How to Protect Your College Student from Identity Theft on Campus
Five tips for better data and device security habits at college
This fall, roughly 19.9 million college students will attend colleges and universities in the United States, and about 12.5 million of them will be under the age of 25.
For many young adults, college isn’t just a transition to higher education, it’s a transition to living on their own and taking responsibility for their own finances, digital identity, credit score and banking information — all of which are critically important components of future success and security.
As I wrote about back in 2010, College-Bound Students Are Vulnerable as Identity Theft Targets. So, parents, as you perform the ritual of shopping for dorm room supplies and stocking up on merch at the college bookstore, you should also be guiding your child through some key processes of establishing credit and safeguarding against identity theft on campus. I say guide because it’s tempting for parents to do the work themselves, but now is the time to step away from the snowplow and let your child learn to shovel their own road. In fact, it’s a good idea to start the process while your child is in high school.
Educate your kids about starting to establish credit so they have it when they go to rent an apartment or buy a car. One of the simpler ways to do this is to have them apply for and use a student credit card with a small amount of credit. During this process (and any process like it), there are a series of security and privacy decisions that come into play.
- A great deal of personal information is collected, analyzed and sold by companies that prey upon naive college students. Make sure that, when applying, your child opts out of all information sharing possible. The minute or two spent changing the default settings (reading and unchecking the marketing and privacy boxes) will save the proliferation of their data down the road.
- Teach them to create a long and strong password (preferably with a password manager) that is unique on every website.
- Register for automatic account alerts when a sizeable amount of money is transferred, deposited or due so they have a daily view of their balances and activity.
- Have them turn on two-factor authentication to eliminate a majority of account takeover by cyber criminals.
- Teach them to monitor and reconcile their accounts monthly.
Once your student has opened a credit card account, they should freeze their credit with the three primary credit bureaus: Equifax, Experian and TransUnion. This simple and free step is one of the greatest ways to protect their data and their future buying and credit power.
Be Street Smart
Aside from protecting their cyber identity, students need to take precautions to protect their physical identity and important documents.
- Have sensitive physical documents (bank, legal, personal, FAFSA, applications, etc.) sent to a permanent address (e.g., parents’ home).
- Leave your Social Security card, passport and other documents in a permanent, off-campus location (e.g., parents’ home in a fireproof and waterproof box or a bank safe deposit box).
- Shred any important financial documents that come in the mail and never leave sensitive mail lying out.
- Always lock your dorm room door and don’t leave devices unlocked or unattended in a gym locker, the library or a classroom.
- Check for unusual devices added to ATMs that might be skimming card info.
- Always cover the keypad with your hand when entering your PIN, whether at an ATM or a retail store.
Make sure your student has long and strong passwords on their phones, tablets and laptops and that they don’t share them unless absolutely necessary. There are more than 100 privacy and security settings on the average phone; students need to take the time to customize them and lock down their data.
Watch this video on How to Bulletproof Against a Stolen Smartphone
Here’s a detailed list of how to secure devices at college.
- Don’t leave your laptop in an unattended car or in a public place (library, dining room, classroom).
- Register your laptop with campus security if possible.
- Install laptop tracking software (e.g., Find My iPhone, Lojak) and enable Find My iPhone on the device.
- Spend time locking down the privacy and security settings on your smartphone — you won’t believe what you’re giving away for free and how damaging it can be.
- Don’t store personal information (SSN, passwords, etc.) in unencrypted files or insecurely in the cloud.
- Securely back up your files on a remote hard drive or a trusted cloud provider (iDrive, iCloud, Carbonite) in case your data is lost or frozen by ransomware.
- Lock your phone screen with at least a 6-digit passcode — the longer, the safer.
- Be mindful of malware and ransomware “updates” from untrusted sources.
- Be suspicious of communal workstations in dorms, libraries, etc. Never log in to websites with usernames and passwords unless you’re certain the computer is secure and won’t save your information.
- Turn on automatic computer operating systems, software and mobile app updates.
- Encrypt your laptop (Apple: FileVault, Windows: BitLocker) and smartphone (by using a strong password).
- Don’t take or store sensitive or embarrassing photos on your devices, as they are commonly exposed by hackers, friends or former girlfriends and boyfriends.
- Invest in strong security software with anti-virus, spyware and ransomware protection, even if you own an Apple.
- Don’t discard or sell old devices without professionally wiping them of all data and removing or erasing all SIM cards.
- Don’t insert strange storage devices (i.e., USB drives) and only insert such devices from friends or administration after scanning them for viruses.
Be Social Media Smart
According to Pew Research, in 2018, 90% of adults between 18 and 24 used the YouTube app, 76% used Facebook and 75% used Instagram. Our kids are spending a lot of time on social media, and all those platforms are collecting data — and selling it to advertisers. Unfortunately, cyber criminals are also accessing that data and using it to commit crimes or simply selling it on the dark web.
The default setting on social media platforms is to share everything, so students should start by un-defaulting their privacy settings. This one action will put them in the top 1% of savvy social media users. This blog post from last year explains the 6 Ways Your Facebook Privacy Is Compromised. Beyond that, teach your child to be careful about who they friend and what they share on social media.
You can find more tips on how you and your student can lock down social media accounts, as well as how to protect student data and devices on campus, in The Data Privacy & Security Checklist for College Students (PDF).
As you send your child off to college this fall, arm them with the knowledge and power to keep their identity safe — in both the real world and online. Most importantly, let them know that it’s okay to ask for help from you, the university or a trusted advisor.
About Cybersecurity Keynote Speaker John Sileo
John Sileo is an award-winning author and keynote speaker on cybersecurity, identity theft and tech/life balance. He energizes conferences, corporate trainings and main-stage events by making security fun and engaging. His clients include the Pentagon, Schwab and organizations of all sizes. John got started in cybersecurity when he lost everything, including his $2 million business, to cybercrime. Since then, he has shared his experiences on 60 Minutes, Anderson Cooper, and even while cooking meatballs with Rachel Ray. Contact John directly to see how he can customize his presentations to your audience.