If you’ve been online for any length of time, you’ve likely left behind a digital footprint big enough to be used in some kind of online scam. The names of pets, your alma matter, former workplaces, restaurants you like, hobbies and more, all stretch out behind you. Places online where you browse, shop, leave reviews or comments, even appearing in someone else’s contact list, these are all easy to find breadcrumbs for scammers, hackers and other cybercriminals.
Left alone, these bits of information don’t amount to much; but grouped together, they flesh out a profile that can be used against you. Very few of us are diligent enough to scrub our online trail well enough so that it can’t be picked up by a dedicated scammer and used for malicious purposes.
How scammers use your data against you
Think about the life you live online: Social media sites from Facebook to TikTok, job sites like LinkedIn or alumni sites, government databases, libraries, company websites. Resumes that might hold your name, contact information and even your address. Next, consider those little tidbits of information like a nickname, a job title, a former city, a restaurant you visited while traveling, or a dead pet.
Scammers can get details about your life from all over the web from public pages that hold your biography and job history to social media sites that have your photos. They can also find your phone number and address in data breaches, and hit up data brokers for even more info.
They don't usually even have to try that hard. Your active footprint—composed of things you willingly share like product reviews and public updates—can be combined with your passive footprint, which includes cookies, GPS data in photos, and your browsing history, to create a complete enough picture for malicious behavior.
What you can do to reduce your digital footprint
There are a few easy-to-follow pieces of advice: Be extremely limited about what you share publicly, check photos for GPS data before posting, avoid oversharing travel plans, and skip those 'fun quizzes' or detail surveys.
You should also use one of the best password managers (or passkeys) and two-factor authentication whenever possible to protect your accounts. Likewise, you want to follow the rules of phishing to avoid common scams and use – as well as update! – the best antivirus software on all of your devices. Aside from that, here are some additional tips to help limit your digital footprint from becoming massive.
No public logins
Maybe it's the security editor in me, but this would never occur to me. However, if you're ever attempted to log into an account in a public place or from someone else's account: Don't. If it's an absolutely necessity, make sure that your username and password are forgotten from the page or device afterwards.
Don’t link logins
This one is admittedly harder, but use separate logins for third-party apps and websites instead of using your Google, Facebook or Apple account. Yes, it’s really simple to just use one of your existing accounts, but if you do, and one of them gets hacked or is exposed in a data breach, then all of the others are at risk too. This also means they might be sharing things between them, like your location or partnering up with other third party companies to share your details. If you don’t link accounts, there's less data that can be shared between them.
If you want to be extra discreet, you can create a few extra Google accounts to use for various purposes – one just for work, one for browsing online, or one for shopping.
Know your browser options
Though private browsing doesn’t actually guarantee your privacy, it does keep your browser from saving site data, browsing history and cookies locally. This way, you can browse without being logged in. That's helpful if you share devices but this also makes it easier to delete cookies, so you can be treated like a brand new user every time you visit a website.
Your web browser likely offers other privacy settings you should take advantage of. For example, Chrome, Firefox and Brave have “Do Not Track” options, which add a specific HTTP header to web requests. Though this does require the servers that see the request to respect it, it asks them to not track users who visit their site and to not store cookies.
JavaScript is sometimes seen as an issue because of browser fingerprinting, a somewhat invasive method of identifying a user based on the unique characteristics of their browser and device. This is considered more invasive because it works even when a user has indicated they don’t want to be tracked and collects information like screen resolution, fonts and installed browser extensions. The sites that do this collect information using JavaScript, so disabling it is one way to avoid having your information collected. However, doing so will break a lot of websites.
Additionally, using a VPN makes it harder to link your information to your location, and using privacy-focused browser extensions can also block some of these tracking scripts. Speaking of which….
Use a VPN
To help with overall privacy, use a VPN. Doing so can disguise your online activity from your ISP. This limits what your ISP can see to just upload and download speeds, the amount of data you’re using, and that you’re using a VPN. It also encrypts your IP address online, which makes your internet traffic more private and this is why many people swear by one.
However, as VPNs can slow down your internet speeds, you want to make sure that the one you use is easy to turn off and on.
Check your default apps
Some apps are just terrible for privacy. It’s true. Some messaging apps don't use the RCS standard, or end to end encryption when they should, and some store files in the cloud without using strong encryption. Apps have gotten into trouble for violating the privacy rights of children, while some shopping apps have received criticism for collecting too much personal data, and medical apps have been known to share users' personal medical dataeven when they absolutely shouldn't.
If there's an app you rely on, and use frequently, know what it's collecting and why by checking its permissions in settings. And if there's an app that's lingering on your phone that you don't use anymore, delete it and close your account.
A more personalized experience (even for scammers)
In the same way that almost every company these days wants to provide a more personalized experience, the same is true for scammers. By personalizing their phishing messages and scam calls, cybercriminals are much more likely to get a response. Once they have your attention, all of those personal details they've collected can really sell a scam home.
By limiting what you share online and reducing your digital footprint, you're giving scammers less ammo to use in their attacks. However, you're also protecting your privacy from the government and corporations at the same time, which is a significant win-win for everyone.
Follow Tom's Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds.
More from Tom's Guide
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
