So you have a crosscut shredder and you know to hang up on that “you owe back taxes” phone call, but personal information can get leaked in a lot of other ways. Here are a few personal data security tips that you might not have considered.
Never email your Social Security Number
No matter who someone claims to be, there is never a reason to send someone your Social Security Number via email. Even if you are initiating contact with someone you believe works for the IRS. This happened to a writer at Lifehacker—she wrote an article about the 2020 Economic Impact Payments, and a number of readers somehow got it into their heads that she was from the IRS and began emailing questions that included a lot of personal information. Don’t ever do it. Even if you somehow are in contact with the IRS or other government entity via email (which is exceedingly rare), they already have your SSN and other information. If someone you don’t know is asking for your number via email, they’re up to no good. If it is someone you do know, with a legitimate reason to need your SSN, there are safer ways to relay this information.
(The entire above paragraph also applies to text messages. Don’t text your Social Security number, either.)
Never email an account number or PIN
On a similar note, it is a bad idea to email financial account numbers. If you get the wrong address, you could accidentally send your information to someone else. In the same way the federal government already has your Social, any business you have an account with already has your account number. They can look it up. You also never know what the email security protocols are like on the other end. Even if the security system itself is robust, how do you know your email isn’t sitting out in full view on an unlocked computer, while the recipient walks away (or leaves for the night)?
Never give additional information
If you successfully opened an account or membership with a company, you have already provided them with all the information they need. For example, if you sign up for Netflix, all they need from you is your name, email address, phone number, and payment information. However, phishing emails that appear to come from Netflix appear in inboxes every day, and many of these contain links to fake websites designed to harvest further information, such as banking passwords/PINs, Social Security numbers, and other personal details. Don’t do it. If they needed a piece of information, they would have asked for it before opening the account.