ALBANY, N.Y. (NEWS10) – The New York State Department of Taxation and Finance is sharing information security guidelines on Jan. 28, which is also Data Privacy Day.
The Department says New Yorkers can help keep their sensitive personal information secure online and at home by following these suggestions:
- Be wary of unsolicited emails and telephone calls asking for personal information. Never share personal information, such as your Social Security number, in response to an unsolicited email or telephone call. If the email or call claims to be from a company you do business with, call it first to make sure the contact is legitimate. Scammers will also use scare tactics and threats related to tax debt to get you to share your personal and financial information.
- Secure your mobile devices. Apply software updates that fix known vulnerabilities as soon as they become available. Use security features built into your device, such as a passcode, and use programs that secure data and remotely wipe clean contents if the device is lost or stolen.
- Be careful with Wi-Fi hotspots. Public wireless hotspots are not secure, which means that anyone could potentially see what you are doing on your mobile device while you are connected to the Wi-Fi. Limit what you do on public Wi-Fi and avoid logging into sensitive accounts while on an insecure network.
- Be cautious about the information you share on social media. Avoid posting your birthdate, telephone number, home address, or images that identify your job or hobbies. This information may often reveal answers to security questions used to reset passwords, making you a possible target of scammers looking to access your accounts and personal information.
- Use strong passwords. Create different passwords for all your accounts. Use 10 to 12 characters in a combination of letters (upper and lower case), numbers, and symbols. Regularly change your passwords.
- Vary your security questions. Don’t use the same security questions on multiple accounts. Select security questions for which the answers cannot be guessed or found by searching social media or the internet.
- Use two-step verification to access accounts. To enhance the security of online accounts, whenever possible require a password and an extra security code to verify your identity when you sign in.
- Beware of phishing. Don’t click on links, download files, or open attachments in emails from unknown senders. Open attachments only when you are expecting them and know what they contain, even if you know the sender. Access more information on phishing from the Office of Information Technology Services YouTube page.