Online Privacy and Theft Protection Q and A - Stop Facebook from Spying on You...: And Other Ways to Protect Your Online Privacy (2015)

Stop Facebook from Spying on You...: And Other Ways to Protect Your Online Privacy (2015)

Online Privacy and Theft Protection Q and A

Identity theft expert John Sileo answers common questions about online privacy and theft protection…

Q: Is it safer to make bill payments through your online banking account versus logging in to the website of the company that is billing you to make payments? (Online banking can take up to seven to 10 days to process a payment, while a direct payment to a vendor’s site is immediate.)

A: I prefer to log in to the bank and use its bill pay option. That way, only the bank has your information and when it sends out a check or ACH on your behalf, it is the bank’s account number, not yours. But yes, you have to be a bit more prepared to do it.

Q: If someone hacks my e-mail address and sends spam to people in my address book, is it enough to just change my password, or should I obtain a totally new e-mail address?

A: This is a hard question, as that address has forever been tainted and will often trigger the junk mail feature on the accounts of your acquaintances. If it’s not a ton of trouble (I know it is), change the account, otherwise, change the password to something longer than 13 characters, using alphanumeric characters and symbols. Example: Th3H1ll$areAl!v3 (The Hills Are Alive). Easy to remember, tough to crack.

Q: I heard that many smartphone apps, including many popular ones, actually have viruses embedded within them. How can I tell if an app is safe to download? What do I do to make sure my smartphone remains virus (and hacker) free?

A: Oftentimes they are apps that mimic the real ones but that intercept all of your private information. My rule of thumb is to only load what you absolutely need, only use the approved app store (e.g. Apple) and change the privacy settings in your mobile phone to restrict the apps access to your contacts, etc.

Q: Is it best not to shop at retailers that have announced they had breaches in security?

A: Actually, it’s only after a retailer has had a breach that it starts to take the security precautions it should have taken in the first place. Over time, Target will be safer than most retailers. Isn’t it ironic? That said, I am done with Target, at least with a credit card. It ended up losing data that was more than 10 years old—That’s bad practice keeping that information around for so long.

Q: My daughter said someone gained access to her debit card account via her PayPal account. The bank had her file an “investigation” request and nothing more…shouldn’t it change her account and/or her debit card before the person who has her information takes more money from her—while they investigate? I don’t understand them not being more proactive to protect her money!

A: Absolutely the bank should change her account! If the bank doesn’t do that, find another bank. The chances of someone breaching the account again are very high.

Q: I want to discontinue my Facebook account. How do I unsubscribe?

A: That is probably the most popular question I get these days, and I show you how to do it (without shooting yourself in the foot) here: 1. Backup your data. 2. Deactivate your account for a week or two first to see if you really want to live without it. 3. Alert your friends if you do decide to permanently delete your account. The intention is to protect your privacy, not anger your friends. 4. Delete your account.

Q: What is the “safest” web browser and which do you use?

A: I use two separate browsers—one for private and one for public. For private, I have built a much more secure browser using Firefox. There are a bunch of items you can lock down on a browser to make it safer. But, of course, performance suffers. So, when I’m browsing non-private stuff like sports I use my regular browser (Chrome). And when I go to my bank or other financial company websites, I use my protected Firefox browser.

Q: I’ve been reading about bitcoins. Is it a legitimate currency? Would you recommend using them?

A: While there are a lot of supporters of bitcoins (mostly drug users and criminals who want to launder money), I am not one of them. Remember when they said that Cabbage Patch Kids would be worth a fortune in 10 years (or Pet Rocks, or Furbies)? Well, the bitcoin will be worth about as much.

Q: Can you give us some of the best ways we can protect ourselves from identity theft?

A: Some of the most popular suggestions from my book, Privacy Means Profit (Wiley), include freezing your credit (more here: and opting out of junk mail ( I also recommend you take your Social Security card out of your purse or wallet and only take it when you need it.

Q: I’ve heard about web browsers such as Tor that would allow me to browse the web anonymously—and more securely. Are there different risks to my computer’s security than if I were to use a traditional browser such as Safari or Google Chrome?

A: Tor is actually not a browser, but a program that hides your IP address (makes it look like it’s coming from another country). This is great for people who want to avoid the Great Firewall of China or to mask their behavior (usually Spamming), but it does little to keep you anonymous. For that, I like the software Cocoon or

Q: I’ve heard that some US credit card issuers are thinking of switching from the traditional swipe-and-sign cards to the chip-and-pin technology that is common in Europe and Asia. Would this improve security?

A: Yes, and let’s hope they do switch. By no means is it a perfect technology, but in the first five years in Britain, it lowered credit card fraud by more than 70%. You see, it’s so easy to replicate the magnetic strip on the back of the card, but much harder to clone a digital chip and also have the PIN or password. I am totally behind this technology.

Q: I’ve been hearing about apps to transfer money quickly and easily such as Venmo. Are these services safe? If not, what is the most secure way to transfer money to friends or family members?

A: I do not use my mobile phone or iPad for any financial transactions at this point, as they are so compromised by rogue apps. I use the old fashioned method and get on my laptop or give the bank a call. Much more work, but much safer. In two to three years, these apps will be safe because the mobile operating systems will have done a better job locking down the important apps and locking out the rogue apps.

Q: When I enter a commerce site on my computer these days, the browser, or perhaps my computer, asks me if I would like to save my password, so that the next time I visit the site from the same computer device, I will not have to enter it. I normally answer no. Is it safe to answer yes?

A: I don’t like to use the password keychains, as they are called, that are in the browser. They are so easy to hack. I prefer to use a program like 1Password so that they are well encrypted, and so that you are forced to use long, strong and varied passwords.

One question that hasn’t come up that is so important is how to keep hackers out of your online accounts (bank, investment, dropbox, Gmail, etc.). There is a simple answer called two-factor authentication (it’s not as scary as it sounds), and you can watch a quick video on how it works here:

Expert Source: John Sileo, president, The Sileo Group, a Denver-based identity theft prevention consulting and education provider that has worked with the Department of Defense, the Federal Reserve Bank and many other clients. He speaks internationally about online privacy, social-media exposure and digital reputation. He is author of Privacy Means Profit: Prevent Identity Theft and Secure Your Bottom Line (Wiley).