may get an affiliate commission when you buy through links on our website. Read More.

Two Checklists for Securing Your Personal Information

Your data is valuable. Not just to you. But to others like marketers, the government, and of course cyber criminals. It tells them everything about you, including your motivations and habits. 

Chances are you already knew that. Most of us also understand how essential securing your private information is today. It is an unfortunate reality in this modern age where identity theft is one of the fastest growing crimes.

Yet, the process of securing personal information can be tedious and convoluted. So, many people simply ignore it. Or they quit halfway through. Before establishing appropriate measures to secure their private data.

That behavior is dangerous, exposing bank accounts, credit cards, and other valuable assets. To help, we have assembled this straightforward guide with useful steps on how you can protect your personal information. 

The material is divided between two sections. Each contains specific measures on how to keep personal information safe. At the end, we also summarize both sections into two handy checklists for quick reference.

Personal Information Falls into Two Categories

The best way to start securing your personal data is to get yourself organized. To make the task easier, let’s split it into two categories. You have both online and offline information, and each have their own unique issues to address.

Offline Personal Data

Today, most people obsess over their electronic files. We do so much online today and there are more steps to secure your online data. But they often overlook the wealth of information thieves can get offline. 

It is dangerous to ignore your offline data. You risk losing your hard earned money and possessions when you do. So, let’s dive into the more common forms of offline personal data and what you can do to keep it safe.

Hard Copies

For starters, you need a secure, fireproof safe or lock box. It should hold things like property titles, birth certificates, passports, etc. In the wrong hands, someone can ruin your life almost overnight with these documents. Plus, in the rare event of a fire, your most important documents should be protected.

Also, when you head out, carry as little as possible with you. A full wallet or purse is a treasure trove for thieves. At work or other public places like the gym, lock up your personal items when you can not keep them on your person.

When contractors or other strangers are around, keep all your documents, mail, prescription bottles, etc. out of sight. You should also have nothing for people to see on your computer screens. Wandering eyes can take in more than you think.

Then there is the garbage issue. No, we are not talking about missing trash pick-up day. That’s not good, but we are talking about something worse. Thieves will go through your trash to steal your identity.

So, you need to use a shredder before throwing out sensitive documents. Bill statements, old credit cards, tax records, etc. are gold for cyber criminals. Never forget that thieves go dumpster diving to collect private information. Don’t let them succeed. Shredding thwarts their efforts.

Postal Mail

It is a federal offense to steal your mail. But identity thieves will take that chance. The information is valuable enough to them to make it worth the risk.

So, make sure your mail is secure. That can be done by going to the post office or using a postal collection box. Another thing you can do is retrieve your mail promptly. Do not leave it lying in an unlocked mailbox too long or it can be stolen.

And of course, if you go on vacation put a hold on your mail. Have the post office keep it safe for you while you are gone.

Phone Calls

Many people answer the phone when it rings even if they do not recognize the number. But, this can be risky. Identity thieves know this and they may be calling to extract your information. It is a form of phishing, called vishing.

One trick they use is to pretend they are issuing a refund for some reason. They then ask for your credit card number, or other personal data, to return your money. That is usually a sure sign of a scammer, and you should hang up.

Firms like Amazon, and the IRS, never call. They conduct business in writing (email or snail mail). So, be cautious with the personal information you give to strangers over the phone. If possible, avoid sharing personal information over the phone altogether.

Don’t believe it? Well, Experian reported that 70% of the time, the initial form of contact for credit card fraud is a phone call.

Paying in Public

Most of us pay for goods in public. That involves pulling out a credit or debit card to use the magnetic stripe or chip reader at the point of sale. I know what some of you are saying – that’s an online danger. Why talk about it here?

Well, there is an online method to steal your data during a purchase. We will discuss that in a bit. But “offline,” the person in line behind you can visually lift your card number and pin. No digital trickery needed, just their two eyeballs.

So, use a contactless payment like Apple or Google pay, or cash if you can. But when you have to pay using the store’s reader, keep your card number obscured from onlookers. When you punch in the pin, keep that from wandering eyes, too.

Your Zip Code

We have all had it happen. You are just about done paying for your purchase with a credit card and the clerk asks for your zip code. Do not give it to them.

Your name along with the zip code lets marketers match your name to an address, phone number, and lots of other data. It is why they asked for the zip code in the first place. 

But hackers also know about these databases the marketers build and they find a way in. Keep your zip code to yourself. The store cannot match and add your data into their marketing database. If it is not there, a thief cannot steal it.

Offline Checklist

In summary, even the smallest piece of personal information can be used to steal from you. So, follow these simple offline rules:

  • Secure every piece of paper with even small bits of data like the treasure it is.
  • Store critical documents in a secure, fireproof safe.
  • Leave home with no more in your wallet or purse than you need. Take all the extraneous stuff out and store it safely at home.
  • Lock up wallets and purses when necessary at work, the gym, or similar public places if you cannot keep them on your person.
  • Never leave mail, documents, prescriptions, or any data out in plain sight when contractors or other strangers might be able to see them.
  • Shred everything with even a single, small piece of your information before throwing it out.
  • Keep your postal mail secure. Also, put mail on hold with the post office when you are gone on vacation.
  • Avoid giving personal data out over the phone.
  • Make sure to cover and hide your card number, and the pin pad, when paying with a debit or credit card in public.
  • Don’t give out your zip code when making a credit card payment.

Online Personal Data

You know it’s true. Your online files are everywhere and hackers are trying to steal the personal information they contain. 

So what can you do? Well, the good news is there are many ways for securing online personal information. The bad news is that it takes more than one or two steps. But fear not, they are not overwhelming and they are all detailed below.

Social Security Number

Let’s start with a simple rule. Limit when and where you share your social security number (“SSN”) online. (Or similar identification number if you live in another country.) 

This valuable piece of information is powerful. It allows identity thieves to take out a loan in your name, steal your tax return, or even steal the title to your home.

A good rule of thumb is to never share your SSN online. Then break this rule sparingly. Only when you absolutely must share information with a bank or other verified institution. 

If you must use your SSN online for a valid reason, make sure you are on a trusted, secure site. We have more detail on how you can verify that a site is secure in the next discussion item.

Remember, once your SSN is online, it is always online. It is impossible for you to be too cautious before punching your SSN into any website.

How to Confirm a Website is Secure

Only enter personal data like your SSN and credit cards into verified, trusted, secured websites. And only when you have to. 

So how do you know if the website you are using is secure? If the website URL does not start with “HTTPS,” then it is not encrypted and secure. The “S” stands for secure.

Some browsers may not show the full URL address prefix in the default view mode. You might need to click on it to reveal the full address. Once you see the full address, if it only starts with HTTP, it is not secure.

Also, some browsers prefer to use a closed lock icon next to the URL instead of the prefix. But you can click on the lock to see the security settings for the site. You may even have some settings you can change.

Credit Card Use

Just as you would with your SSN, you should never enter your credit card numbers into a site unless it is encrypted and secure. Never. But there are other ways cyber criminals can get your credit card number.

One of the more insidious ways is the use of skimmers. The thieves fit a gadget into the slot of gas pumps or other heavily used public scanners. Then when you conduct a transaction, the device “skims” your data off of the magnetic stripe on your card. 

The thief then later retrieves his device along with all the stolen data. Or they may go high tech and the device simply sends them the data wirelessly.

So, when using an ATM, gas pump, or similar public scanner, check if there is anything loose. Skimmers are “slid” into place and will often wiggle and appear wobbly. The slot should also look the same as all the other card readers at the gas pumps or store.

Also, do not use the scanner if anything looks like it was tampered with around the slot area. The cabinet panels are now often fitted with a seal. If that cabinet seal is broken, do not use that card scanner.

Alternatively, if you suspect a card reader, don’t use it. Pay inside at the gas station. Or use another checkout. You cannot be too cautious when it comes to avoiding a potential skimmer.

One last universal method to keep your credit cards secure, don’t use them. You can still use cash to buy things. It reveals nothing to cyber criminals or the data hungry companies during your purchase.

Credit Bureaus

Too many people are unaware they can use credit bureaus to their benefit. For example, you can set up fraud alerts. Lenders must then verify your identity before issuing new credit. This service is free but it might need to be renewed every 90 days.

You can also lock or freeze your credit reports. This prevents potential lenders from pulling a credit report. Thus, it blocks thieves from taking out a fraudulent loan using your credit rating.

This is a good strategy but it is not without drawbacks. For example, to freeze your accounts, you may have to pay for the service. And to take out a new loan, you will have to contact the credit agency ahead of time to lift the freeze before you apply. 

In contrast, when you lock your credit report, you can lift the lock yourself when necessary. This makes locking a little easier to manage than freezing the reports. But like with freezing your account, you may also have to pay to lock your credit report.

Another issue you need to remember, lenders consult three separate credit bureaus. These are Equifax, Experian, and TransUnion. So, you need to make sure to set up your fraud alerts, freezes, or locks with all three credit bureaus.

Device Passwords

To state the obvious, your phone, laptop, desktop, etc. all carry loads of personal data. So, the last thing you want to do is give hackers a free pass into any of your devices.

Anyone can get on a device without a login password. So, to prevent this, use a strong, unique password for each device that you use. Login passwords are an easy thing you can do to protect your online personal data. It is worth the extra two seconds to login.

Electronic Devices

Not only do you need to make it hard to log into your devices, you need to keep your electronic devices secure. For example, you may want to lock up your laptop when you are not using it. Do whatever you must in order to limit access by others.

There is another aspect many people overlook, getting rid of your phone or computers. Before you return, recycle, or throw them out, you need to do some maintenance. First transfer your information to your new device. Then wipe the data from the old device.

Your old phonebook, contact list, voicemails, etc. are a treasure trove for cyber criminals. Delete all of this data and keep it from them before getting rid of old electronic devices.

To wipe all of the information, you may want to use specialized software like BleachBit. This type of program is designed to permanently remove your files. It can be very helpful. Especially with the data you didn’t know was stored on the device.

Account Passwords

So, you need to use a password to get onto your computer. But then you need a password to get into every account or social media site. It’s a lot of passwords.

We all think it, even if we don’t say it. Passwords are important, but they can be a pain in the neck. So much so, some people use the same simple password for almost every computer account. But this is risky behavior.

If a hacker learns your universal password from just one account, they have access to all your accounts. Not good for your personal information. You need unique passwords for every website and piece of software you use.

So, use a different long and random password for each account. To make it easy, you can use a password management app or a security key to create and keep track of them.

Two Factor Authorization

This method has become popular for a reason. It makes things harder for identity thieves. Many banks and other institutions now offer it when accessing their websites. And you should use it when the option is available. 

It works by sending a text to your phone during login. The message contains a special code you must enter as part of the website login process. 

The password alone will not work without the code. So, it is a “second” layer of security. This makes it much harder for hackers pretending to be you. 

Public Internet Access

Today, most of us are aware that shared computers and public WiFi are not secure ways to get online. So, you should never use personal information when using public internet access.

Remember, that includes online shopping. When buying items on a shared computer or public WiFi, you risk your data. Credit card information, and possibly your bank account, can all be exposed.

When shopping online, or conducting other personal business, use your own devices. Plus, be sure to connect through a secured WiFi network. 

Update Software Regularly

Cyber criminals work hard to find a way into your software. They can then do things like track your keystrokes, steal login data, and scan your documents. That means it is not long before they have your SSN, credit card number, phone number, date of birth, etc.

One of the more important things you can do to prevent this is to keep your software updated. The updates often include security measures, patches, and updates. So, it is crucial that you have up to date software on your computer.

While they are sometimes a nuisance, updates are crucial. You should always keep your software current.


In a nutshell, you need to avoid using personal information in emails. It is surprising how easy it is for hackers to gain access to your email. So, this is a common way for identity thieves to lift valuable data. 

Data like your SSN and credit card numbers should never be in your emails. This also includes things like your birthday and phone number. 

All of this stolen information can be pieced together, which allows a thief to pretend to be you. Then they can do things like steal all your money or take out loans in your name.

Plus, you should never click on unknown links or email attachments. Cyber criminals send bulk emails hoping to get into as many computers as they can. It is known as phishing.

The fake links or attachments sometimes direct you to fraudulent sites. They look official to trick you into entering personal information. With the data, the identity thieves then hope to clean out your bank accounts.

If you are redirected to a site, look for anything unusual. The site should be secure and the domain name should appear normal. Things like are a sure sign you need leave, immediately. Spelling and grammar errors are another sign of danger.

Even better, don’t use the email’s linked site. Close it out and go to the supposed site directly, by typing the known company address into your browser. At the site, you can usually also find out if they sent the suspicious email from their message center.

A clicked link or attachment can also secretly inject malicious code into your browser. One of the cyber criminal’s favorite tricks is to track your keystrokes.

Once a browser is infected by hidden code, every time you login into an account the code records your username and password. Without you knowing it, the hackers are then collecting all your usernames and passwords.

So, simply put, before you click on any email link or attachment, think twice before you do. And never open an attachment from an unknown source.

Backup Your Data

It is easy to miss one important aspect of securing your online personal information. That would be regular backups of your data.

So much of our personal affairs and business gets done online these days. A hard drive failure can wreak havoc on your life. Avoid that problem by backing up your data regularly. 

Yes, backups are one of those tedious tasks. But should you have a computer problem, you want to be able to recover all that valuable information.

But careful, be sure the backup is secure. It is a copy of your information that a cyber criminal would love to get into. So, be smart about how and where you backup personal information.

Internet Security Software

Malware like spyware and ransomware are realities of being online. These are malicious and can be devastating. Even worse, they can load onto your computer hidden in a picture, or a thousand other ways.

Malware is a generic term that covers all code or programs that are malicious to computer systems.

Spyware does what it sounds like. It monitors you and learns. Everything you do online becomes visible to the thieves. 

Ransomware takes control of your computer. To get it back, you must pay a ransom. The amount paid is sometimes quite large.

So it goes with saying, you need to avoid malware. No matter how it is classified.

Internet security software was developed to combat these threats. You should use it. A popular choice is Norton 360 Deluxe but there are other options available. Be sure to choose an option that prevents spyware, ransomware, and viruses.

Private Browsing

Most browsers offer a private browsing feature. Now, this is not a replacement for all the other strategies discussed here. But browsing in private does prevent recording of your history data on your computer. 

Internet providers will still be able track your activity. So, it is not as private as the name implies. But private browsing does clean your cookies, temporary internet files, and browsing history.

Marketing companies love getting at this data from your computer, and so do criminals. It allows them to know you by piecing together a picture. From this, thieves often learn enough about you to glean how they can best hack into your accounts.

So, using the private browsing feature of your favorite browser is not a bad idea. But alone this is not enough to protect your personal data.

Social Media Sites

You may have noticed that being stingy with your data is often a good strategy. Just don’t enter it online. But once on social media, people pour everything about themselves into the site. Of course, that is a huge blunder.

Because of this, identity thieves scour social media. They learn your phone number, date of birth, places you have lived and visited. This is all data that can be used to steal your identity.

Do not allow yourself to become one of their victims. Limit what you share on social media. Friends who need to know your birth date, email address and phone number already have that information. 

Also, you should use the privacy settings on that social media. Limit viewing of your activity to only friends and family. The procedure/settings vary from site to site. But most have settings to keep access to your personal information away from strangers.

Lie with Answers to Security Questions

Deceit is a wonderful tactic you can use to prevent identity theft. Yes, you can lie when answering certain questions and still be a good person.

Without much work, identity thieves can figure out how to answer your security questions. They just use the data you have posted on social media, or some other place. To combat that problem, simply make up answers to those security questions.

Of course you have to remember you did not use the real answer. But most people figure out clever ways to do this. For example, you could enter your least favorite pet’s name instead of the favorite they asked for.

Privacy Policies

When using a website, there are important details you should know. The site privacy policy explains many particulars regarding your personal data. You should read it.

Agreed. It is not the most exciting thing you can do. But it lets you know if the site is selling your information to unwanted entities. And how they secure its storage. It is important for you to know.

So read the site privacy policy. If it confuses you, or is unacceptable, you should not trust the site with your valuable personal information. 

Online Checklist

Your online checklist is longer than the offline one. But, follow these simple rules to better secure your online personal information:

  • Refrain from entering your social security number (SSN) online unless it is absolutely necessary.
  • Do not enter your SSN, credit card numbers, mother’s maiden name, etc. into a site unless it is a trusted, secured site.
  • To confirm that a site is secure, look for the URL prefix “HTTPS.” Some browsers may have a lock icon you need to click on to see the security settings for the site.
  • At ATMs, gas pumps, and other public scanners, look for card skimmers that may have been added into the slot of the machine.
  • Use fraud alerts, credit report freezes, or locks, offered by the credit bureaus.
  • Use strong, unique passwords to log onto all of your devices.
  • Keep mobile devices secure and wipe all personal information before disposing of them.
  • Create strong, long, unique passwords for access to all of your online accounts. A password management system or security key can be used to organize and remember them all.
  • Use two-factor authentication when offered to access your bank or similar accounts.
  • Avoid entering personal data through public internet access and never shop on a shared computer or public wifi.
  • Regularly update your software and keep it current.
  • Do enter personal information into emails and never click on unknown links or attachments.
  • Back-up your data often and store the backup in a secure place.
  • Use internet security software to prevent spyware, malware, and ransomware.
  • Use the private browsing feature in your browser to prevent your search history from being stored locally on your computer.
  • Sparingly enter your personal information into social media sites. Also, change their security settings to prevent strangers from seeing your activity.
  • Lie with your answers to security questions.
  • Read the website privacy policy so you know how they store and use your data, and who they share it with.