Now that we are all conducting business, as well as our personal lives, almost entirely online, it’s a good time to size up the privacy and security of your information with the businesses you frequent most. Scammers are on the prowl, particularly with the pandemic.

Stay on top of computer and web browser updates

First things first: Check to see if there are any available updates for your web browser and installed software. “Make sure your web browser (i.e. Edge, Chrome, Firefox, Safari) is updated to the most recent version, and that your computer’s operating system is up to date,” says Justin Gordon, information security manager at 1st Security Bank.

Be on alert for anything COVID-19-related

One of the most insidious ways hackers entice even savvy computer users is by dangling pieces of information that don’t seem nefarious, like a map of COVID-19 infections, promising the type of data that would appear on a news site. This kind of tactic is used to entice unwitting recipients to sign up for an email newsletter that promises related information. But the recipient could be signing up for something they were not expecting.

“They use that as an opportunity to pivot into getting more information out of you or installing malicious software on your computer,” says Gordon. “COVID is a gold mine for information compromise. Hackers will prey on people’s general fears. And in times of uncertainty, they will exploit people’s fears for financial gain.”

Even during non-COVID times, like tax season, he says, there are spikes in hacker emails and scams. The lesson: don’t click.

Make a note of what data the site is asking for and plan accordingly

Not all sites are collecting the same level of data — some sites don’t even have credit card information on hand; others, like banking institutions, have your social security number stored. “Identifying what information people are collecting can also help you determine the level of concern,” Gordon says. “The more data they have about you, the more you should be worrying about how things are secured.”

Look up the details listed under the Security and Privacy memo

The FBI will have a different response than a bank than will a local shop, for some obvious reasons. But with most major companies, the privacy terms are found in the Security and Privacy section. “Depending on the type of business, the response you get will vary greatly,” he says. “At 1st Security Bank, we provide a copy of our privacy notice to all new customers and an updated copy every year if anything has changed. We also display our privacy policy on our website. Not all companies do this. While it would be great if all companies adhered to strict privacy and security policies, not all do.”

But you can look up the privacy memo online. “I usually just start there,” he says. “It’s almost always the same boilerplate language. They’ll say something along the lines of ‘Here’s what we’re doing to protect your data.’ And then they’ll list general details about what they’re doing.”

Data encryption

Gordon says you should look for data to be encrypted, especially if banking or credit card information is involved. When possible, you want end-to-end encryption. Financial institutions are heavily regulated and go through multiple audits a year to ensure that information is secure. “We use multiple security tools and controls to ensure your information is encrypted and secure when you bank online with us.”

But, he says, smaller businesses will often use third-party solutions. Think of an online retailer that uses a credit processing company that takes your email and your phone number when you slide in your credit card. “In a sense they transfer the responsibility to those third-party services,” he says. “And that information may be harder to identify.”


Check to see if your data has been breached

Gordon recommends staying up to date with cybersecurity news and periodically reviewing security websites to ensure your information has not been compromised in a reported breach.

MFA, or multifactor authentication

You’ve encountered it before, even if you didn’t know what it is called — if you try to log into a site, and it asks you to punch in a code sent to an email address, or your cellphone, that’s MFA. Another type of security that seemed far-fetched a few years ago is biometrics — such as the thumb print or face recognition used to unlock iPhones. “If a company is not offering multifactor authentication, then they’re behind the curve.”

Gordon says most companies are doing their best to keep your data safe, but one major red flag is if you ask for help or want to know more about a policy and they don’t have an answer. “That’s a total fail,” he says.

At 1st Security Bank, we take a personal approach to our work. We live in the communities we serve, so our branches are tailored to their communities. We believe that relationships make the difference, and that sets 1st Security apart.