The amount of data you share online could make you target for cybercriminals. We’ve talked before about how to spot a fraudulent email and common scam tactics that con-artists use to attempt to trick you into handing over personal information. Though with the sheer amount of data breaches that occur every year, sometimes your information is compromised before you even realize it.
What steps can you actively take to safeguard your information?
One trend that has emerged from recent data breaches is a significant increase in an attack called credential stuffing. Basically, a cybercriminal acquires a large number of usernames and passwords from a data breach. The criminal then tries to use the login information they’ve stolen to fraudulently gain access to your accounts on multiple websites.
A common result of credential stuffing is an account being locked out. The attacker may have the correct username but incorrect password, attempting the combination until the account locks for security purposes.
So why would a criminal want access to your online shopping history or bill payment accounts? Well, in the case of an online retailer, think about the information you store on your digital account with them: Your name, address, phone number, credit card information, transaction history, and more. Cybercriminals might use this information to attempt to make purchases on your account or on another website.
If you hear that a large-scale data breach occurred at a company that you frequently shop at or use for your email account, change the username and password for your account right away. You’ll probably be contacted by the company soon and asked to do the same thing anyway. And don’t use a similar password or the same login information that you use elsewhere. While it might be convenient to use the same username and password for multiple online accounts, it also increases the chances of many of your accounts being compromised at the same time.
Quick Tip: Set a reminder every few months to review your online accounts. Consider changing your passwords at the same time.
Check the account, privacy, or security settings on your frequently used online accounts and see if there is an option to add multi-factor authentication. When you add this extra layer of security, you’ll be asked to enter an authentication code as part of the account log in process. This code is usually sent to you via text, email, or within an authenticator app.
Authenticator apps are considered a more secure form of two-factor security than using text or email (though any option is better than using nothing). Google Authenticator and Microsoft Authenticator are two popular, free apps that you can download on the App Store or on Google Play.
After you choose an authenticator app that’s compatible with your online account, you’ll need to enable multi-factor authentication through your account security settings. Pick authenticator app as your preferred method of authentication and follow the steps to add your account to your authenticator app. Each time you log in to your accounts, the app will generate a new, unique code that you’ll need to enter. This option only adds a few seconds to the login process, but it can add an important layer of security to your accounts.
Quick Tip: Never share your authentication codes with anyone. These codes are unique to you and your accounts. No legitimate company will ever ask you to share an authentication code.
Taking a few additional security measures when shopping online or managing your online accounts can make a big difference in keeping your information safe. Check out a few additional tips from the Lake Trust Security Team on how to keep your online accounts and information secure:
Be Unique. Use a unique username and avoid using your email addresses or account number, if possible.
Stay Strong. Use a strong, unique password with a minimum of 10 characters. Mix the type of characters, numbers, and special symbols.
Get A Password Manager. Consider the use of a password manager. Password managers can help create and maintain strong passwords, and some even come with alerts to let you know when you should change your password.
Be On Alert. Enable login notifications via text message or email to monitor for suspicious account activity.
Double Security. Enable multi-factor authentication, especially on critical accounts like your email and social media accounts. This extra step to log in often thwarts attackers who successfully obtain both the correct username and password.
Keep A Secret. NEVER give out your Online Banking or other account login information. There is no reason for anyone other than you to have your login credentials. This includes your business accounts.
Be Our Guest. When shopping online, checkout as a guest (especially if you don’t shop at the site very often). Use your digital wallet to make purchases.
Remember that we’re always here to answer your questions about account security. If you find yourself unexpectedly locked out of your Online Banking account, please call us immediately at 888.267.7200.