A Guide to Keeping Your Data Safe: Top 11 Cyber Security Tips
Got cyber security? Last year, Equifax, one of the big three credit reporting bureaus, disclosed that a data breach it discovered on July 29, 2017, may have exposed as many as 143 million U.S. consumers to the risk of identity theft. In March 2018, Equifax announced that another 2.4 million people had their data stolen in the same breach. Almost half the U.S. population has been affected. It’s considered one of the worst data breaches in U.S. history.
Cyber criminals entered the credit bureau’s system though a web-application vulnerability. One of the most frustrating aspects of this breach is that there was a patch available to solve the vulnerable aspect of the website. If Equifax had taken the necessary precautions before the breach, it could have been avoided.
According to the company, the security breach lasted about two months, but in that time the hackers were able to access millions of people’s names, Social Security numbers, birth dates, addresses and, for some, driver’s license and credit card numbers. And while most of us know basic internet security tips or cyber security tips, there’s a whole different host of issues when it comes to a data breach.
If you are worried you’ve been affected by the Equifax security breach, you can check their database to see if your information was affected. As we move forward in a world where more and more information lives online, it is increasingly important to protect your identity online. Here are 11 ways you can improve your cyber security and protect yourself from future data breaches.
1. Use the Federal Trade Commission’s Online Tools to Ascertain the Damage
As data security becomes more and more important, the government is getting involved. If you think, or know, that your identity has been stolen, check out the FTC’s website dedicated to cyber security protection, Identity Theft . They will help you troubleshoot ongoing issues, come up with a plan to protect your identity, and can help counsel you though this time.
The website offers advice for a range of situations, from those who were affected by the Equifax breach to people who just might suspect that someone has stolen their identity. They even offer options for reporting identity theft
2. Check Your Credit Report
Checking your credit report regularly is one of the simplest things you can do to protect your identity and financial security. Your credit report details all the information about your financial history, including credit card debt, student loans, missed payments and more.
Your credit report informs your credit score, so if there is a negative entry on your credit report, it could negatively impact your credit score. Your credit report and score can affect your ability to take out a new loan, rent a new apartment, lease a car, or even apply for some jobs.
You can request a free credit report from each of the three major credit reporting agencies, Equifax, Experian, and Transunion, by visiting AnnualCreditReport.com . While other sites make it possible to view your credit report for free online, AnnualCreditReport.com is the only website that can provide all three credit reports at no cost. Each report is available to you once a year at no cost.
When you receive your credit report, make sure all of the information is accurate. If you notice anything that is incorrect, make sure you report it to the credit bureaus and dispute any inaccurate information.
3. Don’t Access Important Financial Information Using an Unsecure Connection
Whether you’re traveling or just out of data, it can be tempting to log onto your Facebook or Gmail using public WiFi. But be careful—savvy hackers can set up honeypot WiFi networks that offer an adequate connection but will skim any data you send over the network.
Oftentimes, they won’t look any different than other public WiFi portals and will feature typical names like CompanyPlace or AirportXXX. They typically offer an average speed connection and as you log onto your personal accounts, whether to pay your credit card bill or check Instagram, the fake WiFi network will collect all the information you’re sending on their network. Only send personal information, including logins and passwords, over a secure WiFi connection.
4. Use Two-Factor Authentication
Take advantage of two-factor authentication or 2FA when possible. If a service offers two-factor authentication it means that it uses a two-step login process—by sending you a numerical code to your phone or email, using fingerprint ID, or identifying you via facial recognition.
Now 2FA is becoming so popular that some are taking it a step further than SMS texts with new authenticator apps like Google Authenticator, Authy, or Microsoft Authenticator. These apps offer an added level of protection in case someone hacks your smartphone’s SIM card, a growing problem when it comes to cyber security.
5. In Confirmed Identity Theft Cases, Place a Credit Freeze on Your Files
By placing a credit freeze or security freeze on your files, you can prevent a potential hacker from opening a new account in your name. The freeze restricts access to your credit report, which makes it difficult for a cyber criminal to open up any accounts. Freezing your credit does not affect your score.
However, it also means that you can’t open up any new accounts in your name as long as the freeze is in place. It also can complicate things like renting an apartment, applying for a job, or buying insurance. You can still technically do those things, but you’ll need to temporarily lift the freeze for a specific time or a specific party. Check with the credit reporting company in advance regarding cost and specific lead times.
It is a fairly involved process, as you’ll have to request a credit freeze with all three agencies, and it costs $5 to $10 . Also, it’s worth mentioning that a credit freeze doesn’t prevent a hacker from adding charges to your existing accounts.
6. If You’re Suspicious but Lack Proof, Consider Placing a Fraud Alert on Your File
This is a much easier option than placing a full credit freeze, as it only requires creditors to confirm your identity, rather than freezing all your credit in the future. It is a good step to take if you are concerned that someone might have been able to access your personal data.
7. Protect Your Passwords
The most basic step to protecting your online identity is setting unique passwords for all of your accounts. From Facebook to financial accounts, every single password should be different. Not only is it necessary to have a variety of different passwords, it’s also important to set passwords that are difficult to guess.
Avoid using common passwords like your pet’s name or an easy combination of numbers. If possible, try to avoid a password that can be linked to something from your own background. If your passwords are too similar to each other or rely heavily on personal information, a hacker who bought your information online might be able to easily deduce more of your passwords.
Password 101 includes using upper and lower-case letters, symbols, and numbers. Some hackers use what is called a “brute force attack,” where a computer program runs every possible combination of numbers and letters. The longer the password, the more difficult it is to crack. If you’re looking for a good way to diversify your passwords, one trick is to use significant historical dates. And even though you have quite a few passwords to check, it’s best practice to avoid saving all of your passwords in one place.
8. Monitor Your Existing Credit Card and Bank Accounts Closely for Unknown Charges
While it’s good practice to monitor your credit card and bank accounts to keep an eye on your spending, it is even more important if you are worried about a data security breach. Sometimes a scammer will start with a small, unassuming charge and then quickly escalate their spending when they feel that a person isn’t paying attention. Look for strange names and keep tabs on every single purchase, no matter how small.
9. Avoid Clicking on Sketchy Links
Phishing is the oldest trick in the book. It’s when an attacker pretends to be a reputable company or person to obtain sensitive information. This digital con usually promises things like a free cruise or money and can look authentic. Sometimes the message will even come from known contacts, friends, or companies you’re familiar with.
The best way to protect yourself against phishing attacks is to be skeptical of any unexpected messages. If it comes from a friend but it’s a different email address than normal or their tone is different somehow, take note. Then check with the apparent sender on a different platform to make sure they messaged you. If it’s a company, you obviously can’t check with a sender, but let’s be honest… why would someone send you free cruise tickets? Or offer you a free flight? If it sounds too good to be true, it probably is.
10. Lock Down Social Media Accounts
This might seem like a superfluous measure—if someone has your social security and your address, what more do they need? But heightening your privacy settings on your social media accounts can go a long way to protecting your data in the future. Hackers can use photos, comments, and more to learn about you, which could make it easier for them to hack your accounts.
Sometimes banks will you use random information about you (where your branch is located or when you first opened up an account) to ascertain that you are the right person. If someone has access to your social media profile, they could easily find that information. That’s why taking advantage of privacy settings is crucial.
11. Put a Password on Your Phone
This might sound basic, but having a password on your smartphone is one of the best ways to ensure your iPhone security. Nearly one in 10 iPhone users don’t put passcodes on their phones, while one in three Android users don’t use pins.
Your life is (likely) all on your phone. By failing to protect your smartphone, anyone with access to your phone, even for a short amount of time, can see your photos, videos, emails, and messages as well as compromising information like location data and financial info. When setting up an iPhone password, make sure it’s not something simple like 1234 or 1111. Just like a password for your other online accounts, your pin for your phone should be difficult to guess and not closely related to personal information.
About SoFi Money
SoFi Money® takes security seriously and has put stringent industry-standard safeguards in place to protect customer’s data. Additionally, SoFi Money offers SSL encryption, fraud protection, and once your money arrives at our partner banks, it is FDIC insurance up to $1.5 million.
Consider opening a SoFi Money cash management account which offers you the flexibility you need to pay your bills.
External Websites: The information and analysis provided through hyperlinks to third party websites, while believed to be accurate, cannot be guaranteed by SoFi. Links are provided for informational purposes and should not be viewed as an endorsement.
SoFi Money is a cash management account, which is a brokerage product, offered by SoFi Securities LLC, member FINRA / SIPC .
Neither SoFi nor its affiliates are a bank.
SoFi has partnered with Allpoint to provide consumers with ATM access at any of the 55,000+ ATMs within the Allpoint network. Consumers will not be charged a fee when using an in-network ATM, however, third party fees incurred when using out-of-network ATMs are not subject to reimbursement. SoFi’s ATM policies are subject to change at our discretion at any time.