Here are four essential tips for protecting yourself online:
Step 1: Enable Multi-Factor Authentication (MFA)
Multifactor authentication is a login process to make it more difficult for an unauthorized person to access your accounts. It requires two or more independent credentials, such as something you know, a password, and something you have, your mobile phone. Before a login is complete, a code is sent to your mobile device and requires you to input the code, thus proving you have access to the registered device. MFA has other variations and is one of the top ways that financial institutions, companies, and security experts provide consumers with the ability to protect their information online, which would require hackers to not only steal your password, but also your phone, or to gain access to another account, such as email, to break through your cybersecurity walls. This additional layer of security makes it exponentially more difficult for the bad guys to access your personal information and accounts. Using MFA is a simple step that can keep you from becoming the next victim. MFA is generally available to protect financial accounts, email accounts, and social accounts but is often optional, so if you don’t use MFA, check to see if it is available and be sure to enable it!
Step 2: Use Strong Passwords
Passwords are quite literally the key to your personal information. It is the safeguard to your online profiles and the often highly sensitive information that you provide in order to engage with online businesses. The problem is that criminals are intent on discovering your passwords, even using sophisticated technology to try to “crack” the code. The best way to ensure your account is difficult to crack is to have a complex password (i.e. upper- and lower-case letters, numbers and symbols) that does not include things like your name, your date of birth or the word “password.” It is shocking how frequently these easily guessable words are included. The average American consumer has over 100 web services that require a password. Typically, this means they are using the same passwords over and over, across a myriad of platforms. If there is a breach of a single vendor website and your password becomes known to the criminal black market, it can be used to try to hack into your other accounts. Having a unique password that is full of seemingly random letters, numbers and symbols is the best way to ensure hackers can’t get into your accounts using data they can easily find on the internet. Further, changing and updating your passwords on a more frequent basis can help ensure your accounts remain secure. Check out this article from the Federal Trade Commission to better understand the importance of strong and diverse passwords. As explained above, in addition to a password make sure you have Multi-Factor Authentication enabled on your online accounts whenever available.
Step 3: Recognize and Report Phishing
It can be hard to tell if you are the victim of a phishing scam until it’s too late. Many companies are providing training to their employees to help mitigate this type of attack in the corporate world, and those same tips apply to your personal accounts. In this article, the Federal Trade Commission offers some examples of the types of emails and text messages that you should look at with a critical eye before taking any action, including:
- Messages that say they’ve noticed suspicious activity or log-in attempts on your online accounts
- An email claims that there’s a problem with your account or your payment information
- A message that says you must confirm personal information
- Any message that includes a fake invoice or other document
- A request to click on a link to make a payment
- Messages that say you’re eligible to register for a government refund
While these messages can be legitimate, it’s important to stop and look at them critically first. Further, the United States Cybersecurity and Infrastructure Security Agency has stepped up their ability to track down these types of scams. The Anti-Phishing Work Group has been created to report suspicious messages. They also have great resources to help businesses and consumers identify scams such as these.
Step 4: Use Biometric and Passwords to Protect your Devices and Keep your Software Up to Date
Computers, tablets and phones can open the door to large amounts of personal information including our online activities, credentials for logins and banking and financial information. Unfortunately, it’s this information that can make us vulnerable to attacks. Imagine using MFA to protect your accounts, only to lose your phone – leaving just a single password between a thief and your email, apps, and personal photos and files. If you set up facial or fingerprint recognition on your device, or you require a password to open your phone you have put another obstacle in between you and a fraudster intent on doing you harm. In addition, make sure you frequently update software on your phone, tablets and computer to help keep your personal data secure. Thieves don’t rest. They are constantly looking for new and more successful ways to steal your information. In order to keep up, software providers must push out frequent updates to thwart criminal activity. Allowing software to automatically update or enabling reminder notifications will help you maintain the most up-to-date software, protecting your devices and your identity!
It’s important to take basic steps to protect yourself online. As an individual, check your passwords, ensure you have enabled MFA where available, keep your software up to date and be on the lookout for phishing scams. If you own a business, put cybersecurity measures in place to protect yourself and your employees as well as your clients and customers. For those who operate critical infrastructure, learn how your role impacts others and what you can do to protect those you serve. And if you are interested in exploring a new career field, the future holds a massive demand for workers with technical skills to solve existing and upcoming cybersecurity issues. Look into where your interests might overlap with this ever-expanding opportunity.
As always, if you feel that your personal information has fallen into the hands of a thief, call us immediately to speak to one of our Identity Theft Recovery Advocates. Quickly recognizing and addressing the issue will minimize damage to your accounts and your identity. As a HomeFREE Checking account holder, you have access to specialists around the clock who can answer your questions, address your concerns and advise you on the best next steps to get back on track.