Five ways to protect your financial information from hackers
What actions can you take to protect yourself in what feels like an endless battle to keep your data secure? Here are five steps to consider.
What actions can you take to protect yourself in what feels like an endless battle to keep your data secure? Here are five steps to consider.
JPMorgan Chase, Domino鈥檚,聽Home Depot, P.F. Chang鈥檚, eBay 鈥 the list of targets continues to grow.
Information breaches that would have been difficult to fathom years ago are now common. And people are rightfully worried. After all, if the federal government can get hacked and its employees鈥 data stolen, how vulnerable is a personal account held at a bank or brokerage?
My friend Jack Vonder Heide, president of Technology Briefing Centers and one of America鈥檚 leading authorities on technology-related risks, says the image of cyberattackers as hipster kids in a basement hacking into websites for fun is a dangerous misconception. Cybercriminals, he says, are highly educated operatives of well-funded overseas groups, mostly based in China and Russia.
So what actions can you take to protect yourself in what feels like an endless battle to keep your data secure? Here are five steps to consider:
1. Diversify your passwords 鈥 and change them聽
For convenience鈥檚 sake, people often use the same password across multiple websites. Big mistake. It鈥檚 like giving an intruder a key that opens every lock. You want to make it extremely tough for a hacker to access your sensitive information. So create a different password for every financial website 鈥 brokerage, bank, credit card, mortgage account and so on. Create unique password combinations that include letters, numbers and, if possible, symbols. Establish a biannual schedule to change them. Security must be an ongoing endeavor.
2. Use an online password manager
All those hard-to-crack passwords can be a nightmare to try to store, recall and keep secure, so use a reputable password manager. The best managers include password generators that create strong, unique choices. Most password managers allow you to sync your passwords across all electronic devices, making it easy to maintain multiple passwords. Select one that includes two-layer authentication for additional protection. Check out聽PC Mag鈥檚 best password manager selections for 2015. Many come with an annual fee 鈥 but they鈥檙e affordable and worthy protection against hackers.
3. Make life hard for crooks
Cross-shredding confidential documents, avoiding simplistic passwords and keeping sensitive information off of unsecured channels like email are modest but effective actions. Thoroughly checking credit statements for suspicious activity and being aware of your surroundings when using ATMs are basic security measures that remain effective.Don鈥檛 let your guard down.
4. Check your credit reports at least annually
Periodically checking your聽credit report聽is a smart way to stay ahead of the bad guys 鈥 but many people don鈥檛 because of common misconceptions, such as the belief that you have to pay a fee to see your report, or you must subscribe to a service.
The fact is, federal law entitles you to a free copy of your credit report once a year from each of the three consumer credit reporting bureaus 鈥 TransUnion, Equifax and Experian. You can get these reports at聽AnnualCreditReport.com. If you want to be especially vigilant, spread out your requests, so that you are looking at a different report every four months instead of all three at once every year. Increasing the frequency will help you catch suspicious inquiries earlier since credit activity customarily gets reported to all three bureaus.
The goal is to check for discrepancies, inconsistencies and inaccuracies that might suggest identity theft. It鈥檚 not difficult to correct errors. The credit bureaus have improved their service and request response times. The Federal Trade Commission provides easy-to-follow instructions to聽dispute errors.
5. Keep your guard up when it comes to e-mails
Be wary of any email that requires you to click on a hyperlink to update a password or confirm confidential material. Such e-mails are often 鈥減hishing鈥 expeditions seeking to scam you. They appear to come from your bank or brokerage firm, an online retailer 鈥 even the IRS.
The best rule to follow is that regardless of how real an e-mail looks,聽苍别惫别谤听click on such links. Contact the alleged sender鈥檚 customer service or fraud department directly to check the legitimacy of the email. Don鈥檛 use the phone numbers provided in the suspect email. Always use the contact information provided on your monthly statement or listed on the company鈥檚 website. It鈥檚 also advisable to forward the email to an organization鈥檚 fraud department.
What about inquiries from the IRS? That鈥檚 easy. The IRS does not initiate taxpayer communication through email or other electronic channels, period.
It鈥檚 understandable to feel helpless in an age of smart criminals who conduct endless assaults on privacy. But simply putting the threat out of mind is no solution. Nor is deciding that it can鈥檛 happen to you.
Learn more about Richard on NerdWallet鈥檚聽Ask an Advisor.