sharing your data with marketing companies (including your business account) to third parties who attempt to sell you a new product or service (i.e. new improved plan). You don’t want your business data (nor your personal data) transferred to a third-party as your contract is with the mobile phone company.
I’m sure you’ve had a call from a marketing company and you ask yourself how do they have my mobile number and other personal information? If you ask them this question, some will tell you they are an “authorised partner”. This doesn’t help you – How do you know they are who they say?
When you get a call from a marketing company about a new mobile product or service you should do the following:
This will also allow you to sync across Safari with your third-party apps that support the iCloud Keychain. The Keychain also stores your Wi-Fi networks and can be used as a password generator. The information is securely stored using 256-bit AES encryption.
If you are like me and have several Apple device i.e. Mac, iPhone, iPad and/or iPod, you will most likely want to use iCloud Keychain as this means you don’t have to manually reenter your login credentials for each of your devices. You are protected from bad actors, in the event someone manages to guess your password. Refer to my previous post How to enable iCloud and iTunes two-step verification to learn more about how you can protect your Apple ID.
You can setup iCloud Keychain for the first time on your Mac or iOS device. It’s up to you. For the benefit of this post, we will be using a Mac.
NOTE: The following assumes you use a Mac password to login.
Over the past few weeks you may have seen the celebrity photo leaks story regarding iCloud data being hacked. Apple has recently addressed this hacking issue by introducing an additional layer of security called ‘two-factor authentication’.
Two-factor authentication uses your mobile device to authenticate any changes that are made to your login credentials i.e. password and or if a bad actor guesses the answer to your security question.
To be able to setup this authentication you will need to visit this URL: https://appleid.apple.com/ where you will be able to create an Apple ID and manage your Apple ID. You also have the option to reset your password.
- Click > Manage your Apple ID (you will be presented with the sign in screen)
- Next > enter your Apple ID password (you may be presented with ‘Improve Your Password’ screen)
- You should reset your password. As you type in your password it will tell you whether it’s too short; weak; moderate; strong etc. Now you are logged in.
- Choose > Password and Security (this can be found from the navigation options on the left)
- You will now be asked to verify your security questions. Once done, scroll down to the > Two-Step Verification section
Google provides a free service called ‘Google Alerts’. It allows you to be your own personal ‘identity managers’ or as I like to call it ‘preference managers’. Preference management will be a major business in years to come, especially given the volume of personal identifiable information we are all uploading to the Internet.
It’s my belief that ‘Preference Managers’ will be as important tomorrow as ‘financial advisors’ are today. The flip side will be the reputation services offered will be expensive, so most people will not be able to afford them.
That said there is a free service today, that will allow you to be your very own ‘Preference Manager’ and monitor and manage when your name, address, place of work etc. is referenced in the online world. Thank Google for ‘Google Alerts’:
- Google Alerts will allow you to receive free regular email updates whenever any mention of your name, address ,website or keywords appears anywhere across Google Search.
- You have the choice to monitor type of content (search query), which might be everything, news blogs, videos, discussions or books.
- Specify a region and decide how often and how many results you want to receive.