Online Identity Tips

How safe is personal information that is collected about you online? Here are a few tips to help keep information about you where it belongs.

How do you know if a site is secure?

• Web browsers contain a padlock icon when you are on a secure page
• Check the SSL security certificate by double clicking the padlock icon
• Be sure that the URL (site address) on the certificate matches the URL of the page you are viewing — the URL should begin with HTTPS instead of HTTP
• Pay close attention to the URL of the site you are visiting to make sure it is actually the site you believe it to be
• When you're finished with any secure online session — such as online banking - always remember to log out or close your browser window, particularly when using public Internet access services

What can you do to protect yourself online?

• Use anti-virus software and keep it up to date
• Don't open emails or attachments from unknown sources — be suspicious of any unexpected email attachments even if it appears to be from someone you know
• Protect your computer from Internet intruders by using firewalls
• Regularly download security updates and patches for operating systems and other software
• Create a hard-to-guess password by mixing upper case, lower case, numbers, and other characters not easily found in a dictionary — make sure it is at least eight characters long
• Back up your computer data regularly
• Don't share access to your computers with strangers — learn about file sharing risks
• Disconnect from the Internet when not in use
• Check your security regularly — for example, when you change your clocks for daylight savings time, reevaluate your computer's security
• Make sure your family members and/or employees know what to do if your computer becomes infected

What is "phishing", and how do you protect against it?

"Phishing" involves Internet fraudsters who send spam or pop-up messages to acquire your personal information, such as credit card numbers, bank account information, Social Security number, passwords, etc.

Here are a few tips to protect yourself against "phishing":

• If you get an email or pop-up message that asks for personal or financial information, do not reply — don't even click on the link in the message
• Never email personal or financial information to anyone
• Review credit card and bank account statements as soon as you receive them
• Be cautious about opening any attachment or downloading any files from emails
• Forward spam that is "phishing" for information to abuse@Ally.com or send us a message now
• We work hard to keep your identity safe, and will never ask you for personal information through email

How to deal with identity theft

Here are a few tips if you believe you may be a victim of identity theft:

1. Contact us at 1-877-247-ALLY (2559) to place holds on your accounts
2. Contact the Social Security Administration's Fraud Hotline at 1-800-269-0271 to report fraudulent use of your identification information
3. Report the incident as quickly as possible to each of the credit reporting agencies:
   • Experian: 1-888-397-3742
   • Equifax: 1-800-525-6285
   • TransUnion: 1-800-680-7289
4. File a police report in your local jurisdiction and retain the report number and the name of the officer who took the report
5. File a complaint with the Federal Trade Commission (FTC) by contacting the FTC's Identity Theft Hotline at 1-877-IDTHEFT (438-4338)