Top 10 ways to protect yourself against identity theft

We’ve learnt to keep a close eye on our personal belongings: smartphones, handbags and wallets are guarded with the utmost diligence and care. So why is it that in a world relying less on cash and more on digital payments, the same standard of care isn’t applied to our online identities?

Identity theft is a growing threat all over the world and South Africa is not an exception. For perpetrators, risks are low as it’s hard to track them down (they are disguised as someone else, after all), while the potential benefits are enormous. Just because it hasn’t happened to you yet, doesn’t mean it can’t or it won’t.

Most of the tips below will go a long way towards improving your general online security. UP is encouraging you to take your online safety seriously, and to start putting this advice in action today.


1.  Create secure passwords

It’s not a tired old tale if it’s relevant: weak passwords are still one of the biggest security challenges faced by today’s connected companies and individuals. Use passwords containing UPPERCASE and lowercase letters, as well as numbers and symbols, and if complicated passwords are too hard to remember, try using phrases instead. Every character added to a password makes a difference. Also steer clear of the obvious no-no’s like “12345” and “password” and if you’re using “letmein” – think again.


2.  Use a password manager

An alternative to thinking of your own complicated passwords is to have a password manager do this for you. When selecting a password manager:

  • Use one that is capable of functioning offline (e.g. OneLocker for Windows) or includes an Offline “Vault” function (e.g. LastPass for Mac).
  • Make sure it offers multi-factor authentication. OneLocker for Windows and LastPass for Mac offers fingerprint authentication and mobile two-factor authentication respectively (for more on this, read on!).


3.  Be careful when providing information

Be sensible when signing up to new websites or services. Is the information you are providing really necessary for the service provider to fulfil their function? For example, if you are subscribing to an online retailer, chances are they don’t need your ID number (unless they offer eBucks benefits). Likewise, not every online service requires your phone number to stay in touch. When filling in online forms, remember that everything without an asterisk (*), is optional!


4.  Keep your software up to date

Your first line of defence is your operating system. Modern tech giants like Microsoft, Apple and Google have an enormous interest in keeping their users safe, so it stands to reason that they invest heavily in cyber security. When breaches inevitably occur, their operating systems are usually first to respond by patching the vulnerability. Make their investment work for you by keeping your software up to date.  


5.  Install anti-malware applications

Your second line of defence is an anti-malware application comes in. ESET NOD32, BitDefender and Kaspersky all offer great solutions and have our approval for third-party anti-malware services.


6.  Use multi-factor authentication

If a service offers any form of multi-factor authentication (two-factor authentication or ‘2FA’ being the most widely used), take the time to set it up. Two of the most widely used examples are banking institutions’ online services and your Google account. When you log in to a service requiring multi-factor authentication, a prompt will require either biometrics (a fingerprint), or a code sent to a smartphone (Google Authenticator) to prove that you are who you say you are. This way, an identity thief either needs access to your smartphone or finger print before they can obtain unauthorised access to your information or devices.


7.  Log out of online services

It is a good idea to log out of services if you’re not going to be using them. You should also clear your browser’s cookies and cache whenever practical by visiting its advanced settings section.


8.  Only trust secure connections

Ever notice the little lock icon in the address bar at the top of your web browser? This is the SSL Certificate, which shows that the website you are on currently is actively protecting your sensitive data such as usernames, passwords and even credit card details. On Android devices, the padlock should be green at the top left of the browser; on iOS devices, the small black padlock will be right next to the website address, also at the top of the browser. When providing any of your information to a website or social media, make sure that your connection is secure by looking for the locked padlock; if it isn’t, exercise extreme caution!


9.  Destroy your documents before disposal

Your identity doesn’t live solely on the internet. When you receive bank account statements or invoices, it often includes your address, your name, your contact details and more. Before disposing of any document that contains personal information that could be linked to you, should destroy it.


10.  Review your statements

When you receive bank or account statements, take the time to read through your transaction history and subscriptions to ensure you have not been billed for something you did not buy or subscribe to a service that you don’t remember subscribing to. Unusual activity may mean that your identity has been hijacked.



Copyright © University of Pretoria 2024. All rights reserved.

FAQ's Email Us Virtual Campus Share Cookie Preferences