David T. Mayes
These days, it is impossible to avoid having our personal information stored on a computer system somewhere. Your bank, your brokerage firm, stores and websites where you have made purchases, your health insurance company, your tax preparer, and the government all have important details about your life stored electronically. This certainly makes our lives more convenient, but it also potentially exposes our finances to unscrupulous individuals with their own financial gains in mind. Cybercrime is a big business, measuring in the trillions of dollars worldwide, so it is critically important to take steps to protect your personal information and financial accounts.
Avoiding cyber threats involves two approaches. First, be aware of the techniques used to entice you to reveal your personal information, particularly financial account login details or your Social Security number and other information they can use to open financial accounts in your name that they can access. Second, it pays to go a step further and assume that your personal information, including some username and password details, are already out there on the dark web and available for sale to fraudsters. You can still use some simple tools to make it much harder for this information to be used for financial gain.
One of the reasons cyber-crime is such a big business is that technology enables these criminals to cast a very wide net to snare victims. Often, their approach involves creating fake websites that mimic those of companies you have done business with. Then they lure you there with fake emails or text messages with the goal of capturing your login credentials. Another approach is to embed attachments in emails that carry bits of malicious computer code that, once installed on your device, allow the hacker to log keystrokes that reveal your login credentials. You can avoid these cyber attacks by using extreme care before opening email attachments or clicking on links embedded in text messages unless you are highly certain about who sent the message. These types of messages are reasonably easy to identify by looking at the sender’s address or hovering over the link to see the actual web address you would be directed to if you clicked. Often, the email address will have a foreign identifier rather than .com which is a clear indicator that it is not legitimate and needs to be deleted.
Even when diligent about evaluating emails and texts, you should take steps to make your personal information useless to criminals. Start by using strong passwords, the longer the better, with a mix of uppercase, lowercase, numeric and special characters. More importantly, avoid using the same password at multiple websites, especially sites where your money can be accessed like your bank or brokerage firm. It is likely that your name, email, and an old password or two are already circling on the dark web for criminals to purchase and try at financial firms to see if they can login as you. When passwords are unique and frequently updated, old passwords are rendered useless. Yes, this makes remembering your passwords more difficult, but you can use a password manager to store your login credentials securely for you or come up with a system for creating passwords that allows you to create unique, memorable passwords for each website you visit.
Most financial websites now allow you to take this a step further by enabling multi-factor authentication. This means that, in addition to your username and password, a one-time use code is needed to complete your credentials. This code is sent to an email address or smartphone only you have access to. With MFA enabled, a hacker who obtains your login details will not be able to access your accounts since they do not have the authentication code. This simple step goes a long way toward protecting your money from cyber criminals. It is also a good idea to take advantage of alerts from your bank, brokerage firm, or credit card company that keep you apprised of requested changes in your account profile.
Finally, consider putting a freeze on your credit report with each of the three reporting agencies. This will prevent anyone from using your personal information to open new credit card or loan accounts. This, and periodically checking your credit report can keep you in better control of your financial life.
David T. Mayes is a CERTIFIED FINANCIAL PLANNER professional and IRS Enrolled Agent at Three Bearings Fiduciary Advisors, Inc., a fiduciary financial planning firm in Hampton. He can be reached at (603) 926-1775 or firstname.lastname@example.org.