E-Mail Article

Important legal information about the e-mail you will be sending. By using this service, you agree to input your real e-mail address and only send it to people you know. It is a violation of law in some jurisdictions to falsely identify yourself in an e-mail. All information you provide will be used by Fidelity solely for the purpose of sending the e-mail on your behalf. The subject line of the e-mail you send will be " "
Your e-mail has been sent

Add Top News to your third-party personal homepage (opens in new window).

rss feed

Add Top News manually to your RSS reader

Simple ways to secure your online banking

Knowing how to protect yourself against security threats is critical.

Simple ways to secure your online banking

The ability to access your financial accounts from mobile devices and computers offers incredible convenience. Transactions that once required driving to a bank or brokerage branch now involve little more than typing a password into a smartphone. But along with the convenience comes exposure to the risk that someone else could gain access to your personal data without your knowledge.

Still, while reports about online risks are fairly regular, performing financial transactions online is actually as safe as conducting them in person. All it takes is some fairly simple steps to help reduce your exposure to these risks. Below you’ll learn about the nature of the threats to the security of your financial information—and some of the most effective strategies for protecting it. “The strongest defense is an educated consumer who knows what to look for,” says Alexander Popowycz, vice president of information security at Fidelity.

Major threats to be aware of: phishing, malware, and identity theft

There are many ways that financial information can be compromised and techniques used by online criminals are constantly evolving. The majority of threats that online consumers face fall into a few basic categories. Here’s a look at a few of the most common, along with some steps you can take to help protect yourself from each.

Phishing Scams
When cyber criminals go “phishing,” consumers are the prey and fake Web sites and e-mails are the bait. Phishing typically works like this: A consumer receives an urgent e-mail, purportedly from his financial institution, often with a link that leads to a Web site where she or he is asked to enter information such as a password, Social Security number, or other sensitive information. The information is sent directly to criminals, who designed both the e-mail address and the Web site to mimic the bank’s online presence. “Criminals are becoming increasingly sophisticated at using phishing to elicit information from consumers,” says Popowycz.

protect yourselfHow to protect yourself

Be smart when conducting online transactions. To avoid being conned by a phishing scam, always verify the legitimacy of any Web site that asks you for personal information.

“One way to make sure you’re not being sent to a fraudulent Web site is to “manually type the address of the Web site you’re visiting into your browser’s address bar, instead of clicking on a link in the e-mail, or use a bookmark that you personally have created,” says Popowycz.

Urgent-sounding communications should raise a red flag. “Criminals create these scams to prey on consumers’ emotions,” says Popowycz. Use caution any time you receive a text message or e-mail telling you to immediately update your personal information, activate an account, or verify your identity. Rather than click on a link or call the number provided in the e-mail to verify the request, go to your institution’s Web site as you normally would, or call the company’s general customer service number to check the validity of the message. And be sure to delete e-mails coming from addresses that are unknown to you.

Computer programs intended to gather information or disrupt a computer’s normal functions are known as malicious software or malware. Your computer/device can contract malware by visiting unsecured Web sites or by opening attachments to e-mails sent by cybercriminals. “Many people lose their personal data, including passwords, to forms of malware like viruses and Trojan horses,” says Popowycz. “For example, when a consumer accesses financial accounts, the program might capture his or her ID and password used at login.”

protect yourselfHow to protect yourself

Keep your computer up to date. A computer with antivirus software, an operating system that is regularly updated, and a personal firewall provide protection from malware and other online threats. But it’s not enough to install an Internet security software package. You also need to download updates such as virus definitions for the software regularly so it is equipped to respond to the latest malware. Many applications let you set up automatic updates as well, but you should check to make sure your security subscription is up to date.

Install a firewall. At home you should only connect to your ISP through a network firewall. These firewalls are often integrated with other network gear like Wi-Fi routers. This not only helps protect your PC, but other devices on your home network, like printers and DVRs. For laptops and other mobile devices, consider using a software firewall. Security software generally includes a firewall as part of a suite along with antivirus. Check with your Internet service provider to see if it offers security software, sometimes at reduced prices, or even free.

Identity Theft
Once criminals gain access to a person’s personal information—whether it’s by phishing, malware, or simply by finding a lost wallet or looking over a shoulder—they often then use the information to set up new financial accounts. Identity theft is sometimes the result of criminals gaining access to information that’s not directly related to a person’s financial accounts. “Social media like Facebook and Twitter make things easier than ever for criminals, because there is so much personal information online,” says Popowycz. “Keeping financial information safe requires more than just secure online banking—it’s important to avoid spreading any personal information unnecessarily.”

protect yourselfHow to protect yourself

Don’t trust public computers. There’s usually no way to know if public computers, such as those in libraries or schools, are infected with malware or are lacking adequate protection. Avoid accessing financial accounts or making online purchases on such computers. “It’s always best to use a computer that you trust,” says Popowycz.

Public wireless networks are less problematic. They’re probably less secure than your home connection, but Popowycz says the risk is typically minimal. “Use discretion,” he advises. “ Generally your connection with your financial institution is encrypted, so it’s not essential for the wireless network to also be encrypted, but you should try to stick to Wi-Fi that is known to you rather than connecting to the nearest signal.”

Protect passwords. Everyone knows password protection is crucial. Still, it can be tempting to share passwords with loved ones or choose passwords that are easy to remember but not particularly secure. Popowycz cautions that the risk isn’t worth it. “Knowing a password makes it much easier for criminals to access an account, even if they have no other information,” says Popowycz. “And too often people use the same password for multiple accounts.”

Popowycz says that one of the best ways consumers can secure their accounts is to create a complex password and keep it to themselves. “Pick a creative password that’s easy for you to remember but difficult for anyone to guess,” he suggests. “And don’t use easy-to-guess digits like your date of birth, street address, or phone number.” One method he offers: “Think of a sentence that you can remember and use the first letter of each word in that sentence as your password.”

It’s also a good practice to change your passwords occasionally. If your financial institution does not require you to do so regularly, make up your own schedule. For instance, you might create a new password every year on a date that is memorable to you.

Review financial transactions regularly. The most common way criminals use stolen information is to make purchases online or by phone. Such transactions usually show up immediately in your account history. You can greatly minimize the damage from any incident of identity theft if you review your account regularly for unknown or unauthorized transactions, and then contact your financial institution immediately if you spot something suspicious.

A word about using mobile devices securely

While the steps described above will help secure any form of online banking, the growing popularity of using mobile devices for financial purposes presents unique security concerns. It might seem that smaller devices, with less computing power, would be more vulnerable to phishing, malware, and identity theft. But Popowycz says that’s not necessarily the case.

“Mobile devices can be more secure than laptops using Windows or Macintosh operating systems,” he says. “The systems on mobile devices tend to isolate applications from one another, reducing the exposure to malware.” He explains that computers with regular operating systems allow applications to interact, presenting opportunities for malware and other threats to infiltrate the machine, often embedding themselves into applications we use every day.

Still, consumers using their mobile devices for banking should consider the devices’ potential vulnerabilities. For example, their small size can make it easy to leave personal information unsecured. “It’s easy to simply lose them,” says Popowycz. In fact, a study by data protection firm CREDANT Technologies found that travelers at five of America’s busiest airports left 11,000 laptops, smartphones, tablets, and USB sticks at airport security in a single year. “If someone finds your device, they might be able to use the information on it to access your accounts,” says Popowycz.

One simple solution to reduce your risk: Engage your mobile device’s keypad lock function when you’re not using it.

The bottom line: Caution and vigilance is the best protection.

Beyond the specific safeguards and steps you should take when accessing personal information online, caution and vigilance may be your most effective form of protection. “If you are informed about the threats and you keep an eye out for messages and Web sites that appear suspicious, you’ll be much less likely to have your information compromised,” says Popowycz. Remember, you are not alone in facing these risks. Financial institutions undertake a lot of measures behind the scenes to make sure your online experience is safe and secure.

Next steps

Fidelity Brokerage Services LLC, Member NYSE, SIPC, 900 Salem Street, Smithfield, RI 02917



Share your thoughts about Fidelity Viewpoints.

 Related Links

 Related Articles