Related Topics (Ads):
Understanding the potential threats can help keep your online accounts safe. But do you know what this really means? You’ve likely spent a good deal of time thinking about investment risk. But have you stopped to think about more personal security issues, such as the safety of your online financial transactions and information stored on your computers? While most people recognize that online fraud or cybercrime is a potential threat, few know how or why they may be at risk. Cybercrime can take many forms, and understanding who the enemies are and how they commit crimes may allow you to better defend yourself.
The “Bad Guy”
Economic cybercriminals pose the greatest online risk to your family’s personal financial data and assets. Make no mistake, many of these thieves are highly skilled and sophisticated. They may be individuals or coordinated groups that use technology to steal. For most of us, cybercrime can best be described as an extension of traditional criminal activity focused on personal financial data and monetary theft.
Related Topics (Ads):
How do cybercriminals operate?
Indiscriminate targeting. In some cases, cybercriminals cast a wide net with “phishing” scams, among others, and hope the sheer quantity of potential victims will yield sufficient economic benefit (see “The makings of a cybercrime,” below, for more details on how cybercriminals attack).
Specific victim targeting
A growing and more concerning trend is the specific targeting of high-net-worth individuals. In many of these cases, criminals spend a great deal of time and effort identifying a worthwhile target and then developing a victim profile based on public and private information. This includes property records, credit information obtained via hacking, and posted details on social networks with the goal of stealing assets from financial accounts.
Related Topics (Ads):
Although the actual criminal act can take several forms, the basic steps are often similar. Below is a relatively common scenario:
- Step 1: The thief sends an email with a link or attachment to the victim that appears to come from a known party. The targeted victim then clicks the link or attachment, which includes malicious software (malware) that infects the victim’s computer.
- Step 2: The thief uses installed malware to steal login credentials to the victim’s financial accounts or to remotely control the victim’s computer. This will generally allow the thief to log in as the victim.
- Step 3: With access to accounts, the thief changes the victim’s profile at the financial institution and/or impersonates the victim and moves money to criminal accounts at a different institution.
That’s the bad news. The good news is that with some simple steps, you can improve your defenses and reduce your vulnerability to this type of crime. So how do I keep your online accounts safe?
Related Topics (Ads):
Protect your online access with unique user IDs, passwords, and 2-factor authentication for each site
Treat your computers and websites as you would your front door—restrict access and use tough security measures. Passwords are the keys to your online financial information. If cybercriminals find them, they can unlock the doors to your bank accounts, investment accounts, and your personal information. Unfortunately, a significant amount of malicious software trolls the internet looking specifically for account credentials (IDs and passwords). With an inadvertent click on what appears to be a legitimate link or the opening of an attachment designed to look legitimate, this software can be loaded on your machine and be ready to take your “keys.”
Go for 2. Adding an additional layer of security when you access your accounts, called 2-factor authentication, is a strong defense against most common attacks. Lots of major corporations, companies and apps now offer 2-factor authentication. It requires you to enter a unique security code, randomly generated and sent to your phone or other mobile devices, in addition to your standard login ID and password. While not completely foolproof, 2-factor authentication raises the bar for cybercriminals trying to access your accounts. Consider enabling 2-factor authentication for non-financial sites, such as your mobile phone billing sites (e.g., AT&T, Verizon, T-Mobile, Xfinity) and email sites (e.g., Google Gmail, Apple, Microsoft, Yahoo, Hotmail). Make sure your financial sites and email providers have your mobile phone number as it is generally used to secure your online access.
Related Topics (Ads):
Change Your Passwords & Logins Often. Don’t Use The Obvious Like Names, Birthdates, Places You’ve Lived Before, Etc
Go long and stay strong. You’ve probably heard this before, but it bears repeating: Never use names, birth dates, Social Security numbers, or any personally identifiable information as your login ID and password. Use a different password for every application and website. Why? The dangers of password reuse. Every year there are data breaches and more sets of credentials (user IDs and passwords) leaked onto the internet. It is common practice these days for criminals to collect these credential dumps and try these login IDs and passwords at financial sites, email providers, mobile phone providers, social media sites, and others. If a customer were to use the same password here that they used on another website, and another account was breached, their account could be at risk. What constitutes a good password? Long (10 or more characters), and complex (combination of special letters and numbers) help make passwords more unique. A string of unrelated words with numbers and special characters in between is best. Stay away from single dictionary words or common combinations of words.
Related Topics (Ads):
Use A Password & Login Manager, But A Secure & Legit One. Beware of Scams
These days, most of us have dozens of passwords covering multiple devices and everything from email accounts, telecom billing, and subscription services, to social media, online shopping, and banking. Remembering all these passwords, and changing them frequently, just isn’t sustainable and as a result, we have a tendency to reuse the same password everywhere. This is the worst practice though. Fortunately, there’s an app for that. Password manager apps generate and store all your passwords in a secure environment. They’ll even auto-fill login information for stored sites. Many now sync your passwords across all your devices and automatically generate new ones on a regular schedule. The cost of state-of-the-art password managers is negligible—especially when compared with the convenience and security they provide.
Related Topics (Ads):
Secure devices and software, keep them up to date and perform regular backups
One of the smartest things you can do to keep your financial information safe is to use modern and up-to-date, operating systems. Software makers have teams of cybersecurity specialists dedicated to fixing vulnerabilities in their current systems, and they are always on the lookout for new ways cybercriminals can hack into their products to access users’ computer files or install malicious software.
Updating your systems is easier than it used to be. Today, most operating systems let you set your preferences to automatically install updates and patches as soon as they are available. That goes for software too, including antivirus protection. Don’t forget to update your mobile phones and tablets, and the apps installed on them. You can set update preferences to do this automatically on your devices.
Related Topics (Ads):
You can never have too much backup. Backing up your data is good system hygiene. It prevents your information from being lost forever and immunizes you from ransomware attacks. In this increasingly common scheme, criminals lure you into clicking an email link that downloads malware and blocks your access to the computer. The perpetrators can hold your hard drive hostage, demanding a hefty ransom to unblock it. If your system data is backed up elsewhere, it eliminates any leverage the scammers have, neutralizing their threats.
Backups are most effective when done frequently. Savvy users employ redundant methods—typically a USB-connected external storage device in tandem with an encrypted cloud-based service. External storage offers more immediate data retrieval, while cloud-based services can store much more data. Also, in the event of a flood or fire, both the computer and external storage device may be lost, but offsite backups to a cloud-based service would be safe.
Don’t forget to include mobile devices in regular backups. This can be done via a cloud-based service, but a full backup may require connecting to a computer. By syncing up your photos and home movies to your computer, they will then be included in regularly scheduled backups, keeping them secure.
Related Topics (Ads):
Avoid accessing any sort of important accounts or e-commerce sites through links in email
Cybercriminals are getting smarter about making their phishy emails look legitimate. These emails mimic those of financial institutions, complete with logos and convincing signature lines. Sometimes, the criminals impersonate emails appearing to come from friends, family members, or professional contacts you trust. Searching Google and social media sites make it easy to personalize these emails with your name and subject lines like “Your recent transaction with us.” All of this is designed to lower your guard so you’ll be more apt to click a link to a fraudulent version of your financial website. This allows the scammers to download malicious software onto your computer or gain access to your passwords and usernames.
When it comes to security, emails cannot be trusted. Avoid clicking links in your emails to access your financial sites online, no matter how compelling the language in the email appears. Instead, go directly to your provider’s website by using a link you’ve saved in your “Favorites” menu. That way, you’ll be sure you arrive at a legitimate website. Always look for the “https” prefix in the site’s address. This indicates that the connection to the site is encrypted to protect your sensitive data from prying eyes. And if there is an ask by email to send money, always call your contact by phone to confirm the request along with transfer details even if you were expecting the ask.
Related Topics (Ads):
Always access your accounts from a secure Wi-Fi location, not public Wi-Fi
Your home Wi-Fi network comes with built-in security. Your network provider supplies you with a wireless router ID and password, but these are default settings. Cybercriminals know the defaults for major network providers. If you’re using these settings, your “secure” home Wi-Fi network may not be as secure as you think.
Home networks now connect computers and smartphones to thermostats, TVs, refrigerators, and residential security systems. Each device is a potential weak spot in your Wi-Fi network. As your home becomes more dependent on the internet, so does your exposure to a network breach.
When setting up your home network, consider changing the default WiFi network name and password.
Related Topics (Ads):
Beware of public Wi-Fi. It can be super sketchy, but it depends. Everyone loves free Wi-Fi, but unsecured public wireless access points are easy to intercept, providing an opportunity for attackers to snoop on your online activity. A safer alternative is to use only secure Wi-Fi networks. If you use your laptop or mobile devices while traveling, purchase a subscription to a paid hotspot provider in which the networks are password protected and have additional levels of security.
At the end of the day, if you’re unsure, don’t risk it. Just walk away. Otherwise, you should be prepared to deal with the consequences.
Related Topics (Ads):