SEATTLE — Brett Johnson once made a living harvesting personal information from vulnerable accounts and naïve users, then turning around and selling it to other criminals on the so-called dark web. He was prolific enough to earn the nickname "Original Internet Godfather".
One 7-year prison sentence later, Johnson is now working on the right side of the law, consulting with the Secret Service to help educate and illuminate the dark web. He shared some of his old tricks and how to prevent data and identity theft.
“While these crimes are extremely scary, it's not really complicated to protect yourself,” he said. “There's basically three things you need to do, and it's the concept people need to understand that cybercrime criminals (are after) the low-hanging fruit. They're not actually out there looking for specific people, so just the basic level of security that you implement will protect you far and above everyone else.”
Brett Johnson’s three top tips to protect yourself from cybercriminals:
- Freeze the credit of everyone in your household, including children. It’s free to do, just contact the three main credit reporting agencies and they will freeze your credit. That means no new credit accounts can be opened until you unfreeze your credit.
- Monitor your existing accounts – financial, retail, entertainment, email, everything. Set up fraud alerts for any suspicious activity and keep a close eye on every transaction that posts to your bank and credit cards.
- Use a password manager to avoid using the same login and password for multiple accounts. This is one of the easiest ways for criminals to access your data.
“I can make a phishing email that looks like it comes from Bank of America, and I could send that out to millions of people,” Johnson said. “And all those millions of people, they may all look at that email and they'll say, ‘That's obviously a phishing email, I'm not about to fall for that!’
“But if I fashion a phishing email that looks like it comes from Hulu, now their level awareness is not going to be as high. And if they use the same password and login for their Hulu account that they use for their bank account, guess what? I've got your bank account.”
Using a password manager will help you create unique login credentials for all the sites you visit, and all you need to remember is one secure password for the manager. Right now, 80 percent of people use the same password across multiple sites.
Somewhat surprisingly, children are the most victimized segment of the population when it comes to identity theft. According to Johnson, one in four kids will be preyed on for synthetic fraud, tax fraud or medical fraud. That’s why he recommends freezing the credit of your children.
For more information on cybercrime, the AARP has put together a video tutorial.
Sign up now for AARP Washington's Free Online Speaker Series, "Sorting Fact from Fiction"
To help Washingtonians better sort fact from fiction, AARP, the Center for an Informed Public at the University of Washington and BECU are offering a four-part series of free online events called Sorting Fact from Fiction: Finding truth in an infodemic. The event is open to everyone. Pre-registration is required. Sign up now at AARP.org/factfromfiction.
- Sep. 16, 11 AM -- Jevin West, Confronting Misinformation: How to avoid falling for and spreading misinformation, disinformation, and “fake news”
- Oct. 3, 11 AM -- Brett Johnson, Inside the Mind of "The Original Internet Godfather": A former Dark Web mastermind details how scammers convince you to hand over your hard-earned money
- Oct. 14, 6 PM -- Jeffrey Hancock, The Future of Lying: The new rules of deception and trust
- Oct. 24, 11 AM -- David Mikkelson & Jevin West, The Truth is Out There: Fact checking tips and resources
Sorting Fact From Fiction is sponsored by AARP Washington in partnership with the Center for an Informed Public at the University of Washington and BECU.