The average modern person has a lot of financial assets to take care of. From bank accounts and online payment methods, to credit cards, loans, investments, cryptocurrencies, and so much more. And it should go without saying that dishonest people have been keeping a careful eye on this situation for some time now. We’ve seen the rise of various new methods of stealing people’s money, and unfortunately we’re likely only seeing the tip of the iceberg too.
With that in mind, it’s more important than ever to pay attention to the security of your financial assets, and ensure that you always know what’s going on with them at any given moment. While there are many possible sides that you can get attacked from, there are also some fundamental things that you could do to minimize the chance of getting hit in any of those areas.
Common Security Holes
Many people get compromised because they’re lazy about their passwords. Sure, using the same password for all of your accounts is simple and means you don’t have to remember that many random numbers and letters. But it also means that it only takes one compromised account among the dozens you have for all of them to become wide open.
That’s exactly what many hackers are banking on – they attack smaller, less secure sites, extract their database of usernames and passwords, and then attempt to reuse the same combinations in more popular services.
Scams are also very prevalent these days, especially online. It’s sad, because the original intention of the internet was to bring us closer together and promote the sharing of information. However, the reality at the moment is quite different from that. You should be wary towards any stranger online by default. In fact, you should even be wary towards people you know.
A common scam is to hack someone’s e-mail and send a message to all of their contacts, claiming that they have an emergency and need a couple hundred dollars to pull through. Even if just a few people respond, the hacker can make off with thousands before anyone realizes what’s going on.
Be careful if you’re currently paying off a loan as well. Some scammers might try to pose as legitimate lenders to fish for information from their customers.
Passwords are quickly becoming obsolete for various reasons. We already explained one of the main ones above, but there’s more. It’s theorized that the development of proper quantum computers will eventually render all current encryption modes insecure – and we may not be that far off from that moment either.
That’s why many companies are starting to adopt the idea of 2-factor authentication. The basic concept is that after logging in with your standard password, you have to confirm your login through some additional method. It may be a code you receive via e-mail or SMS, or even something displayed on a dedicated physical device. It’s a good idea to explore this option on all your accounts that support it. In fact, some companies have already started to enforce it as a mandatory policy, especially in the banking sector. And this will probably become a common trend in the very near future.
Social engineering is an advanced form of scamming that relies on tricking you in more complex ways than simply lying to you. For example, someone might call you pretending to be from the tax authorities, claiming that you’re being investigated for tax evasion. Conveniently, you can pay a fee to have the whole thing go away. Another example is a call from your bank alerting you of an issue with your account, and asking you to confirm your password so that they know it’s really you.
First, tax authorities always communicate by post when there’s an issue. They will also never ask you to pay any fee without sending you a detailed letter outlining what’s wrong. Second, your bank – or any other account provider – will never, ever have a valid reason to ask you for your password. No employee at those institutions should ever need it.
But in both of those cases you feel pressured to give up the information that’s being asked of you, because the potential consequences of refusing could be very damaging. That’s the whole point of social engineering in a nutshell – to put enough pressure on you so that you can’t think straight, and push you into making a hasty decision.
If you do get compromised, know what you can do to minimize the damage. Have the number of your bank’s fraud department handy and be ready to call them to freeze your accounts. Have a backup phone or e-mail to verify your identity additionally if you get compromised, so you can take your accounts back and have priority over the attacker.
Most of all though, practice staying calm. It might sound like silly advice given its non-technical nature, but the problem with most people in these situations is that they tend to panic and make stupid mistakes that could have been avoided otherwise. Don’t rush into any decisions – remember what we said above about social engineers and pressure.