It's becoming almost a monthly event: there was a security breach last week, allowing hackers to access people's personal information. I mentioned a few months ago about how the Playstation Network was hacked (and subsequently shut down), certainly a dark day for most online gamers.
Now, though, it's a major bank, specifically Citibank, that has been hacked. To add insult to injury, the method used by the hackers sounds like something I could do, and since I am barely tech savvy enough to keep this blog up and running, that's something. By opening their own accounts, signing in, and replacing their account numbers with the account numbers of other bank customers in the web address line, the hackers were able to acquire personal information from a number of Citibank customers. It is almost scary how easy it sounds to do that.
Now, with such high profile break-ins in the news, you might be a little worried about your online security. Unfortunately, much of the ability to protect your secure information is out of your hands; you can do everything right, but if your bank (or credit card company, or any number of places where you have some personal finance information stored) ends up being hacked or otherwise has its security compromised, your personal information could still fall into the wrong hands.
Still, that's no reason to make it easier for hackers to get to your personal data. While there are some things that are outside of your control (how your bank formats their account web addresses and the ability to leap from one to the other, for example), but there's still plenty you can do to help keep your financial information to yourself. For example, you can:
1. Be Careful When Contacted By Email: In our increasingly wired society, there is a good chance that you receive some (or even all) of your correspondence with your bank(s) via email. Unfortunately, the same advantages of email for your bank (cheap, quick, easy to automate) also make it advantageous for those who want to gain access to your account illicitly. The best thing to do: treat every email like it may be fraudulent, and use the appropriate caution. If you are contacted by one of your banks and told that you need to log in to deal with some issue online, got to the bank's website directly, sign in to your account, and deal with the issue (if there is an issue) that way. That way, you won't accidentally give your personal information to inappropriate sources. On that note:
2. Don't Give Out Financial Information UNLESS You Initiate Contact: If you want to engage in all the advantages of online commerce, you're going to have to provide your financial information to someone. But only do so when you started the transaction. If you receive an email or other contact that wants your personal information, just say no. Instead, as above, make sure that you, personally, enter in the appropriate website and ONLY provide your information when you are sure about the company you are dealing with.
3. Be Careful About Social Networks: It's very tempting to drop your guard when you are on Facebook, Twitter, Linkedin, and the numerous other social networking sites out there. After all, you are surrounded by ‘friends' and ‘followers'; why would they want to hurt you? Unfortunately, social networks are an attractive target for hackers; from sending out emails posing as the social network operators to creating fake profiles to worm their way into your list of friends, those who mean you harm have lots of ways to take advantage of social networks. A good guideline to follow: don't share any information on social networking sites (whether on a public ‘wall' or in a private message) that you would not want to be shouted out loud on a crowded street corner. (On a similar note: Be cautious about what you share on social networking sites, period; sure, now you have no problem with pictures of you chugging beer and flashing the camera, but ten, twenty, thirty years from now, do you really want your children, friends, or coworkers to have pictorial proof of your wild-child days?)
4. Keep An Eye On Your Accounts: Just in case you are getting the feeling that computers cause nothing but trouble, let me put your mind at ease: computers can be a great asset in preventing illicit activity. If you make sure to monitor your accounts on a regular basis, you can be sure to catch any fraud before it gets too far, allowing you to prevent the worst of the damage. If you do notice anything is wrong, be sure to contact your bank or other financial institution so they can work with you to prevent further theft (and hopefully reverse the theft that has already happened).
5. Make Your Passwords Hard to Guess, and Change Them Regularly: I've discussed the importance of changing your passwords at least twice a year before, but it bears repeating. (Of course, you can (and if you fear you've been hacked, should) consider changing them more often, but I understand that it's hard enough to keep track of all the passwords you need nowadays without changing them every two weeks.) You'll be less likely to have your accounts hacked if your passwords are complex (with letters (both capitalized and lower case), numbers, and symbols, if possible) and difficult for someone else to guess. A password like ‘Abc123' is just begging to be guessed, while something like ‘Meh27nE19%' is unlikely to guessed by random chance. Make sure you write down your passwords somewhere safe (encode them if you want an added layer of security), don't share with anyone, and change them regularly (and not just by shifting one letter at the end), and your accounts will be much more secure.
There you have it, several ways to make sure that your banking is as safe and secure as possible. Here's hoping that when the next story about financial data being stolen breaks (as seems to be nearly inevitable), your data won't be among the data that is lost.