The New York State Office of Information Technology Services and the Department of State Division of Consumer Protection today reminded consumers and businesses to protect their online privacy and information from unscrupulous scammers, and shared several key privacy and data security tips with New Yorkers as part of an effort to raise awareness in recognition of National Data Privacy Day on January 28.

"Data Privacy Day serves as an important reminder about how we can keep our data safe from cyber criminals with tips we can follow all year long," said New York State Chief Information Officer Robert H. Samson. "While New York State is a leader in keeping New York's critical infrastructure secure, thanks in large part to Governor Cuomo's leadership, taking appropriate steps to safeguard personal information to minimize risk and avoid becoming a victim is the responsibility of all New Yorkers."

"This is a great opportunity to remind New Yorkers of online dangers and to take steps to safeguard their personal information," said New York State Secretary of State Rossana Rosado. "All New Yorkers should perform online security checks and be vigilant to prevent breaches that could wreak financial chaos on people's lives."

According to the 2017 Internet Crime Report published by the U.S. Federal Bureau of Investigation, New York State ranked fourth-highest in the nation in the number of internet crimes reported, costing State consumers more than $88 million in losses. This is a decrease from the $106 million in losses the previous year.

To keep personal information and data safe, follow these tips:

• Be wary of unsolicited emails and calls asking for personal information. Never share personal information, such as your Social Security number, in response to an unsolicited email or telephone call. If the email or call claims to be from a company with which you do business, call it first to confirm the contact is legitimate.
• Secure your mobile devices. Apply software updates that patch known vulnerabilities as soon as they become available. Use security features built into your device such as a passcode, and use programs that encrypt data and remotely wipe contents if the device is lost or stolen.
• Be careful with Wi-Fi hotspots. Public wireless hotspots are not secure, which means that anyone could potentially see what you are doing on your mobile device while you are connected. Limit what you do on public Wi-Fi and avoid logging into sensitive accounts.
• Know your apps. Be sure to thoroughly review the details and specifications of an app before you download it. Review and understand the privacy policy of each mobile app. Be aware that the app may request access to your location and personal information.
• Be cautious about the information you share on social media. Avoid posting your birthdate, telephone number, home address, or images that identify your job or hobbies. This information may often reveal answers to security questions used to reset passwords, making you a possible target of scammers looking to access your accounts and secured information.
• Use strong passwords. Create unique passwords for all your accounts. Use 10 to 12 characters in a combination of letters (upper and lower case), numbers and symbols. Individuals should regularly change their passwords as well.
• Change your security questions. Don't use the same security questions on multiple accounts. Be careful to select security questions for which only you know the answer. Make sure the answers cannot be guessed or found by searching social media or the internet.
• Turn on two-step verification to access accounts. To enhance the security of your account, require your password and an extra security code to verify your identity whenever you sign-in to your accounts, where available.
• Beware of phishing. Do not click on links, download files or open attachments in emails from unknown senders. It is best to open attachments only when you are expecting them and know what they contain, even if you know the sender. And be wary of calls or texts asking for your personal information.
• Use automatic updates and back-up data. Make sure automatic updates are turned on for your software and that you back up all information.
• Monitor your financial accounts. Review your bank, credit card, and account billing statements carefully to check for suspicious activity. Report any suspicious charges immediately to the responsible financial institution.
• Check your credit report regularly. If you identify inaccurate, suspicious or unusual activity on your consumer credit report notify the consumer credit reporting agency and the affected financial entity immediately.
• Consider placing a security freeze on your credit. New Yorkers can "freeze" their credit to prevent prospective creditors from accessing their credit file and opening accounts in their names. You can do so by contacting:
  • Experian: 1-888-397-3742
  • TransUnion: 1-800-680-7289
  • Equifax: 1-800-525-6285
• Keep records. Keep all notes and records about the security breach in the event fraudulent activity arises later.

Acting Commissioner of Taxation and Finance Nonie Manion said, "This reminder to safeguard sensitive personal information is a timely one, as the tax filing season is now underway. Identity thieves routinely use the stolen sensitive personal information to file fraudulent refund claims. If you think you may be a victim of tax-related identity theft, please visit our Report fraud, scams, and identity theft webpage for assistance."

Financial Services Superintendent Maria T. Vullo said, "New York continues to be at the forefront in protecting both the critical data of consumers and the financial services industry, as demonstrated by our landmark cybersecurity and credit reporting regulations. Today we urge consumers to do what we they can to remain vigilant and take all necessary precautions to ensure personal data does not end up in the hands of cyber criminals."

New York State Division of Homeland Security and Emergency Services Commissioner Roger L. Parrino, Sr. said, "In the modern world, personal information has become some of the most sought-after information for cyber criminals as they not only have the ability to sell it for a profit, but also use it to further their own illegal activities. By following some simple, common-sense steps, New Yorkers can protect both their and their family's personal information and ensure they never become a victim of cybercrime."

New York State Chief Information Security Officer Deborah Snyder said, "National Data Privacy Day brings awareness to the importance of protecting personal information. The Internet makes it easier than ever to share data and files. However, many people don't recognize the potential privacy risks of their online activities."

For more helpful cyber tips, and additional online safety resources, including real-time advisories, visit the New York State Office of Information Technology Services website at https://its.ny.gov/eiso.

For more information on security breaches and avoiding identity theft visit the Division of Consumer Protection website at dos.ny.gov. Consumers may also contact the Division's Consumer Assistance Helpline at (800) 697-1220. You can also follow the Division of Consumer Protection on social media on Twitter (@NYSConsumer) and Facebook (www.facebook.com/nysconsumer).

###