When it comes to internet safety, you’re probably already familiar with the basics. But as data breaches become more common, it is important to take advantage of newer security measures to help boost your privacy and safety. Multiple layers of security can help safeguard your information better than any one option, so consider these more sophisticated techniques to help protect yourself online and on your mobile device.
Use of biometrics
In recent years, biometrics have become increasingly present in everyday life. Fingerprint readers and facial identification have become common on smartphones and voice recognition software is at use in many homes in the form of smart speakers. Unlike written passwords, which can be used by anyone, biometrics are unique to you by nature: A fingerprint, for example, is difficult to duplicate.
Biometrics can even track how you interact with your devices (called “heuristics” or “behavioral biometrics”). Device usage, error patterns and signature analysis are just a few examples of this next-generation technology. When given the option, it may be wise to substitute a written password with biometric technology for stronger security. For example, Bank of America clients may be able to sign in to the Mobile Banking app1 using their fingerprint or Face ID, depending on their device.
Learn more about Mobile and Online Banking at Bank of America.
Two-factor authentication requires you to enter not only your username and password but also another piece of information such as a PIN or a one-time, time-sensitive code that is sent to your cell phone via text message. More websites, apps and webmail programs are offering two-factor authentication, and it is smart to opt in to get the extra layer of security.
Tip: Mobile smishing attacks—the text, or SMS, form of phishing—are on the rise, so it’s important to read every incoming text message carefully to ensure it’s not a scam. If you do get a text from a number you don’t recognize, don’t reply or click any links in the message; they may lead to malicious websites that could try to harvest your credentials and personal information. If you are the victim of a phishing scam, contact the alleged sender by other means to let them know about the issue and block any phone numbers that send you smishing messages. Many carriers allow you to report spam by forwarding the suspicious text message to 7726 (or SPAM), which can help eliminate spam messages for everyone.
More complex passwords
As identity theft continues to escalate, a strong, unique password is your first line of defense. Try to use more complex passwords that combine numbers, uppercase and lowercase letters, and symbols. Other best practices include:
- Don’t save your password in your browser. Saving it there or in your computer’s password management system can leave you vulnerable.
- Don’t share your password. That applies to coworkers, friends and family—even for your online streaming media account.
- Do choose different passwords for each site you log in to; for example, for your online banking account and an e-commerce site.
- Do log out of password-protected sites. Also, exit the browser when you are done.
Since complex passwords can be challenging to remember, you might consider using an online password manager that stores all of your passwords in one place that is accessible via a master password. While convenient, password manager websites can be compromised, just like any other. So if you go this route, choose a well-reviewed password manager, change your master password often and keep an eye on reported security breaches.
Secure browsing experiences
Before sharing personal or financial information online, make sure the site is secure. More websites are using HTTPS encryption, but sites without the “S” in HTTPS are unencrypted and can be easy for others to access.
Tip: Double-check the URL of the website you’re visiting. More advanced phishes are coming from sites that look secure but aren’t. For example, a site may look and feel like the original website but have one different character in the URL, such as “O” instead of “0.” Software is available that will warn you if you accidentally visit a fake website that looks like the original.
Bank of America clients can take advantage of free online fraud protection software through IBM® Trusteer Rapport™.
Home routers are being targeted for attacks more frequently, with a number of high-profile breaches in recent years as hackers have found a fresh route to your personal information. Attackers target routers to access other devices or information that is stored on the home network. Compromised routers can also host malware that can be used in other attacks. To help protect yourself, make sure the router’s administrator password is complex and unique, and regularly update the firmware to help ensure any vulnerabilities are patched.
Try to keep up with the latest trends in cybersecurity, while always practicing computer and mobile safety basics. Your efforts could go a long way toward keeping your personal information and finances safe and secure.