With October being National Cyber Security Awareness Month, I want to use this blog to answer some of the common cybersecurity questions as they relate to banking. I receive these kinds of questions from coworkers, friends and family – so chances are any questions you've wondered about will also be included. Take a look at these cybersecurity basics below, and let me know if you have any additional questions.
Q: What kind of scams should I be on the lookout for?
A: Unfortunately, cyber criminals try to steal your identity in a number of ways. Some of these include social engineering and phishing attacks, where you're sent an email that looks like it's coming from someone you know. The email usually asks for money via a wire transfer or includes a link, which contains malware that will spread on your computer if clicked. Others can be viruses or software that enter your computer through other links, clicks and other online activity.
Q: What are the types of ID theft?
A: ID theft can include unauthorized transactions on your existing accounts, a criminal taking over your existing account, or the creation of a new account using your name and information.
Q: What do ID thieves look for?
A: ID thieves look for the basic information about you, such as your name, address, date of birth, Social Security and drivers license numbers, your mother's maiden name, bank account numbers, and card expiration dates. Additionally, they'll try to obtain your internet passwords, personal identification numbers (PIN), user IDs for any online accounts you may have and the security code on the back of your debit/credit cards.
Q: What are the warning signs of fraud?
A: Unauthorized or unfamiliar charges on your credit card or account statement are the most common signs of fraud. Calls from collection agencies regarding unpaid bills, or even calls from your financial institution regarding transactions, should also be treated as suspicious. If you're annually checking your credit report (which I do recommend), seeing an account you did not open listed is another sign of identity theft.
Q: How can my identity be stolen?
A: Aside from the non-"cyber" ways of stealing an identify, through a lost or stolen wallet, mail theft, dumpster diving, scam telephone calls and even shoulder surfing, your identity can be stolen through online impersonation (via social engineering), phishing, spyware and more.
Q: Is online banking safe?
A: Yes, online banking through your financial institution's internet banking portal can be safe, if done securely. I'll offer three tips: 1. Make sure all your online banking activity is done on a private, secure Wi-Fi network, which likely includes your home internet. 2. Use unique login information (user ID and strong passwords) you do not use for any other accounts, and make sure this information is not written down or shared anywhere – not even in your home. 3. Install (and keep up-to-date) antivirus software on your computer and devices.
Q: Is using public Wi-Fi for banking safe?
A: No. Since anyone has access to public Wi-Fi, the chances of hacking – even without clicking on malicious links – are much higher. Avoid logging into your accounts until you're at home or using another secure network.
Q: What can I do to help avoid cyber fraud?
A: There are many ways you can help safeguard yourself against cyber fraud. Some of these include:
- Enable multi-factor authentication any time you log in to your account. Multi-factor authentication can include a text message with a PIN that's entered during the login process, or using your thumbprint to log in on a mobile device.
- Avoid using public computers or public Wi-Fi for your internet or mobile banking.
- Download antivirus software and any additional security software your financial institution offers. For example, Bankers Trust offers security software called Trusteer Rapport at no cost to its customers.
- Delete emails from unknown senders. If you receive emails that look suspicious, do not open them, click links or open attachments.
- Monitor your account statements regularly and look for suspicious activity.
- Remove unnecessary information (Social Security cards, etc.) from your purse or wallet.
- Do not write down PINs, online banking user IDs or passwords.
- Do not give out personal identification information over the phone or internet if you did not initiate the call.
Q: What do I do if I become a victim of ID theft?
A: Contact your financial institution as soon as possible, contact local law enforcement, and file a complaint with the Federal Trade Commission. Additionally, you may want to contact the three main credit reporting agencies, Equifax, Experian and Transunion, to make sure there's no fraudulent activity reflected on your credit report/credit score.
These are just the most common questions I receive on cybersecurity. Taking a few additional steps to ensure your identity and finances remain safe can, and will, be worthwhile. Learn more about National Cyber Security Awareness Month at StaySafeOnline.org.