A nice gentleman from Nigeria recently sent us a fantastic offer. All we had to do was verify some of our bank information and he promised to share a few million dollars with us. What a generous soul!
OK, so most of us wouldn't fall for that old scam, but are you diligent about managing your banking information? Are you one of the few who actually balances their checkbook every month? It's an important question since fraud in the United States continues to be a big problem, with the Federal Trade Commission reporting more than 1 million consumer complaints in 2010 alone [source: FTC].
Criminals are always trying to think up new ways to get at your cash, so the more you know, the better. First of all, think of the types of information thieves might want and learn how to protect that information. For example, think of your PIN (personal identification number) that acts as a security key for many accounts. Do you have it memorized? Great, but is that number recorded anywhere else? What about all the places your account number, passwords, or even your bank statements show up?
It can be disheartening to think of all the ways you could be robbed in this age of computer banking, but that doesn't mean you need to be an easy target. PINs, account numbers, passwords, tax records and bank statements are increasingly stored on home computers. Protecting this information could mean the difference between a safe and secure financial life, and months or years spent dealing with the aftermath of identity theft. Fortunately for you, there are some concrete things you can do to prevent becoming an easy target to would-be thieves.
Join us as we navigate the sometimes confusing, but often common-sense world of banking information security.
Think for a minute about the kinds of banking information you store on your personal computer. Then think of the exposure you would face if the wrong person got their hands on that information. Not fun.
Even when your computer is not logged into the Internet, you could still be vulnerable. Laptops can be stolen, and computers can be accessed by anyone who happens to be in the room. That doesn't mean there's any reason to make things easy for them.
One simple way to prevent casual exposure of information is to keep your computer locked when you're not using it. Most operating systems have this feature. On shared computers, make sure you always log off and that your files are accessible to you alone.
That will prevent theft by people with easy access to your computer. But if your laptop gets stolen, the thief could very well find his or her way past that lock password. What then? For a major step up in security, you can encrypt your sensitive documents. Even if someone steals your computer, they'll have a hard time unlocking encrypted files.
More robust operating systems, like Vista Ultimate, include BitLocker, which can lock down your data. It takes some work on your part to set up, but it can protect your entire hard drive [source: Trapani]. Mac OSX users have FileVault, which can protect individual folders. Other third-party systems are also available for both Mac and Windows systems. Note that BitLocker requires a physical device that you need to plug into a USB port on your computer to even gain access to your hard drive. Pretty secure, but if you're the type that's always searching for your keys, it's probably not the best solution for you.
If you have an operating system like Vista Ultimate, you should also be able to individually encrypt folders by going into Windows Explorer, right-clicking the folder to encrypt and selecting the option for "Properties." Under "Advanced" in the "General" tab, select the checkbox for "Encrypt Contents to Secure Data" [source: Cook].
For most people, 128-bit encryption should be good enough, but if you're the paranoid type, you might be comforted to know that 256-bit encryption is enough to make the United States government comfortable with its Top Secret data [source: NSA]. Later on, we'll look at some third-party tools to protect your sensitive financial documents.
Remember that old warning about never sending an e-mail that you wouldn't want the world (or your mother) to read? Information too easily goes astray or ends up where you didn't intend. It's bad enough when you hit the reply-all button by accident, but when criminals are laying digital traps for you online, the risks are far worse.
Fortunately, you can minimize the risks you take when you bank online, and these days most banks don't hold you liable for any of the losses if you've taken a reasonable degree of caution with your account. Let's go over some of the things you can do to make sure that you're a low-risk customer.
Be creative with your passwords. Using "MyThreeKids" as your password may show that you love your children, but your kids may not love you as much when you don't have any money left in your account come Christmas. Make your password memorable to you, but difficult (ideally impossible) for others to guess [source: Durgahee].
Avoid phishing scams by looking for signs of a secure Web site. Before plunking down your credit or debit card information, check to see if the checkout process of the Web site has a URL that starts with "https." Some browsers also include a lock or key icon to show that a Web site is secure. Always check the address to see if it matches what it should be, especially if you clicked on something in an e-mail or other unusual place to get to that page.
Lastly, you might think of firewalls as something only a company would want, but a relatively inexpensive personal firewall can add needed protection for your computer.
Are you one of the growing groups of people who love the convenience of online transactions? Or are you among those who still aren't convinced it's a safe thing to do? Security of your banking information online is one of the most pervasive reasons people prefer cash, but it's getting more and more difficult to conduct business outside of your own neighborhood without giving in to the pressure to go digital.
In the constant battle with cybercriminals, there are some new weapons in the consumer's arsenal you might want to take a look at.
Besides using up-to-date browsers, which offer better encryption of secure transactions, a new push for something called federated identity is taking shape. Spearheaded by the National Institute for Standards and Technology, this plan would have you sign on once securely, and then use those credentials to move from one account to another without the need to log in a multitude of times. Because this approach requires participating entities to use standardized practices to function properly, the technology and protocols are not quite mature. Watch for it to gain momentum in the next year or two.
Another technique is to use single-use passwords, which change automatically every time you use them. Sounds like a pain, doesn't it? It's not quite as bad as it sounds, but like all new things, it takes a little getting used to. It requires that users have a random password generator similar to the ones that have been used for corporate security for years.
Not quite as confusing as an ever-changing password is something called out-of-band verification, which is a fancy way of saying you'll be getting a phone call or text message to confirm a transaction. That makes it a lot more complicated for any criminal to get away with your money undetected.
And don't forget about password managers. Using a single high-quality password is digital suicide and could open you up to identity theft. Find a password manager that fits your lifestyle. Stand-alone versions install on your personal computer and can even fill in forms for you. Others, like LastPass (freeware) and RoboForm, offer cloud-based and mobile password management services.
Expect to shell out $20-30 for a decent password manager. That's a small price to pay, considering what you're securing, but this security could haunt you if you forget your single password for the password manager itself.
Your banking information is precious. Taking the time and effort to protect it will save you a world of trouble and potentially serious financial losses in the future.