Now, more than ever, the Internet and technology have taken over more aspects of our lives and integrated themselves into our daily fabric. Banking, for example, can now be done entirely online, with the bank not having an actual building from which to operate. This can benefit you with lower or no fees and higher rates, as the bank doesn’t need to spend money on leasing an office space or the expenses that come with it.
With many or all of our financial transactions taking place online or in an automated fashion, we need to be just as diligent as we were walking into and out of the bank with actual cash in hand. We need to be more diligent because there are threats out there that you are likely unaware of. Let’s examine 16 ways to be more diligent and protect your finances online, both active and inactive protective methods.
Keep Your Computer(s) or Phone(s) Updated
All computer systems have a method for updating their operating systems. The operating systems used in most of today’s computer systems are Microsoft Windows, Apple MacOS, Google ChromeOS, and Linux. Smartphones like Android, Google, and iPhone also need their operating systems updated for protection. It is best to set the computer or smartphone up to perform automatic updates to always have the most recent updates.
Vulnerabilities can be exposed when a computer system is outdated or not updated. As the vulnerabilities become known, your computer can become a target because you have not taken the steps to protect it. This can lead to you being the victim of vulnerability through a hack, virus, or even ransomware. That data is also exposed if you keep financial information on your computer.
Here are the links to the manufacturers’ website instructions for updates. As many Linux distros are available, I’ve only listed the most common ones below. If you use something else, simply Google the term “<linux distro> automatic updates” (replacing <linux distro> with your specific Linux distro used).
Use Strong Antivirus Protection
Updating the operating systems of your various devices (computers and/or smartphones) will protect them from known vulnerabilities. However, a device can also be compromised through other methods. Threats can come through your email system (which will be covered shortly), through different programs you install, or from sec lapses related to configuring the device.
To protect against these threats, you must use a strong antivirus program. The antivirus program prevents, detects, and removes viruses on the device. The antivirus program runs on the computer constantly and is constantly vigilant. The best antivirus programs are also discrete, meaning that you hardly know they are there most of the time and don’t require many resources (CPU time and memory) to be effective. Antivirus programs also integrate into the Internet browser to protect you while browsing online. I highly recommend Vipre Antivirus.
Use Strong and Unique Passwords
Now that we’ve discussed how to protect your computers and smartphones, let’s examine passwords, one of the most common areas that lead to online compromise.
We all need to use passwords for practically every relational interaction online. Our bank requires us to authenticate; software sites that we are members of require us to authenticate; social media sites that we are members of require us to authenticate, and so on.
The best passwords are super long and have a variety of letters (both uppercase and lowercase), numbers, and special characters (such as !@#$%). The problem with using these types of passwords is that they are hard to remember. As a result, we don’t typically use them; if we do, it is only one, and we use that one for everything. The passwords you use online need to be both strong and unique. Each password you use must be different from the others you use. But how will you remember all of these strong and unique passwords?
This is where a Password Management solution comes into play. In my many years of working with computer systems, personally and professionally, I’ve worked with many password management solutions. There are ones built into the browsers you use, and there may be ones built into your operating systems. The best Password Management solutions are platform-agnostic, meaning they will work on Windows, Mac, Android, iPhone, etc. I highly recommend the NordPass password management solution.
Use Multi-Factor/Two-Factor Authentication (MFA/2FA)
In addition to using a password to access resources online, you can now enable Two-Factor Authentication (2FA) and/or Multi-Factor Authentication (MFA) on some sites. This is becoming a standard in security, so more and more online resources have the option, and some are even starting to require it.
2FA adds an additional layer of security to online resources. It does this by requiring a second credential to be entered before you gain access. Without a second credential, access to online resources is impossible. The second credential is typically provided through an application or SMS text message with a temporary code to use at the time of entry.
MFA requires at least two additional pieces of information to prove identity, not just one extra piece like 2FA. Each piece of information comes from a different category. You must overcome all roadblocks to gain access to the online resource. The additional information, or criteria, can come from multiple places, such as something you know, have, and are. The “something you know” can be a PIN or a previously established passphrase. The “something you have” can be a smartphone that receives an SMS text with a temporary code. Finally, the “something you are” can be your fingerprint. As you can see, with all these criteria to verify, the odds of someone other than you getting past the roadblocks are almost impossible.
Beware of Suspicious Emails (Phishing)
Malicious attacks that come in via email are called Phishing. Phishing is a crime in which the target(s) are contacted by email by someone posing as a legitimate user or organization to lure them into providing sensitive information such as banking and credit card details. The perpetrator then uses this information to access your accounts for a financial loss, which can result in identity theft.
Some everyday things phishing emails have. You can use these to identify phishing emails.
Too Good To Be True
The content or request is too good to be true. You won a lottery, a new car, or other lavish prizes. Don’t click any links contained in the email.
Urgency or Act Now
The message conveys a sense of urgency: Act now or within a specific time frame, or the offer will expire.
Unexpected Attachments
If you receive an email containing an attachment you were not expecting. Don’t open it without further investigation. Call the sender to validate legitimacy.
Verify the Legitimacy of the Email
The email comes from an unknown sender. If anything seems out of the ordinary or unexpected, be suspicious until the sender is validated. Hover over the return address hyperlink to see if it returns to where it appears to have come from.
Look for Obvious Errors
If the email comes and is pretending to be from an institution, carefully inspect the pictures/logos. Is that what the Bank of America logo really looks like? Again, verify authenticity. Are common words misspelled?
Don’t Click on Links Immediately
False hyperlinks are a big tell of phishing emails. When you hover your cursor over a hyperlink in an email, you will be shown the true destination of that hyperlink (you are informed via a pop-up or by seeing the actual link at the bottom of the screen). If they don’t match, then the email is Phishing.
Be Careful on Public Networks (VPN solutions)
When using networks provided for the public’s use, such as a library network or a Starbucks, know that others can read the data you are phishing and receiving. This is known as packet sniffing. Suppose you are on a public network and checking online financial institutions, the details for that financial institution, such as your username and password. In that case, d may be accessed via packet sniffing.
You can protect yourself while in public by using a VPN solution. VPN stands for a Virtual Private Network. A VPN creates an encrypted tunnel between your device and the destination or secure network. All the data that traverses the VPN is encrypted and thus unreadable if captured. I highly recommend NordVPN for a VPN solution.
Do you do Online Banking from home (refer to the above section)
As stated in the previous section, performing any online financial transaction from home is much safer than using a public network without a VPN solution. Home networks are far safer than public networks as you know who’s on your home network and what they do. Be sure to make your password to access your home network as strong as possible (see the section for Using Strong and Unique Passwords above).
Suspicious Website Check (refer to antivirus section)
Be wary of suspicious websites. Your antivirus solution will help protect you from connecting to them, usually by adding icons to your search results to indicate whether the website is legitimate or suspicious. You can also check by hovering over the hyperlink to the website to see where you will be set (see the section for Verify the Legitimacy of the Email above).
Actively Check Your Credit Report and Bank Statements (Credit Reporting Agencies)
You should regularly check your credit report (at least once yearly) and review your bank/credit card statements. I review my bank/credit card statements when reconciling those accounts once a month, and I usually do it a couple more times each month as I enter transactions.
You are entitled to one free credit report from each credit reporting agency each year: Experian, TransUnion, and Equifax.
Sign Up for Credit Monitoring (Credit Karma and Experian)
In addition to checking your credit report annually, I recommend signing up for a credit monitoring service. Credit Karma and Experian are both highly regarded solutions in the industry.
Lock Down Your Credit
One safeguard we use is to lock our credit so that credit accounts cannot be opened in our names without our knowledge. This can be done manually at each credit reporting agency (Experian, TransUnion, and Equifax) or automatically as a service such as Experian’s IdentityWorks.
Don’t Put Personal InfoWhenorks
When you set up an online financial account, you must set up a username and password. Still, you are also asked to answer some security questions that will be used to identify you should you need to reset your credentials. These questions are all pretty much the same: birthdate, mother’s maiden name, first car, favorite book, childhood best friend, etc.
With some digging, this information (some, most, or all) can be found on social networks you subscribe to. Facebook is an excellent target for finding these details, especially if your profile is public. You can protect yourself by making your profile private or, better yet, not putting these details out there. Is another, like on your birthday, worth the risk of stealing your identity? Even making your profile private does not guarantee security, as there are ways to get around the privacy barrier if you are determined enough.
Also, sites like Facebook and other social networks are prime targets for a massive hack, where millions of users’ details are acquired. In September 2018, Facebook reported that it was compromised by a hack that compromised the personal information of 50 million users. That information is then used by hackers or sold on the Dark Web to perform identity theft. Are you sure you weren’t one of the 50 million compromised users?
Shred Documents Before Disposing of Them
This last recommendation might not seem related to your online security, but like social media, personal information can be gleaned from what you throw away. Hackers can also take your trash and sift through it to find the details they need to create financial havoc for you online. A simple paper shredder can take care of this security hole.
Conclusion
The information provided here is a list of recommendations to better secure yourself online and protect your finances. Doing just one will make you safer than you are right now, and each of these you implement will make you much safer. This is known as hardening in the technology industry, as you are making it harder for hackers to get your information.
Another thing to realize is that you can’t simply do this much in this ever-changing world and forget it. As new technology becomes commonplace and new methods for doing things become the norm, you must constantly work to be ahead of the hackers. Implementing these strategies lets you worry about other things and focus your energies elsewhere. A little less anxiety is good for the soul, I think.
Comments
Post a Comment