Small businesses are becoming increasingly dependent on devices, services and applications that connect to the Internet such as smartphones, email, social media, and cloud computing services to increase efficiency and revenues. Through this dependency, firms become larger targets for cybercriminals looking to exploit technological vulnerabilities. As a result, it is important for small financial services firms to take proper cybersecurity measures to protect all computing devices, networks, and information to ensure their business data remains secure. At EsqWealth, we have in place an Information Technology Cybersecurity Policy as a formal set of rules by which people who are given access to the firm’s technology and information assets must abide.
You can take steps too to minimize the risk of being a victim of cybercrime. Global losses due to cybercrime climbed from $600 billion in 2018 to $1 trillion in 2020. That’s enough to make anyone concerned about the security of their financial accounts. But you don’t have to feel helpless against the threat of hackers. Below are some steps that should help limit your risk and keep your financial accounts safe.
Practice Good Password Hygiene
The right password is your first line of defense against hackers. Here’s how to choose one and remember it:
Use strong passwords. Hacking software often uses trial-and-error to crack a password, guessing combinations until it gets through to your account. Short passwords made up of common words and basic characters are the most vulnerable to this type of attack. So, be sure to create long passwords that are difficult to guess and include lowercase letters, uppercase letters, numbers, and special characters.
Don’t reuse passwords. Using the same password for multiple online accounts makes all your accounts less secure. If one of your accounts is breached, hackers can use a method called credential stuffing to break into other accounts that use the same log-in information. So, stick to a different password for each account, and change them every few months.
Manage passwords securely. When you commit to using a separate, strong password for each account, keeping track of your passwords can become a chore. And writing them down in a notebook isn’t secure enough. A dedicated software password manager can generate strong passwords for you and store them in secure, encrypted form.
Enable Two-Factor Authentication for Financial Accounts
A strong password is an important part of cyber safety. Still, it can become irrelevant if you unwittingly hand over your login information in a phishing attack or a hacker steals reams of account information in a major hack.
Two-factor authentication provides a second line of defense against hacks by requiring a password and additional information, such as the answer to a security question, a code sent via text message or authentication app on your phone, or biometric data, such as a fingerprint.
Find out whether your financial institution offers a two-factor authentication option and enable it if they do.
Record Fictitious Answers to Security Questions
Hackers may be able to find out more about you than you think—from the first street you lived on to your mother’s maiden name — especially if you have a social media presence. For that reason, it can be a good idea to log incorrect but memorable answers when you set up your security questions.
Be Skeptical of Unexpected Messages
Hackers will send various phishing emails that could purport to offer you a refund, invite you to try a new service, or even warn you that your account has been compromised. A link may then take you to an official-looking website where you are asked to “log into your account,” at which point fraudsters can steal your log-in info.
If you get an email or text message you didn’t expect that says it’s from your financial institution, be skeptical — especially if it directs you to click on a link. Always be sure you’re on your financial institution’s real website before entering your information. Check the website address against the one listed on your account statement. Even better, bookmark it and only visit the site through your bookmark.
Watch Out for Public Networks
Public networks — like the one at your local coffee shop — are less secure than your private network at home or work. Public networks are connected to devices you can’t trust and leave you more vulnerable to hackers. Go into the settings on your computer to disable “sharing and discovery” over public networks. Check the settings on your mobile devices to make sure that they aren’t automatically logging into public Wi-Fi networks.
While you can’t make your financial accounts 100% hacker-proof, these steps can help you drastically reduce the likelihood of a hack and limit the potential damage if your account is breached.
Sources:
https://www.nytimes.com/2022/03/05/your-money/cybersecurity-tips.html
https://www.wired.com/story/best-password-managers/
https://www.mcafee.com/enterprise/en-us/assets/reports/rp-hidden-costs-of-cybercrime.pdf