We’re all aware of the horror stories – data being held hostage by ransomware, workstations and laptops locked up and stolen user IDs and passwords, along with actual funds stolen from bank accounts and credit cards. The media is full of data breach and identity theft headlines. This leads us to the obvious question – how to best protect oneself?
Before we get started, let’s make sure we’re talking about the right problem. A majority of what is now called identity theft used to be known as garden variety credit card fraud or bank fraud. With the almost universal use of credit cards, debit cards, and electronic funds transfers (EFT, also known as ACH), if you are active in the world (not even necessarily online), your information is already out there. Just the act of writing someone a check puts your bank, bank account number, and routing number into many people’s hands – and if your name and address are printed on the check, then potential scammers have all the information they need to possibly access your bank account.
This knowledge can help us set out a few good practices to help prevent becoming a victim of cyber scammers. First, develop and practice the habit of paying attention to your financial information. This means reviewing your bank accounts, credit card accounts, credit score, mortgage accounts, brokerage accounts, and vendor accounts (telephone, gas, electric, etc.) on a regular basis. This means at least monthly for most accounts, perhaps more frequently for bank and brokerage accounts. A regular review will give you a sense of what should be happening in each account and make you aware of any unusual activity right away. Then make sure you take action immediately on anything out of the ordinary that shows up.
Second – Your experiences when dealing with issues when they occur will undoubtedly lead straight to our second point – choose your vendors and institutions wisely. Doing business with entities that have more to lose from a data breach than you do can provide a significant backdrop to your good cyber health practices. Most major banks and credit card providers make it easy to initiate a claim for fraudulent activity through their web site. If you encounter difficulties resolving an issue, it may be time to look for another institution.
Third – practice good internet hygiene. This means never clicking on a popup, never clicking a link in an email from someone you don’t know – even if it looks like it came from your bank or credit card company, and verify, verify, verify. If you do click on a link, check the address in your browser’s address bar. Banks, credit card companies, and reputable vendors, typically use an address that begins with ‘https:’ instead of ‘http:’. Note the added ‘s’. If the address isn’t familiar and/or does not begin with ‘https:’, leave that page and close your browser immediately.
Finally, at least for this post, be cognizant of where you connect to WiFi. We’ve written extensively elsewhere about setting up your home and/or office with appropriate firewalls and installing antivirus protection on your laptops and workstations. The attraction of sitting in a coffee shop and connecting to your bank can be pretty enticing, but be careful. Public WiFi, without the added security of a good VPN, can be a bit too public and will most likely be operating without any firewalls or other protection. So our recommendation would be to save interactions requiring the exchange of personal information for locations where you are more assured of appropriate safeguards.
One last word – most viral warnings, such as the one we all saw in early 2020 regarding writing out all 4 digits of the year to avoid various types of unscrupulous behavior, are not meaningful. You can easily check on whether you need to pay attention by doing a bit of research – don’t fall for what is sometimes called ‘security theatre’ – the appearance of doing something to keep your information safe, but doesn’t really help and distracts you from the real threats you need to address.
Whether you are a business, individual, or non-profit, the Czar Beer team can outline specific steps you should take to minimize fraud and secure your business’ from. Contact us at firstname.lastname@example.org to share your comments on this article and more.