Has your personal information been exposed in a data breach or hack? Statistics say, most likely. Record-breaking breaches over the past few years have exposed usernames, passwords and Social Security numbers, allowing criminals to open credit cards in their victims’ names, drain bank accounts and seize computers to hold for ransom.
It’s a serious, growing problem. But it’s not a reason for despair. You can take steps to help maximize your security.
We don’t think twice about sharing our email address with countless businesses, organizations and people. But having your email addresses in so many databases puts you at a significant risk. Hackers routinely breach the security networks of many organizations that hold your primary email address. That stolen personal data, paired with poor email security, could lead to disaster.
Now, you may not care if someone hacks into your Food Network or Yelp account, but you certainly don't want your online banking exposed in the same way. This is why you need to create a separate, secret email for your financial accounts. A separate email address reduces your digital footprint and if your primary, non-financial email address is exposed in a hack, it will not be connected to your financial accounts.
This email address should be:
Tip! How to create strong passwords. We all face the password paradox: Easy-to-remember passwords are easy to break, hard-to-break passwords are hard to remember. Here’s two ideas that create longer passwords that don’t use names or dictionary words.
Creating strong passwords is just the first step in your account protection plan. You need to put another layer of security on all-important accounts such as email, online banking, social media and more. That extra layer is a trend in online security called two-step verification or sometimes two-factor authentication. Add it to any account you have that supports this technology.
With the two-step verification approach:
This method stops your accounts from getting hacked because it requires two separate things: Something you know, your password, and something you have, the temporary code. So even if a hacker has your password, he won’t gain access, and you’ll be alerted if someone is trying to break into your account. If you get a code and you haven’t tried to log-in—you know something is up. At that point, you’ll want to change your password.
We may all love free Internet access when we are out and about and want to be connected, but that free connection can end up being very costly. These free networks are completely open, and hackers can gain access to anything you do while connected—your email, your credit card number, your bank account.
But what about your home Wi-Fi network? Your home wireless network can open the door to you and your family’s digital life if your router is not properly protected. There are four main things you must do to lock down your router and Wi-Fi network from the hackers.
Note: These are some of the more technical actions you'll have to take. Don't be discouraged if it sounds difficult to you. If you are confused, contact the tech person in your life for help. To do these steps, you’ll have to log in to your router’s IP address. If you do not know your router's IP address, you can find it in your user manual or by searching the make and model of your router online.
Use technology so you’re always aware of what funds are leaving your accounts or being charged to your accounts. Sign up for alert notifications with your financial institution and credit card companies. By doing so, you'll receive a text or email alert every time a charge or withdrawal is made.
Here’s something most people don’t quite understand about their credit files: By default, our credit files are open. That means anyone with enough information to impersonate you may be able to open a new line of credit in your name.
This happens all the time and is a major source of identity theft. And when you consider how many private and public organizations have been hacked—institutions we’ve trusted with our Social Security numbers, employment history and other details about our financial lives—you need to be worried about the state of your credit file at the big three agencies.
Take back control of our credit through a credit freeze. A credit freeze locks your credit file with a PIN at each of the credit bureaus. No new credit can be issued in your name unless you lift the freeze with your special PIN.
\You will have to contact each of the credit bureaus separately. Credit freezes are free in every state thanks to a 2018 federal law. A credit freeze puts you in control. It is way more secure than credit monitoring or a fraud alert, both of which will alert you after credit has been issued in your name. With a credit freeze, you can prevent identity theft from happening instead of cleaning up after your identity theft nightmare.
But it’s not just your credit that you need to be concerned about: Experts say around 500,000 children suffer from identity theft every year. Why? Their clean records are attractive to thieves looking to open new accounts without any issues, and the theft can go unnoticed for years as parents and guardians often don’t think about checking their children’s records.
But childhood identity theft can lead to a lifetime of fraud and ruined credit.
Out-of-date software allows hackers to plant viruses and malicious software on your devices. Hackers exploit security holes in unpatched software which allows them to install malware and viruses on your unprotected devices. This malware could record everything you do or kidnap your computer for ransom.
So, you want to be sure that all the software and programs on all your devices are up to date. That includes your operating system, your browsers, Microsoft Office, Adobe programs and more.
Ransomware attacks are normally spread through a method called “phishing.” Phishing messages are emails that impersonate a legitimate company or person and are designed to steal your personal information or install malware on your machine through a malicious link.
Billions of these messages are sent every day. While most get caught in your spam filter, some find their way to your inbox. Here’s a 10-second “EMAIL” cybersecurity rule below can help you fend off the phishers who manage to get through:
Examine Message. Start by examining the subject line of an email. Phishers try to get us to react quickly to an urgent situation. Often, they will make the subject line something frightening such as: Warning, Account Closed or Security Alert. Some are more subtle, but still require you to act. For example: Mail Delivery Failed: Return Message to Sender or Incoming Fax Received. Subject lines like this should alert us that this may be a phishing attack.
Next, you need to discover the true sender of the email. Phishers can spoof the from line to appear to be a legitimate business or organization. You can determine the true sender by hovering your mouse over the display name. A small box will appear with the true email address.
Other suspicious things to look for include greetings that refer to you as “customer” or “sir” or “madam” instead of your name, poor grammar or a vague signature line with false contact information.
You should also be suspicious of unsolicited emails with attachments. Never click to open an unsolicited attachment. What presents itself as a resume, receipt or payment could be a .exe file that plants a virus on your computer or seizes it for ransom.
Inspect Link. The second half of E.M.A.I.L. requires you to inspect links within the message. Like you did with the sender, hover your mouse over any link or hyperlinked text. Be sure that the link is truly directing you to the correct website. If it looks phishy, delete the email. You can always contact the organization directly to ask if they sent you the email.
This is an action that needs to become part of your daily cybersecurity practices. Make it a habit so you can thwart off phishers without thinking about it.
Source: “30 Minutes to Savvy Cybersecurity,” presented by Krystian Cieplucha, CFA, Financial Consultant
with award-winning saving rates and loans
Get even more personal finance info, tips and tricks delivered right to your inbox each month.
Thanks for subscribing to Alliant's Money Mentor newsletter! You will now receive personal finance tips in your email inbox each month.
You are leaving Alliant’s website to enter a website hosted by an organization separate from Alliant Credit Union. The products and services on this website are being offered through LPL Financial or its affiliates, which are separate entities from, and not affiliates of, Alliant Credit Union.The privacy and security policies of the site may differ from those of Alliant Credit Union.
You are leaving an Alliant Credit Union website and are about to enter a website operated by a third-party, independent from Alliant Credit Union. Alliant Credit Union does not manage the operation or content of the website you are about to enter. Alliant Credit Union is not responsible for the content and does not provide any products or services at this third-party website. The privacy and security policies of the site may differ from those of Alliant Credit Union.
