Cyber criminals continue to steal personal information at an alarming rate.
Large corporations such as Anthem, eBay, and Home Depot made headlines when their databases were hacked and confidential files of hundreds of millions of people were stolen. Even the IRS online “Get Transcript” service was breached despite a complex access process which is included several “out of wallet” security questions. “Out of wallet” refers to information that could not be accessed from a stolen wallet. These questions might include “what is your mother’s maiden name?” or “what elementary school did you attend?”. Despite extensive, and expensive, high security measures taken by corporations and the government, cyber thieves often succeed.
What you can do to protect yourself
Here are some suggestions from the experts.
- Passwords – A combination of upper and lowercase letters, numbers, and symbols (#%&() are better than a single word. Better yet, several easy to remember words separated by a period, dash, comma or underscore are even harder to crack. For instance: “stop-all-hackers-now”. Use your imagination!
- Review your existing security questions – Should you answer them correctly? It seems a good idea not to. Consider answering with incorrect information. The name of the street you grew up might be a street not located in your city. Your elementary school, one in another state you did not attend. Or, take the the Password approach, creating an answer to specific categories. An address might be a combination of elements of a street, zip code, city and state: 7819-Mapl-3689-wis. It’s important to make it something easy for you to remember.
- Test your password – Do an internet search for the password to be sure it is unique. Criminals use software that attempts many passwords, dictionary words and common number sequences.
- Never use the same password or security question for any other site.
- Revise passwords and answers to security questions periodically.
Follow the guidance from your custodians
Financial institutions and most organizations that register your confidential personal information should have security guidelines in their user agreements. It is recommended that you read and follow them exactly. If you follow their rules they will be obligated to reimburse you if you suffer a loss, even if they cannot successfully recover your assets. If you are in doubt about the effectiveness of your institution’s security, such as limiting the number of letters or not allowing special characters or numbers as part of a password, call them to discuss what you can do to increase your protection. If you don’t get a satisfactory answer, consider changing companies.
Remember, you must look out for yourself, first and foremost. Making the effort to do everything you can to secure your assets may at least give you some peace of mind, which is valuable in itself.
Charles Schwab & Co., Inc. has created a website called SchwabSafe where you can see what Schwab is doing to protect you and what steps you can take to protect yourself.