Archive

ShareThis Page
5 steps to keep your accounts safe from hackers and scammers | TribLIVE.com
News

5 steps to keep your accounts safe from hackers and scammers

Tribune-Review
| Friday, November 7, 2014 12:01 a.m.

Despite the flood of hacks and data breaches at retailers, restaurants, health-care providers and online companies this year — Home Depot, Target, Subway, Adobe and eBay are just a handful — the one safe haven was the banks. Unlike other companies, banks have had a long history of keeping bad guys away from our money and personal data.

Unfortunately, that’s no longer something we can take for granted. JPMorgan Chase customers recently discovered this when the financial giant admitted that hackers stole information on 80 million customers, including checking and savings account details. Even worse, the hack was going on for two months before JPMorgan even noticed anything was amiss. That’s not very comforting.

There’s no way for you to prevent a data breach from occurring at a company that has your business. You can, however, make sure your accounts are secure from other forms of attack.

Here are my top methods to maintain safe and secure online accounts.

1. Lock down your password

Good password security is one of the easiest methods to protect your account from hackers.

A strong password – 8 or more characters with upper-case characters, lower-case characters, numbers and symbols in a random order – is very hard for hackers to break.

Of course, you need to create a unique password for every account. That way, if a hacker gets one of your passwords in a data breach, they can’t immediately get into your other accounts.

While you’re making your passwords strong, don’t forget to beef up your security questions, too. A strong password is worthless if a hacker can answer your security question after a quick trip to Facebook.

2. Secure your connection

When logging into a sensitive account, the best place to do it is at home. I’m assuming here that you’ve followed my other security tips about securing your network and making sure your computer doesn’t have a data-stealing virus.

Of course, in an emergency you might need to connect to a sensitive account on the go. For banking, best to use your bank’s app and a cellular connection.

If you have to use Wi-Fi, add extra security with a Virtual Private Network. This creates a secure, encrypted link with a third-party server and you access your sites through that link.

It’s an extra level of protection that hackers shouldn’t be able to crack. On a laptop, CyberGhost is a good option. For a tablet or smartphone, check out Hotspot Shield VPN or avast! SecureLine VPN.

Know that VPNs do slow down your Internet speed. Turn them off for streaming videos or general browsing.

3. Set up account alerts

Many banks will automatically send you text alerts when purchases or withdrawals on your card exceed an amount that you specify. Check your credit cards and other accounts for similar options.

There’s also something called two-step verification, or two-factor authentication, offered by many online accounts. This is great. In order to log in from an unfamiliar device or location, you need a password and a code from a separate email account or smartphone text.

It takes just a few minutes and can save you a bunch of time and hassles.

While on the subject of two-factor authentication, some banks now feature an embedded chip that generates a new pass code for every use. Ask your financial institution if it offers cards with Chip Authentication Program (CAP) or Dynamic Passcode Authentication (DPA) technology. They don’t advertise this. You have to know to ask.

4. Avoid phishing scams

Even if a hacker doesn’t get your credit card information or account number, they usually get the next best thing: Your name and email address.

That’s exactly what they need to launch a phishing attack. A popular type of phishing attack is a fake email claiming to be from a real company that asks you to click on a link or download an attachment.

Thanks to data breaches, hackers know exactly what companies you use. You might get an email claiming to be from JPMorgan Chase telling you that your account has a problem and you need to click a link or download a file for more details.

Of course, the link will take you to a malicious site disguised as a Chase page, or the email attachment will contain a data-stealing virus. Either way, hackers can get your username and password, or other sensitive information.

Remember, no legitimate company will ask you to click a link or download an email attachment to update your account details.

5. Be vigilant

The best way to make sure your online banking account, or any other account, stays safe is to pay attention. Catching small problems early can prevent hackers from making bigger ones later. Here’s why.

In the cybercriminal world there’s a term, “fullz.” A fullz is all the information a thief needs to assume the identity of someone else and apply for credit under their name.

When hackers get your fullz, they often group it with fullz from other people and sell the whole package online.

After buying a fullz, a criminal will test the waters. They place a few small-scale purchases using your account details. If you don’t take any action, they continue making small purchases until they’ve earned the amount they paid for your “fullz” and then some.

Finally, the criminal will max out your card or drain your account without a second thought. How do you stop this? Watch your accounts. If you notice a strange transaction, immediately call your bank or credit card company. Better to err on the side of caution.

E-mail Kim Komando at techcomments@usatoday.com.

TribLIVE commenting policy

You are solely responsible for your comments and by using TribLive.com you agree to our Terms of Service.

We moderate comments. Our goal is to provide substantive commentary for a general readership. By screening submissions, we provide a space where readers can share intelligent and informed commentary that enhances the quality of our news and information.

While most comments will be posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. Because of the volume of reader comments, we cannot review individual moderation decisions with readers.

We value thoughtful comments representing a range of views that make their point quickly and politely. We make an effort to protect discussions from repeated comments either by the same reader or different readers

We follow the same standards for taste as the daily newspaper. A few things we won't tolerate: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes), commercial promotion, impersonations, incoherence, proselytizing and SHOUTING. Don't include URLs to Web sites.

We do not edit comments. They are either approved or deleted. We reserve the right to edit a comment that is quoted or excerpted in an article. In this case, we may fix spelling and punctuation.

We welcome strong opinions and criticism of our work, but we don't want comments to become bogged down with discussions of our policies and we will moderate accordingly.

We appreciate it when readers and people quoted in articles or blog posts point out errors of fact or emphasis and will investigate all assertions. But these suggestions should be sent via e-mail. To avoid distracting other readers, we won't publish comments that suggest a correction. Instead, corrections will be made in a blog post or in an article.