NEW YORK — If anyone knows about cyber surveillance, it’s Mary Galligan.
Until recently, she led the cyber and special operations team at the FBI’s New York office — the agency’s largest surveillance operation. That included catching hackers like the infamous “Sabu” and using him to hunt down other hackers.
Galligan is now a security and privacy consultant at Deloitte. Here’s how she protects her privacy.
1. Change passwords once a month. Passwords are the keys into your life. If a criminal gets access to your email or any of your online accounts, it’s surprisingly easy for them to worm their way into other aspects of your life.
Assume your passwords will periodically get compromised. Adobe, AOL, eBay, Kickstarter and Yahoo have all had major security glitches in the past few months.
2. Give the wrong contact information at checkout. Every time a store clerk asks for your zip code or phone number, that data gets aggregated. So retailers not only have databases that show where you live. They can find out much more about you, like your salary, credit history and birthday.
Recent data breaches — like last year’s Target hack — show that companies aren’t responsible enough to safeguard that information. That’s why Gilligan said she always gives clerks a phone number and zip code that aren’t hers.
But she laughed while recalling one time this backfired on her. She was shopping with her 7-year-old niece — who called her out for lying.
3. Need photo ID? Don’t show your driver’s license. This is a general rule for privacy. Don’t reveal more than you have to. A driver’s license shows your birthday and address.
Next time your doctor’s office asks for identification with a photo, show them something else, like your office building badge.
4. No banking apps. Gilligan is particularly careful about access to her bank account. Although most credit cards have fraud protection, your checking and savings accounts don’t.
Because of how easy it is for a computer to get infected with a malware that spies on you, Gilligan doesn’t shop and bank on the same computer. That includes her phone.
5. Keep one email account for junk mail only. When companies demand an email address, Gilligan gives them a dummy account reserved for marketing.
It gets bombarded with spam and annoying advertisements — and shields her real email from the junk. And if those companies get hacked, her real account remains safe.