According to Forbes, cybercrime is one of the biggest and most disruptive threats to financial markets, including investments and securities. Here are five areas to focus on to protect your hard-earned investments in the digital world.
1. Online and Email-based Behavior. Always be suspicious of emails that ask for information, including emails that appear to come from a reputable source.
- Emails that ask you to click on a link and input personal information, such as passwords and personal identification numbers (PINs), are often scams to steal your information or download malicious software to your computer or mobile device.
- Reputable sources won't request individuals to input passwords, PINs or personal information over email, text or phone.
- Legitimate web pages of financial services companies follow an HTTPS protocol. Look closely at the web page address to make sure the URL starts with https.
- Be careful with postings on social media, and with whom you friend, follow or allow to follow you online. Do not overshare information that could lead a fraudster to lure you to provide additional information or steal your identity.
2. Logging in Online. Cybercriminals often target public networks. Accessing your investments and other financial information and engaging in either personal or business-related online activities in those public networks is high risk.
- Conduct investment and other financial activity online from a home computer that only you can access, and that is connected to a home network.
- Double check that your home network is secure, only employ a trusted cable or Internet vendor, and use the most updated encrypted secure network system: Wireless Protected Access (WPA2). Set up a strong alphanumeric password (containing symbols) for your home network, and do not share it with anybody.
3. Passwords. Create strong and unique passwords for any of your online accounts, but particularly for your financial and investment services accounts.
- Use strong, alphanumeric passwords with symbolic characters. Create passwords that are more than eight characters long. Don't use short, generic, easy-to-guess passwords such as, "password", "qwerty", "12345", etc. Consider using a passphrase -- a phrase that is easy for you to remember but difficult for others to guess.
- Never use other personal information such as social security numbers, birthdays, children's names, home address, your favorite sports team, etc.
- Don't reuse the same password for different accounts. If one account gets hacked, it is very easy for a perpetrator to access your other accounts if they share the same password.
- Never share your passwords with anyone.
- Consider using a password manager -- a software application or piece of hardware -- that allows you to organize and store all your passwords in an encrypted fashion.
- When offered, enable two-step verification to access your account. In addition to inputting your password, you will need to input a code that you receive via a different channel (such as a text message on your mobile phone) every time you access the account. Two-step verification makes it more difficult for cybercriminals to hack your accounts as they would need access to additional accounts and devices to do so.
4. Protecting Your Devices. Do not use public, shared devices to access your financial or investment accounts. Devices should be secure and their access should be restricted to only you.
- Make sure you have an antivirus program running on your devices, but understand that it is not 100% bulletproof for other forms of malware (malicious software). Make use of additional reputable scanning and protection tools, such antispyware tools that can mitigate threats.
- Only download apps from reputable sources.
- Ensure that you have the most recent version of your browser and other software to include the most recent security updates.
5. Safeguarding Financial Accounts and Personal Information. Follow a security approach that covers both cybersecurity and physical security.
- Report any lost or stolen cards or other hard copy information, such as checks, immediately to your financial institution.
- Check your credit report at least once a year to confirm it's accurate and up-to-date. If your report shows new accounts you didn't open, numerous inquiries from creditors, or negative items, take action immediately.
- Go paperless. Electronic statements and invoices minimize the number of hard-copy documents that bear your personal information and could get into the wrong hands.
- Invest in a personal shredder to destroy paperwork with private information when it is time to dispose of it.
- Memorize your PINs and change them regularly. Don't carry them in your purse or wallet.
- Sign up for financial account activity alerts that you receive via email or text message; this will help you monitor your account activity.
- Don't print your Social Security or driver's license number on your checks. Keep your Social Security card in a safe place, instead of carrying it in your wallet.
The Federal Deposit Insurance Corporation (FDIC) offers a Cybersecurity Guide for Financial Institution Customers for high-level advice.