“Cyber thieves are using social media profiles to gather personal information and use it to commit fraud,” said Doug Johnson, ABA’s senior vice president of payments and cybersecurity policy. “It’s extremely important that consumers limit the amount of information they share online and stay away from using easily retrieved information — such as birthdates, pet’s names or school mascots — as answers to security questions.”
ABA is offering the following tips to help consumers safeguard their information online:
- Keep your computers and mobile devices up to date. Having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats. Turn on automatic updates so you receive the newest fixes as they become available.
- Set strong passwords. A strong password is at least eight characters in length and includes a mix of upper and lowercase letters, numbers, and special characters.
- Watch out for phishing scams. Phishing scams use fraudulent emails and websites to trick users into disclosing private account or login information. Do not click on links or open any attachments or pop-up screens from sources you are not familiar with.
- Forward phishing emails to the Federal Trade Commission (FTC) at firstname.lastname@example.org – and to the company, bank, or organization impersonated in the email.
- Keep personal information personal. Hackers can use social media profiles to figure out your passwords and answer those security questions in the password reset tools. Lock down your privacy settings and avoid posting things like birthdays, addresses, mother’s maiden name, etc. Be wary of requests to connect from people you do not know.
- Secure your internet connection. Always protect your home wireless network with a password. When connecting to public Wi-Fi networks, be cautious about what information you are sending over it.
- Shop safely. Before shopping online, make sure the website uses secure technology. When you are at the checkout screen, verify that the web address begins with https. Also, check to see if a tiny locked padlock symbol appears on the page.