If you’re an investor, you probably enjoy the convenience of managing your accounts online. But you’ll also want to make sure that you’re not making it convenient for hackers, “phishers” and others with bad intentions to gain the same access.
Fortunately, there’s a lot you can do to protect your privacy. Here are a few suggestions offered by the U.S. Securities and Exchange Commission:
• Use a strong password or passphrase. You’ll want to pick apassword that would be virtually impossible for anyone to guess, employing capital and lowercase letters, plus symbols and numbers. Of course, you’ll want to record the password in a secure place so you won’t forget it. Instead of using a password, you may have the option of choosing a passphrase, which contains a series of words strung together. You’ll want to avoid phrases taken from popular culture or that are otherwise commonly used. And it’s also a good idea not to use phrases containing your name, birthday or other personal identifiers.
• Use two-step authentication. If your investment company offers two-step, or multifactor, authentication, you’ll want to take advantage of it, since it’s a good security tool. When using two-step authentication, you’ll need to add an additional factor – such as your best friend from grade school or the model of the first car you owned, and so on – to your username and password. And when you log in to your account from an unrecognized computer, your investment firm may send you a code via text message or email, which you’ll need to enter to open your accounts.
• Activate your account alerts. When you turn on your account alerts, you’ll receive text messages or emails notifying you of certain activities, such as account logins, failed account login attempts, personal information changes, money transfers, adding or deleting of external financial accounts, and more. These alerts can help you monitor your accounts for fraud and verify your own moves, as well.
• Avoid using public computers to access investment accounts. If you’re at a hotel or library, try to avoid the temptation to use the computer to check in on your investments. But if you do use a public computer, at least take proper precautions. For starters, don’t leave data on a screen and walk away, even for a moment. And when you’re finished with the computer, log out of your account to end the online session. You may also want to change any password you used.
• Ignore suspicious links. Be suspicious of emails or text messages containing links claiming to be connected to your investment accounts. These links could take you to websites designed to solicit sensitive account information, which could then be used for financial or identity theft. Even if the link seems to be coming from a business you know, you’ll want to be quite cautious – experienced “phishers” can now create websites or online documents that look real. And keep in mind that legitimate investment firms will not ask you to divulge personal information without going through the password or two-step authentication protocols already described.
The ability to connect with your investment accounts online can be extremely useful to you – and you’ll feel more comfortable about these interactions if you know you’ve done all you can to safeguard your information.