We’re in an era where the vast majority of our finances are managed online, from bank accounts to credit cards. Our email addresses, passwords and credit card numbers are linked to streaming services for music and entertainment, and it is common to use services like Venmo and Zelle to transfer funds quickly. Technology makes life more convenient, but there are risks associated with having our financial information accessible to hackers on so many different platforms.
Fortunately, there are steps you can take that will protect your information, provide immediate notification of any potential cybersecurity breach and handle a hack or breach as swiftly as possible if it does happen to you.
Step one: Research financial institutions and businesses
Before providing your confidential information to a financial institution or any business, Justin Gordon, information security manager at 1st Security Bank, recommends starting off by doing some of your own research. Take the time to make sure they haven’t been involved in any breaches (easily checked online by searching: [X business] breach) and how they’ve responded if they have. Also, review the institution’s or business’s posted privacy or information security policy on their website to find out what confidential information they keep and how they secure and protect it.
Step two: Strengthen your passwords
Gordon explains that if you use the same password for all of your logins, you could be a prime target for a credential stuffing attack. In this attack, a hacker obtains your username and password from a file of stolen login credentials, generally from a previous breach, and uses your stolen credentials across hundreds of sites to attempt to gain access to other websites.
“It’s extremely important to create strong and unique passwords for each of your accounts,” he says. I recommend using a password manager to create complex passwords of eight characters or more. Think of a password manager as a secure vault for storing your various passwords. You only need to remember a single master password to open your password vault and access your other passwords.”
In addition to using unique passwords for every account, Gordon recommends using a “pass phrase” rather than a password. “Instead of a word, ‘Example1729P’ use a sentence or a phrase ‘LizardsEat27Cabbages#.’ This makes it more difficult to hack your account because the more characters you have in your password, the harder it is for password cracking software to crack it.”
Step three: Monitor your financial accounts
Gordon says enrolling in instant account alerts via email, text or app notification is the most effective way to monitor your financial accounts. “You should receive instant alerts for any kind of bank account activity whether it’s transactional or account access-related. If you use peer-to-peer banking services like Venmo, CashApp or Zelle, they should also have transactional alerts enabled,” Gordon explains.
Where to go for reliable cybersecurity information
The unfortunate reality of today’s digital landscape is that new cybersecurity threats emerge on an almost daily basis. Fortunately, there are multiple free resources online to keep abreast of emerging threats and to stay safe online:
haveibeenpwned.com allows you to see if any of your confidential information and/or passwords have been compromised in a previous breach. Haveibeenpwned maintains a record of what data was stolen in every reported breach. You simply enter your email address or phone number on the website and it will tell you if your information was stolen in a breach.
Identitytheft.gov is a website that provides a playbook of steps to take if your information has been lost or stolen.
CISA’s National Cyber Awareness System is a resource for general cybersecurity tips. In addition to providing cybersecurity tips, the site also includes an up-to-date list of current scams to be aware of.
How to keep up in an ever-changing digital landscape
Although the threats to the digital landscape change continually, following cybersecurity basics can protect you from many of the threats on the internet:
- Create strong and unique passphrases for all your online accounts.
- Avoid clicking on links in unexpected emails from unrecognized senders.
- Update your software and devices as promptly as possible. Software and device updates often include fixes for newly discovered security flaws. If an update is available, don’t put off installing it.
- Turn on multifactor authentication whenever possible. MFA is a second layer of identification in addition to your username and password. You most commonly experience MFA as a one-time passcode texted to your phone, but there are other MFA methods (authenticator apps, Face ID, USB tokens, etc.)
At 1st Security Bank, we take a personal approach to our work. We live in the communities we serve, so our branches are tailored to their communities. We believe that relationships make the difference, and that sets 1st Security apart.