In a previous post, we discussed the importance of evaluating a fintech app’s security measures in order to protect your digital assets from hackers and unauthorized access. In this article, we’ll delve into actionable steps you can take to further enhance your security and protect your personal information. Many of these steps you may have heard of before or are already using, but repetition is the mother of learning. We are all susceptible to getting comfortable in our day-to-day lives, so mentioning these security measures again can serve as a reminder that security practices are an on-going and always changing discipline. That said, it may be prudent and worthwhile to regularly audit your own security protocols to ensure your personal information and digital assets are protected.
1 Create Robust Passwords
Ensure your account password is secure by creating a strong, unique password for your account by combining letters, numbers, and symbols. Regularly update your passwords and avoid using the same one for multiple applications. This simple action can go a long way in protecting your digital assets.
2 Enable Two-Factor Authentication
Two-factor authentication provides an extra layer of protection against unauthorized access by requiring users to provide two pieces of information during login, such as a password and a secondary authentication factor (e.g., a PIN, biometric data such as a fingerprint and/or Face ID, or a code delivered via email, text message, or authentication app such as Google Authenticator). Activating this feature is a crucial step towards securing your personal information and digital assets.
3 Steer Clear of Public Wi-Fi Networks
Using public Wi-Fi networks to access your financial assets is a risky move, as these networks are often unsecure and easily susceptible to hacking. Refrain from accessing your financial assets through public Wi-Fi! Instead, opt for your mobile data plan when you’re on-the-go to help secure your digital assets.
4 Exercise Caution with Links
Be mindful when clicking on links in emails, text messages, or on suspicious websites – even if you’re using a VPN. Virtual Private Networks (VPNs) may not provide the level of security many users believe they do, especially when it comes to protecting against malicious links. VPNs do not scan links for malicious code, leaving you vulnerable if you’re not cautious. A lot of people think they can do whatever they want because they have a VPN on and active, but the VPN only prevents sniffing of traffic. Sniffing of internet traffic is the act of intercepting and monitoring internet traffic on a network. VPN’s do not protect you at the endpoint, which would be the link you click. Cybercriminals often use fake links to steal personal information, so only click on links from trusted sources. An example of a common scam can be viewed below. Notice how the URL is not that of an official branded entity.
5 Watch Out For and Protect Against Impostor Scams
Impostor scams are becoming increasingly common, with fraudsters and bad actors posing as reputable companies to trick users into sharing personal information including passwords, account numbers, and banking details. To protect yourself, be vigilant when checking email addresses and website URLs, and avoid providing sensitive information over the phone unless you’re certain you’re speaking with a legitimate organization. Remember, most financial institutions will rarely if ever ask for your password or account number via email. Oftentimes, cybercriminals create emails or websites that appear to be reputable and legitimate companies, but in actuality are fake. You may be prompted to provide account information, like your email, password, or account number. But these fake emails and websites may simply steal your information.
So what can help protect you from Impostor scams?
Here’s a quick checklist:
- Is the email domain from the domain they identify as? For example, a legitimate organization or business will only contact you from official branded domains such as …@legitimatecorp.com. Always check the domain of the sender’s email address.
- Before logging onto a site, double-check the specific domain to see what appears in the address bar.
- Use the customer service numbers or email addresses listed in official invoices, account statements, or legitimate websites to confirm if the legitimate business entity is trying to reach you.
- Avoid providing sensitive information over the phone unless you’re absolutely positive you’re talking to a legitimate organization. It is always better to err on the side of caution rather than assume.
- Do NOT make payments or send money to someone whose identity you’re not able to verify.
6 Keep Your Software Up-to-Date
Regularly install the latest updates for your device’s software to protect against malware and other online threats. Some updates are specifically designed to enhance user security, making it crucial to keep your devices updated.
7 Monitor Your Online Accounts
Regularly review your account activity and set up alerts for any unusual transactions or changes. This proactive approach can help you identify potential security issues early on and take necessary action.
Securing your digital assets and personal information while using fintech apps is essential to protect yourself from hackers and unauthorized personnel. By following these steps, such as creating strong, unique passwords, enabling two-factor authentication, and avoiding public Wi-Fi networks, you may significantly reduce the risk of falling victim to cybercriminals. Always exercise caution when clicking on links and be vigilant when identifying potential impostor scams. Finally, keep your device software up-to-date and monitor your online accounts to ensure your digital assets remain protected and secure. Our next installment in this Security series will be covering how to navigate the decentralized web, more commonly referred to as “Web3” and what steps you need to take to ensure your digital assets and personal information are protected and secure in a more technical environment.