Explained: Do I Need Norton Identity Protection and Similar Services?

Dennis Faas's picture

Infopackets Reader Marjie H. writes:

" Dear Dennis,

I just received an email offer from Norton Security asking if I would like to enroll in the Norton Identity Protection. In order to do so, the form says I need to provide my social insurance number. The protection being offered is free, so long as I renew my Norton Antivirus subscription. From what I understand, this service includes protection against personal credit, credit cards, bank, social insurance number (SSI), etc. My question is - with all this information they are asking for, what is the possibility they could be hacked and all my data is stolen anyway? "

My response:

This is a very good question.

The short answer is that "Yes," Norton could be hacked and your information can also be leaked to cyber criminals. As such I don't believe in enrolling in such a service is a good idea. I'll explain why I feel that way below; at the end of the article I'm also offering my expert services, in case anyone reading this needs help securing their PCs against such threats - including backups, passwords, sensitive documents, etc. If you need help just send me an email.

With that said - please be aware that cyber criminals often send out emails like the one you described, pretending to be from Norton, asking you for your social insurance number "in order to enroll you" in their service. Nothing could be further from the truth! This is a scam - so please be aware of this before entering in personal information on any website.

Generally speaking you can verify the identity of the website you're connected to - so long the website uses HTTPS to encrypt its paged - most do these days; to do so, click the green padlock next to the website name in your web browser, then review the SSL information about the site. In the case of Norton.com, it should say it is registered to Symantec Corporation, and not some third party website, for example.

With that aside - here is what I think about "identity protection" and paid antivirus / paid antimalware services, in general.

Explained: Do I Need Norton Identity Protection and Similar Services?

As far as I'm concerned, I don't think anyone should have to pay for antivirus, antimalware, firewall, or identity protection services. I think it is a waste of money. The reasoning here is that free, reputable antivirus / antimalware / firewall work just fine (even with the minimum protection turned on), so long as you're also using an up-to-date operating system such as Windows 10.

Both Windows 10 and free antivirus are rock solid in terms of protection - (I use Avast! antivirus with minimal protection). If I get infected with malware, I use Malwarebytes free (yes, free!) to scan and remove most infections. If that fails, then I use a backup to restore my operating system. Windows also has its own firewall which is enabled by default and is solid. It is the same firewall used on corporate networks running Windows Server, which protect millions of users world-wide.

Of course, there are a few caveats with this advice. You will need to ensure that:

  1. Your operating system is up to date with Windows Updates and Windows Update is working properly (here's how to tell),
     
  2. Your antivirus / antimalware / firewall is also up to date - most update automatically,
     
  3. You don't haphazardly click on links to download files from untrusted sources, or open every email attachment that comes your way, and you don't visit nefarious websites on a regular basis,
     
  4. And, you don't fall for tech support scams over the phone / on a website claiming that your computer is infected. Oftentimes scammers will ask to remote into your computer, then sell you fake software to "fix" the "problem" that doesn't exist - bilking you out of hundreds, or thousands of dollars. I'll explain more about this further down.

With this advice, you should be relatively safe from being infected with malware / allowing hackers into your system, and having your personal information leaked.

Therefore, when it comes to paying for "extra protection" - whether it's "identity protection" or an obscene amount of other "protection" that often comes bundled with paid-for antivirus - is, in my opinion, overkill and not needed. It also costs a lot of money. Why pay for it when you don't have to?

With that said, it's also worth noting that any extra "protection" you add to your PC will also slow it down (sometimes crippling it) - so please keep this in mind. When new customers hire me for the first time, it's always amazing to see how much junk they have on their systems because the software "told them" it was "fixing" something or "keeping them protected". Nothing could be further from the truth. That's why I believe in keeping things simple, which is why I only use minimal antivirus protection.

How to Store Your Personal Information on Your PC Safely

When it comes to dealing with sensitive information, I suggest using an external device to store the data - such as a USB thumb drive or external hard drive. I also suggest backing up the data to another external device, in case your originals are corrupt / lost. When you are done using the sensitive documents, unplug the device from the machine.

That way, your personal information won't be accessible to hackers, should your machine be compromised. You could also store the data in a password protected, encrypted form. Both MS Word or Excel offer this option. If the file was ever leaked, it would not open without a password and the data it contains would be encrypted, making it unreadable without the password.

Another option is to store your data on the "cloud" - so long as the data you're storing is encrypted and password protected. The reasoning here is that cloud storage can also be hacked - it's not secure by default just because it's "in the cloud". Also note that there are restrictions on how much data you can store depending on the service you use - if you go over, you will be charged recurring fees. As such as I suggest keeping cloud backups to a bare minimum.

Also worth noting is that some cloud services that run on the computer 24/7 such as Carbonite Backup can SEVERELY slow your PC down because it constantly scans your PC for files to sync - this also slows your bandwidth (Internet) down considerably. In this case, I suggest using a small folder or drive for your backups, or disable the real-time service.

How to Manage Passwords for Websites and Minimize Risk

Yet another great tip is to use a password manager to manage your passwords (such as Roboform) and to use different, randomly generated passwords for EVERY site you visit. That way, if one website gets hacked, that same password can't be used on another site (by hackers) to access more of your personal information. This advice is paramount in today's online world of website security breaches that can expose your personal information.

India Fake Tech Support: from "Microsoft"

As I mentioned above - fake tech support is a huge problem. Oftentimes scammers will call you on the phone, claiming to be from Microsoft (99.99% of the time from India) and that your computer is infected and needs to be fixed. They then ask for remote access to your machine. DO NOT FALL FOR THIS SCAM. Microsoft does not make calls of this nature. The only thing they want is your money, whether it is your credit card or bank account. Once these scammers have access to the machine, they often leave the connection to your machine active - which means they can get in later and look through your personal information. Please be aware of the scam and don't fall for it!

A similar scam to this is when you visit a website and suddenly your computer gets a popup message claiming that your computer is infected, and you "must" call a 1-800 number to get it fix. This is basically the same scam as I mentioned above. DON'T FALL FOR IT. I wrote an article in the past about this scam - including a video detailing the problem - you can view it here.

Conclusion

In the end, security best practices come down to being informed and making the proper decisions. If you make the right choices like the one's I've outlined in this article, then you certainly won't need the extra "protection" being offered - whether it's using paid "identity protection", paid antivirus, or some third party service. As I mentioned, the only protection I use is free antivirus with the minimum protection offered, coupled with Windows 10.

Additional 1-on-1 Support: From Dennis

I've outlined a lot of great ideas in this article that can help keep you protected online. If you need help setting up a password protected archive, backups, moving your personal data to an external drive - or even the cloud, a general security audit - you name it - I can help using my remote desktop support service. Simply contact me, briefly describing the issue and I will get back to you as soon as possible.

Got a Computer Question or Problem? Ask Dennis!

I need more computer questions. If you have a computer question - or even a computer problem that needs fixing - please email me with your question so that I can write more articles like this one. I can't promise I'll respond to all the messages I receive (depending on the volume), but I'll do my best.

About the author: Dennis Faas is the owner and operator of Infopackets.com. With over 30 years of computing experience, Dennis' areas of expertise are a broad range and include PC hardware, Microsoft Windows, Linux, network administration, and virtualization. Dennis holds a Bachelors degree in Computer Science (1999) and has authored 6 books on the topics of MS Windows and PC Security. If you like the advice you received on this page, please up-vote / Like this page and share it with friends. For technical support inquiries, Dennis can be reached via Live chat online this site using the Zopim Chat service (currently located at the bottom left of the screen); optionally, you can contact Dennis through the website contact form.

Rate this article: 
Average: 4.9 (9 votes)

Comments

Richard Robinson's picture

I opened and cleaned my desktop PC and must have disturbed BIOS battery as when finished had to update time date etc to startup. then FAIL "Inaccessible boot device" Tried every option on windows screen to no avail. So did restore from backup (EASEUS) but this did not fix the error! I had to do a clean install of windows 10 from USB stick which needed to be manually started cause win 10 would not allow USB boot! I am annoyed as the "Inaccessible boot device" WAS accessible as windows repair etc happily accessed doing "repairs", Thanks MS for crap loader maybe secretly storing stuff in my BIOS ??? then sulking when info accidentally erased.

bern's picture

If you live in the UK you are plagued with calls purporting to come from Microsoft. 'Hello my name's Derek.' Comes the voice with a heavy Indian accent. The also use numbers that look like UK numbers and say they are in the UK. Ask them their work address and then when they have said it, ask them for the zip code and listen to them squirm. My wife likes to play the dumb granny with them. The record is 22 minutes before they realise that in fact they are being had and the PC isn't actually turned on. As she says that 22 minutes they can't hassle someone else.

aquaman100_2510's picture

Last year I was getting calls from "Microsoft" about my computer being infected. The first thing I asked was give me my key # because I had multiple computers in my home and wanted to "make sure they had the right one", he said if I followed his instructions he could determine which one was infected. I would follow his instructions until it would grant him access to my system and push the wrong one and have to start over again, I played this guy for a hour and finally he put his "supervisor" on, I played him for about half an hour and told him I had an important meeting and had to go. Guess what! the next day the same guy called back, so, I played him again. I think the guy was in tears, finally, he put the "supervisor" back on and I played him again. Finally after THREE DAYS of this I told the guy that the call was being monitored by the police and they were in the process of notifying the authorioties there. I never got another call, it was fun while it lasted.

sytruck_8413's picture

Excellent article Dennis,

I couldn't agree more. Almost. The ONLY piece of software, besides Quicken, I pay for is Eset/nod32 antivirus. Been using them for years. It doesn't seem to slow my machines down. It also catches/blocks the occasional website that I might click on during a search. Over the years, in my experience, the free AV programs do slow down machines by adding all kinds of "fluff.". Some worse than others. I have never had Windows Defender catch anything that I was aware of. Maybe it did and it didn't tell me. :-) I also use LastPass and like/recommend it.

Side question: I have a new laptop coming. First new computer I've bought in years. I like to know your thoughts RE cleaning the crapware that will be on the machine. I know about CCleaner and Revo uninstaller etc but do you have any personal recommendations you'd like to pass on?

Thanks

guitardogg's picture

Thanks Dennis! Good, sound advice. Now if we could just get the PC manufacturers to stop putting all the "bloat ware" on new PC's!

walter.crawford1939_4883's picture

The best HELP site on the web. User friendly and full of sound advice in plain English.

Many thanks.