Pop quiz: What do JP Morgan, eBay, Ashley Madison and Target all have in common?
That’s right! They’ve all had security breaches in the past few years. Many of us devour news of these major, headline-making horrors that result in the misappropriation of email addresses, passwords, bank account numbers and other personal and financial information. What we don’t realize, though, is that as individuals we often sabotage the safety of our own banking accounts.
Yes, there are a lot of institutional safeguards in place, but you hold some of the keys to protecting your banking accounts when you’re online. Consider these 10 no-nos that you may be committing that put your accounts at risk – and our tips for correcting them:
1. You multitask while working online
Working online is so commonplace that it’s easy to not fully engage when responding to online requests. Crooks who go “phishing” count on you multitasking while responding to the “urgent” emails they send in the guise of your bank, credit union and trusted retailers. Protect yourself: Type the email address you are asked to visit into your browser — don’t click the link! — or hover your cursor over the link to uncover the full address, recommends Fidelity Investments. If it’s not familiar, don’t click it.
2. You don’t sign off
So many of us spend hours each day online and think nothing of leaving accounts open until we shut down the computer. Every time you finish making an online banking transaction, sign out of your account, recommends Key Bank. Also, consider erasing the browser history.
3. You stay with cliché security questions
Banks don’t routinely ask you to use your mother’s maiden name as a security word because con artists are wise to that request. Anyone that has your Social Security number, bank account number can easily find your mother’s maiden name, so if that’s your security question you risk getting cleaned out, notes Daily Finance.com. Protect yourself by choosing a more challenging question — the name of your first pet, Little League team, vacation spot, favorite high school teacher — at least something that is not easily learned through a Web search.
4. You trust without verifying
If you don’t know the person or company that requests your account information, think twice before you share it. Yes, some legitimate businesses do routinely ask, but so do some criminals. Once they have it, they withdraw money from your account by creating a demand draft (called a “remotely created check”) or creating an electronic transfer, according to the Board of Governors of the Federal Reserve System. Verify the identity and reputation of the person and/or company before you give your information.
5. You take the easy way out with passwords
You know your Social Security number, credit card number and other routinely requested numbers — so protect them. Do not use those numbers or any part of them as passwords. If your Social Security number or account number is stolen, those will be among the first numbers tried to access other accounts, according to Bank of America.
6. You forget your cellphone is a computer
Downloaded apps can contain malicious codes that can snap up personal information and remember keystrokes. “You have no idea who created that app, and very little code-checking goes on,” Julie Conroy McNelley, senior fraud and risk analyst at research firm Aite Group told U.S. News & World Report. The lesson: Either invest in anti-virus software for your telephone or avoid using it for online banking.
7. You don’t let your cellphone work for you
If you do opt for online banking via a cellphone, use the device’s keypad lock function when you’re not using it and engage the screen lock device when it’s not in use, recommends Fidelity. And if you lose your cellphone, don’t wait before using “Find My iPhone” or Google’s “Device Manager” to locate and wipe the phone of data.
8. You don’t demand extra protection
Some banks offers two-factor authentication, such as a key code or unique image in addition to a password, to enhance security around accounts. The Better Business Bureau recommends that you make this one of the criteria for choosing where to put your money.
9. You assume a site is safe
You can be doubly certain that your information is safe by looking for a lock icon on the browser and verifying that the URL begins with “https.” That indicates you are looking at your account over an encrypted connection, notes US News & World Report.
10. You keep the same passwords
Yes, it’s sometimes time-consuming, but what is your financial safety worth? Create passwords with eight or more characters that include letters, numerals and symbols, recommends Bank of America. And, of course, use a unique password on your financial site. If you have trouble remembering your passwords, consider using a password manager.
Do you have ways of keeping your information secure or experience losing control of it? Share with us in comments below or on our Facebook page.