Don't be an Easy Target for Online Criminals

Unfortunately, cyber crime happens all too often. But with a few preventative steps, you can defend your identify from being compromised. Here are nine ways that you can safeguard yourself and your business from malicious online criminals.

1. Identify a reputable IT provider. Take the time to evaluate your IT needs and determine if it is best to hire someone full time or outsource your IT needs to a reputable firm. The goal is to find the right partner that is familiar and engaged with your IT system and needs, is up to date on the latest in IT security best practices and can help in the case of an incident. If you operate a small business and you have been compromised, consider having  your workstation(s) cleaned by a reputable technology provider.
2. Make a plan to regularly change your log in passwords. Create strong passwords using the first letters from a pass phrase, subbing in numbers and symbols. Remember that you should never give your password out, and don’t use the same password combination for email and other sensitive sites. Criminals use “cracking tools” to hack simple passwords or collect your credentials using key logger software. If you have trouble remembering your entire list of user IDs and passwords, consider Last Pass or other apps found on your smartphone.
3. Socially speaking…share with caution. If you Google search your name and the answers to your online banking secret challenge questions appear—“Mother’s maiden name,” “date of birth,” “hometown,” “pet’s name,” etc.—you should identify new security questions and consider limiting who can see and access your social media sites.
4. Avoid common webmail providers (Yahoo, Gmail, Comcast, etc.) for your primary business email and implement two-factor authentication. It is a bad idea to use a common webmail provider as your primary business domain because these providers are highly targeted as entry points into organizations. If you must use one of these common providers, it is important that you set up two-factor authentication. Two-factor authentication means that you will have a user ID and password AND you will set-up your accounts with options to have a separate PIN delivered to your cell phone. This article from the lifehacker site explains the two-step factor authentication process in detail and why it is important.
5. Keep your computer updated. It is not only important to keep the operating system for your computer updated, but this also extends to all installed components such as Oracle Java, Adobe Flash or Adobe Reader.
6. Validate web URLs, domains and emails. Crooks will often infiltrate suppliers and send requests to wire a payment to a foreign bank. It is important that you validate all emails containing hyperlinks, web addresses and attachments. In the case of a funds transfer or wire request, we highly recommend that you refrain from clicking on any links or attachments in the email and do not communicate through the initial email request. Instead we suggest that you pick up the phone and vet the validity of the request with your supplier contact and partner at a known number that you have on record.
7. Avoid clicking on website advertisements. Web ads are increasingly becoming an easy way for cyber criminals to lure in unsuspecting victims. Rather than clicking on a web ad, simply type the URL directly in to the address bar on your computer. Cyber criminals take out ads that can deploy malicious malware onto your workstation once you click on the link. Typically a business will implement a web filter to block malicious sites, but consider using it to block all web ads. Running NoScript software, limiting Javascript and ActiveX controls and blocking pop-up ads are all great considerations.
8. Keep security software up to date. While no program catches everything, keeping a layered defense strategy is a good idea. Spend time researching the product(s) that are the best for you and your computer security needs.

Remember, if you suspect that your account has already been compromised, you should immediately notify your banking partner so they can disable your online banking access and issue a fraud alert. Discuss with your financial advisor if you should close your compromised account(s) and reopen a new account(s).