This week, I found out that someone opened a bank account in my name. I was able to block the account, but I am not receiving any help from the bank. They don't even have a phone number to let me talk to someone. Everything is done via email :(
What steps can I take, to protect myself online? By now, it is safe to assume that my SSN, address, employment info are in multiple databases somewhere. Given this scenario, any advice?
# Here are some of the things that I've done. Here's to hoping it's effective.
1) Everyone uses Bitwarden[0] to store their passwords. We have an Organisation account which makes sharing passwords easy. I check master passwords against HaveIBeenPwned, and ask they use the generated Bitwarden passwords for their accounts.
2) The least tech-saavy amongst my family either get Chromebooks (which I despise because Google), or they get a Windows machine that I lock down pretty hard [1]. The lock-down may look draconian to power users, but they've yet to mention they can't do something they want to.
3) Its listed in the link in (2), but I make sure everyone runs uBlock Origin. It's far more useful than an antivirus.
4) I have a few catch-all emails I encourage my family to use for subscriptions. When asked for an email, use [website name]@[family member code].[domain].[tld]. That way, unless spearfished, you're likely to know the true providence of an email.
5) We have a NAS that is 3-2-1 backed-up, and encourage everyone to keep sensitive information there. Hopefully this is enough to avoid cryptolockers extorting us.
# Things I want to do
5) It would be better if we used one of those self-hosted random email generators to prevent maliciously constructed email domains at our catch-all instilling false confidence.
6) I'd like to install PiHole [2].
7) I have a Twilio number that goes straight to voice mail and sends me the audio files and forwards SMS. I'd like to create these for my family (maybe using extension numbers?) so they can use them on forms.
[0] https://bitwarden.com/
[1] https://noteaureus.org/post/tutorials/sysadmin/win4unsavvy/
[2] https://pi-hole.net/