In our previous post, we emphasized the importance of monitoring your credit to make sure no one is opening an account in your name without your knowledge. However, opening new fraudulent accounts is not the only way identity theft can occur. Fraudsters will also target existing accounts. How can we protect our existing information? How can we avoid behaviors that make our information easier to steal? We have compiled four action steps for you to consider in making sure your information is secure.
1) Check account statements regularly and establish credit card notification
This tip is so simple that it almost seems unnecessary to mention. However, its importance cannot be understated. Check banking/credit card statements regularly. We should check them at least monthly to verify that someone in our household made the transactions shown on our bank statements and credit card statements. If we see anything amiss, we should contact our bank or credit card company immediately, and they will help resolve the issue.
Failing to check banking/credit card statements regularly leaves us at a greater risk of identity theft. If we fail to notice a fraudulent charge on an account, we are at greater risk of additional, more expensive, fraudulent charges in the future.
On a recent trip to Europe, one of our team members experienced a fraudulent charge on their credit card. If they had not set up their credit card app to notify them each time a purchase was made, the charge might have gone unnoticed until their return to the United States, and a hacker could have potentially made more expensive purchases. The ability to act fast when fraudulent purchases happen can help limit liability when unauthorized charges occur. It goes to show that while technology can open us up to the threat of identity theft, it also provides tremendous tools for swift detection and prevention.
2) Password Managers
Many people use bad passwords. Some people still use the phrases “password,” “12345,” and “qwerty” on some of their more sensitive accounts. Using simple or identical passwords for multiple accounts means a hacker is more likely to obtain a good deal of our confidential information if they only have to figure out one password.
Do you know what the most critical factor is for a secure password? Length! Passwords should be no shorter than 15 characters, if possible. Other critical factors in creating a secure password include using a mix of characters, avoiding common substitutions (i.e., HOUSE becomes H0U53), and avoiding memorable keyboard paths (i.e., a sequence on the keyboard such as “qwerty”). 
We realize that password management is complex, cumbersome, and plain awful if you must manage it yourself. Use a password manager! Story Capital uses LastPass, but there are many password managers to choose from, and we strongly encourage you to use one too. 
A password manager saves passwords in a secure manner that is easily accessible while maintaining the security of our information. Most will also generate secure passwords. They take the guess work out of remembering our own passwords and supply us with unique, secure passwords that we do not have to commit to memory. This is well worth it for ease of use alone!
We cannot stress the importance of strong passwords enough. According to the 2019 Verizon Data Breach Investigations Report lauded by security professionals, “80% of hacking-related breaches still [involve] compromised and weak credentials.”
3) Protect Wi-Fi Networks
When in public, it’s tempting to search for and use the free Wi-Fi at whatever coffee shop, restaurant, airport, or gym we use. But we should use a hotspot on our phones if we are able. Most smartphones have a built-in mobile hotspot and Google provides an excellent definition: “You can use your phone’s mobile data to connect another phone, tablet, or computer to the internet. Sharing a connection this way is called tethering or using a hotspot.”  If we use your smartphone’s hotspot feature, we should always utilize a secure password to join the network so other people cannot join.
When at home, we should also make sure we set up a secure Wi-Fi password, especially if we utilize a home security system or personal assistant devices connected to our Wi-Fi.
Additionally, we at Story Capital have heard a lot of talk recently around Virtual Private Networks (VPNs). A VPN adds an extra level of security to your internet access. It allows for encrypted data transfer between devices, hides or changes an IP address, and will mask location. Often, VPNs are paid services, but they are worth the cost if we must transfer data and do not already have an encrypted method of doing so.
4) Avoid Phishing Scams
Some of the most insidious hacking comes from phishing scams. Many of us have been targeted in a phishing scam either over the phone, via email, or text message. According to the Federal Trade Commission, “scammers launch thousands of phishing attacks […] every day – and they’re often successful.”
What should we know about phishing so that we do not fall into a trap?
Phishing emails and text messages often look like they come from a company or person you know or trust. They could pose as your bank, your boss, a social networking site, or an online store. They commonly tell a similar story: they’ve noticed suspicious activity in our account, or they claim there’s a problem with our payment information, and on occasion, they include a fake invoice, they want us to click a link to make a payment, etc.
Here are some tips to detecting phishing:
- Read emails thoroughly before opening attachments. If it looks like it’s from someone you know, but you weren’t expecting it, give them a call and ask if they sent it.
- Hover over links in emails to see if the link makes sense. View this image as an example: If the URL doesn’t match when you hover over a link, it is likely a phishing scam. Do not click on links like this!
- Watch out for additions to what appears to be a legitimate email address or website. Hackers commonly add characters before “.com” to try and appear legitimate. Read the following for a more in-depth discussion on spotting a fake website: https://www.asecurelife.com/how-to-spot-a-fake-website/
In summary, at Story Capital, we care deeply about the security of your information and ours. In a world so dominated by technology, we must be vigilant in protecting our information. We encourage our clients to ask questions about online security. Your trust in us as responsible stewards of your information is vital to our business and the lives of our clients.