While they may not create the same kind of sensational spectacle as the in-person heists of bygone eras, cyber threats present a real risk to financial consumers today.
Whether you’re simply accessing conventional financial services through online access points or participating in more recently created cryptocurrency markets and exchanges, cybersecurity is a paramount component of financial health.
Traditional financial services and best practices for online safety
Many app-based and online banking platforms include highly convenient features for users, like mobile check deposits and the ability to quickly verify balances or transfer funds between accounts.
However, many banking customers have not adopted these digital platforms. McKinsey found that, in 2019, nearly half of American banking customers sparingly or never used mobile access methods.
Given the proliferation of social distancing guidelines due to COVID-19 and the general trend toward online banking, it stands to reason that there are many people who have only recently made the leap, or who have yet to do so.
For those who are new to online transactions, including accessing financial services like stock trading or retirement accounts, here are some best practices to keep in mind:
- Beware of phishing scams. Never hand over personal information to somebody who contacts you, even if they convincingly present themselves as a representative of your financial institution. Do not click suspicious links or download attachments from unsolicited emails.
- Practice good password hygiene. Never reuse your passwords. Instead, use a secure password manager like those built into popular web browsers or a standalone solution. Wherever possible, use a mixture of symbols and numerals as well as capital and lowercase letters. Do not use complete words or personal information like your date of birth.
- Only access your financial information over a secure network. Do not log onto your bank account over public Wi-Fi. Protect your home network with a password, and ensure it’s secured with WPA2 or WPA3.
- Make sure to set up automatic locking on your cellphone, and protect it with biometrics, a strong password and/or a pattern. This ensures that nobody else will be able to get into apps with sensitive information or critical financial permissions if they gain access to your phone.
- Use multifactor authentication whenever possible, preferably over a separate standalone app instead of through SMS PINs. Authenticating over SMS leaves you more vulnerable to SIM swapping, which we’ll discuss below.
Stay on guard against SIM swapping attacks, especially if you trade cryptocurrency
Many investors today are interested in the possibilities presented by the growing cryptocurrency markets. However, along with the advantages that come with this technology, new threats have emerged.
A VICE report from January 2020 found that personal information exfiltrated from Coinsquare, a popular Canadian cryptocurrency exchange, included phone numbers. The thieves claimed they intended to use this information for a SIM swapping attack.
By impersonating users, criminals with the right personal information may be able to trick mobile carriers into providing them with access to new SIM cards attached to the target’s phone number. This gives the hackers an edge to take over accounts associated with the targeted individual by using the phone number to receive SMS PINs that are frequently used in two-factor authentication.
The perpetrators behind this kind of attack may be especially interested in taking over SIM cards that belong to cryptocurrency market users.
To guard against these issues, CNET suggested that mobile users contact their carriers to associate a PIN with their wireless accounts. Additionally, using third-party authentication apps where possible, like Google Authenticator or Microsoft Authenticator, can help guard against this risk.
Learn more about how Total Defense can help keep your financial information secure today.