How to protect your identity online [Part 1] [Extremely DETAILED]

The information I will provide might make you paranoid by the time you are done reading this, so if you don't want to be informed and paranoid, please don't read this.

I will be covering:

1) History - Hackers
2) Website owners
3) Your name
4) Your e-mail
5) What you sign up to
6) Information you expose unknowingly
7) Keeping you safe

You hear it on the news, you read it on the newspaper, you live with it everywhere without even acknowledging its existence.

"Hackers have stolen identities" I have heard that line so many times this year, it is ridiculous.

Companies promising to "defend" your identity, memberships giving their words to keep your information to themselves only, the government reassuring that they will only have access.

All this is a lie as information ALWAYS gets leaked or there is an inside worker providing information out into the black market.
Not only that, but securities on big companies are always exposed and hackers always find their way in.

1) History - Hackers

I will explain briefly on the type of hackers that there are out there for the sake of academical knowledge. These descriptions are not in dept, instead they are meant to slightly touch the subject and educate those are who are unaware of these titles on the cyber world.

1) Black Hat Hackers - These are the most infamous hackers there are. These are the guys you hear about it on the news due to committing crimes. These people are whose purpose is to gain information and use for their own need. They could be anyone.

-Black Hats tend to be professionals at what they do and are extremely well informed on everything related with the cyber world and crimes.
-Black Hats tend to be educated people who have worked many years to accumulate all the knowledge they hold. They are not your kid who uses "hacking tools" to scare their gaming buddies online.
-Black Hats is the image typically portrayed on movies.

2) White Hat Hackers - These are the lesser known hackers simply because they do the clean up work that goes behind the scenes cleaning up the messes from Black Hat Hackers.

-White Hats are the heroes of the cyber world. They fight crime using their hacking knowledge to patch exploits on system and assure that your information does not gets leaked out or easily acquired by any Black Hats.
-White Hats are professionals at what they do. They have as much knowledge as Black Hats, but use their skills to fight crime rather than aid it.

3) Gray Hat Hackers - These are the somewhat known hackers simply because they are unpredictable on what their actions might turn into. They are known as "Gray Hats" because it's a mixture between the color White + Black = Creating: Gray

-Gray Hats are essentially neutrals on what they do. They might decide to do what's right even if there's some other entity telling them that it's wrong or could be vice versa.

For example, Black Hat steals bank information and leaks out on the internet. Gray Hat could either decide to either use the information OR let the owners, authorities, or the companies know of the exposure.



2) Website owners

Websites, there are millions of them around the world in all languages. You can keep yourself entertained on them or you can become smarter reading potential useful information as you are reading now.

Do you ever wonder "Who owns this website?" or "How can I find out who owns it?"

I decided to include this topic on here since more and more people decide to pay for hosting services to have their very own website for either personal usage or some sort of business.

Well, unlike in the real world where you fill out papers and they get stacked or hidden in some compartment where not a random person could have access. Websites expose your information unknowingly. Maybe not the websites themselves, but the companies that provide hosting services.

I will use this website "HackForums.net" as an example to teach what I'm talking about.

There is something known as a "whois" that essentially tells you who registered the domain name.

You can easily Google "whois domain" and a huge list of websites that allow you to whois either a location or a domain to find its location.

My favorite website to do whois is:

http://whois.domaintools.com/

Now, if we do a whois on HackForums.net, here's what we get.

Quote:Domain Name: HACKFORUMS.NET
Registrar: MONIKER

Registrant [2341726]:
Moniker Privacy Services
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US

Administrative Contact [2341726]:
Moniker Privacy Services
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Phone: +1.9549848445
Fax: +1.9549699155

Billing Contact [2341726]:
Moniker Privacy Services
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Phone: +1.9549848445
Fax: +1.9549699155

Technical Contact [2341726]:
Moniker Privacy Services
Moniker Privacy Services
20 SW 27th Ave.
Suite 201
Pompano Beach
FL
33069
US
Phone: +1.9549848445
Fax: +1.9549699155

Domain servers in listed order:

NS1.DALLAS-IDC.COM
NS2.DALLAS-IDC.COM
NS1.ZANMO.COM 69.162.82.250

Record created on: 2005-09-27 14:18:41.0
Database last updated on: 2010-11-29 02:16:59.78
Domain Expires on: 2011-09-27 14:18:41.0

As you can see it exposes a lot of information that you wouldn't want strangers to get a hold of you and then use to sell for their own good.

  Common Hacking Forums, Websites are registered as a "Private" domain, so no real information is shown of the real owner. Instead, it displays the information of the company providing the service for the domain or hosting.

This is also how you can contact a company if you want to report a website with disgusting content such as child pornography.

I'm not going to whois a person's website since it would be against the rules to expose personal information about anyone, but I believe that you get the idea of what can be done to discover information such as address, name, phone number, fax number, and more using nothing but a website name.

Experienced website administrators always should use Private domains to avoid exposing information to the public as much as possible.

If you have a website, whois it yourself and find out whether if you are exposed or not. If you are, call the company you registered your domain and request your domain to be put as private. They might require a fee of around $7 extra a year, but it's worth it knowing that you're not exposed.

You could also find out the ISP or company by doing a ping on an IP.

Example,

Open Command Prompt and type "ping Hackforums.net" the response will be an IP. Once you have that IP, you can use:

http://iplocation.net/

To tell you where the servers are located and giving you a definite location for the company's machines.

http://iplocation.net/ Can also be used to find the location of a person's location with their IP.


3) Your name

Your name is as unique as you can be. Your parents/guardians named you and that's what makes you, you.

Your name can be your worst enemy when you are online as it can be used to expose so much information about you to the point of where you could be blackmailed.

Where should you ever use your real name online? NEVER. Why? Because, using your name alone anyone can find out where you live within a matter of 5 seconds.

Websites such as:

http://com.lullar.com/

http://www.pipl.com/email/

http://www.spokeo.com

http://www.emailfinder.com

http://www.411.com/
http://www.ask.com/
http://www.bebo.com/
http://www.facebook.com/
http://www.flickr.com/
http://www.ip-adress.com/ipaddresstolocation/
http://www.myspace.com/
http://www.myyearbook.com/
http://www.searchenginez.com/findpeople.html
http://www.skipease.com/
http://www.sonico.com/
http://www.spock.com/
http://www.twitter.com/
http://www.usatrace.com/
http://www.whitepages.com
http://www.whois.com/
http://www.whois.net/
http://www.wink.com/
http://www.youtube.com
http://www.zabasearch.com/
http://www.zoominfo.com

Make it extremely easy to search names, e-mails, etc to dig information about whoever you want. There are more websites in which I personally use to dig information about people, but I will not mention them since I do not want the news station going crazy on a new rage of identity exposers.

Here's an example of a person I searched for the sake of showing.


I have satellite pictures using Google Earth to pinpoint exactly where she lives and what her house looks like, but I will not expose that.

Where is this information normally exposed? Hmm...I'll let you guess. Or maybe not...The answer is Social Networks. Ah, Facebook, Myspace, Orkut, and so many others...The list goes on and on.

I highly recommend that you NEVER use your real name, instead use an edited name or initials instead rather than exposing your real name to the real world. If your friends on social networks already know you, they should not need to see your complete name as they will already know you.

For example,

Bill Gates

My recommendation would be to use "Billy Gates" simply because a letter being off makes it so incredibly difficult to pinpoint someone.

You can use your imagination for what you should replace your name instead of your real name. That is, if you want to avoid being looked up.

Something I have found based on experience is that it's much more difficult pinpointing teenagers on the internet since they are not normally registered with government database that eases finding them.

If you are a teenager, do not have your parents names exposed as the name of your parents can be used to pinpoint you or vice versa, if you are a parent. Ironically, it's the teenagers that expose more information than adults and yet, they are the ones harder to pinpoint.