Safe Practices for Mobile Banking

How to bank safely on your smartphone
Technology has made the everyday hassles of life easier, whether it be ordering groceries online and having them delivered to your doorstep or navigating to a destination you have never visited before.

One of the biggest areas where technology has bred convenience is in terms of banking and budgeting. Mobile banking apps make it easy to check balances, monitor activity and make transfers without ever having to step foot in the lobby of your local bank or credit union. But with public concerns over cyber security and identity theft on the rise, the expediency of mobile banking also inspires questions with regard to safety.

According to Niles Howard, editor at Bankrate.com, a study from Javelin Strategy & Research found that the fear of lackluster security remains the most prevalent concern of potential mobile banking users. But as Howard notes, there is less cause for concern than you might think.

“The good news is that the fear [of a lack of security in mobile banking] is so far worse than the reality, thanks in part to the financial industry’s heavy investment in security technology,” Howard writes, noting that several institutions cover 100 percent of a customer’s mobile fraud losses.

To keep your money extra secure, there are measures that can be taken to reduce your risk of becoming a victim of fraud, starting with ensuring that your phone itself is inaccessible to someone who might try to physically unlock it. Some of the steps that you can take to protect your phone from being opened by an unwanted party include setting your phone to automatically lock or time out after going unused for a period of time, setting up touch identification where applicable and maintaining a strong unlock password or PIN.

Mobile banking security is also dependent on the security of your online account. Nerdwallet.com contributor Margarette Burnette recommends that your online banking password uses “combinations that are difficult to guess, such as a mix of upper- and lowercase letters, numbers and symbols,” and that you make it a point to change your password in regular intervals. If your mobile banking app provides fingerprint verification, this would also serve the purpose of concealing your password whenever using mobile banking in front of others.

With regards to using mobile banking on the go, financial writer for NerdWallet Steve Nicastro advises against using public Wi-Fi networks to access an app. Nicastro cites the Federal Trade Commission, which notes that mobile apps are less secure because they lack visible indicators of connection privacy. Greg Kraynak, chief executive of Cellhire, indicates that cyber criminals could set up free Wi-Fi hotspots for the express purpose of stealing your information. As such, if you are banking on the go, avoid using any public internet connections or instead use your banking institution’s mobile website.

As long as you take the appropriate level of precaution, mobile banking is a great convenience that can help make your life easier. Be vigilant with your money and smart about the ways that you protect your identity, and you should have little to fear.

Used with Permission. Published by IMN Bank Adviser Includes copyrighted material of IMakeNews, Inc. and its suppliers.

Avoid These Online Scams

Keep your bank account safe online
Once you begin experiencingjanuaryfeatured_onlinescams the time savings and convenience of banking online, it may become hard to remember how you ever lived without it. The online tools provided by your financial institution can make many of your financial tasks a breeze, while built-in security measures keep your information and your money safe.

Occasionally, however, scammers attempt to trick people by masquerading as a legitimate business or financial institution. Below is some information you can use to help keep you safe from scams.

One of the best ways to avoid being scammed is to use a safe method of payment, such as the credit card from your financial institution.

“Credit cards have significant fraud protection built in, but some payment methods don’t,” the Federal Trade Commission states.

When you use your credit card, your transactions are supported by a suite of security services that attempt to identify, prevent and alert you to suspicious activity. That added layer of security can protect you from fraud and give you peace of mind when you shop and bank online.

“Wiring money through services like Western Union or MoneyGram is risky because it’s nearly impossible to get your money back,” states the FTC. “That’s also true for re-loadable cards like MoneyPak, Reloadit or Vanilla.”

In other words, skip the re-loadable cards unless they come directly from your financial institution and be sure to use your credit card to benefit from the fraud protection services when making purchases. This is an especially good idea when shopping online, as illegitimate websites can masquerade as well-known stores to encourage you to enter your payment information, and scammers can attempt to intercept your payment information on unsecured networks.

“Resist the temptation to use free public Wi-Fi,” cautions USA Today contributor Elizabeth Weise. “It is a trivial matter for hackers to eavesdrop on your connection and steal your information.”

Another important way to protect yourself is to keep track of current scams and remain watchful for new ones, which you can do by signing up to receive scam alerts directly from the FTC at https://www.ftc.gov/scams.

On Oct. 27, 2016, the FTC announced that in the nine previous months, more than 111,000 people had reported receiving fraudulent calls from IRS imposters. The scam these callers were attempting to pull off typically involved stating that money was owed to the IRS and needed to be paid immediately to avoid dire consequences, but there were several variations on the theme. In order to help people identify these imposters, the FTC prepared an educational video, which you can find at https://www.consumer.ftc.gov/blog/ftc-fights-international-scams.

Another common scam that the FTC warns about involves fake checks and money orders, which are often printed using the highest-quality materials and state-of-the-art printers that are capable of reproducing authentic-looking watermarks. They may even be printed with the name of a real financial institution and include legitimate account and routing numbers.

These fake checks can be used in a variety of scams, one of the most popular of which is known as “check overpayment.” This is when someone tries to sell an item online, such as through Craigslist, and receives a check for more than the sale price. The buyer then asks for the excess money to be wired, after which the check bounces and the seller loses the wired funds. To avoid this scam, never accept payment for more than an item’s sale price and never wire money to a stranger.

“If you accept payment by check, ask for a check drawn on a local bank or a bank with a local branch,” the FTC states. “That way, you can make a personal visit to make sure the check is valid.”

Lastly, never respond to an email with your personal identifying information or financial information, and always check with your financial institution if you suspect you have received illegitimate communication via email or phone.

Used with Permission. Published by IMN Bank Adviser Includes copyrighted material of IMakeNews, Inc. and its suppliers.

How Online Banking Leads to Greater Awareness

Managing your accounts online helps with budgeting, spending and fraud prevention

Online banking, nowgreateraware_featured accessible from any mobile device, helps people be more aware of their spending and bank account data. With online banking, it’s much easier to prevent and detect fraud, manage your budget and ensure bill payments are received by the correct institution.

Transaction and Fraud Awareness
Most, if not all financial institutions now offer customers the ability to sign up for an online banking account. There are even some financial institutions that operate solely online. This makes it much easier to track your spending and manage your budget.

“People may find that online banking makes sticking to a budget easier because you can easily sort payments to see how much was paid to specific budget categories … and [it] allows you to compare spent amounts with budgeted amounts — so your budget resembles your real life as closely as possible,” wrote Investopedia contributor Ryan Barnes.

In fact, with online banking, you can stay up to date with your transactions and account balance almost in real time. It’s important to note that the balance and data listed on your online account statement may not be precisely accurate, as transactions could be pending or larger amounts than what you’ve purchased could be posted, such as with gas station purchases or hotel reservations.

However, Barnes reported that “some personal finance software programs (such as Quicken) can be linked directly to your online accounts to provide real-time analysis of all your balances and cash flows.” There are also money management apps, like Mint, that can sync with your online accounts to provide real-time information.

This is especially important in safeguarding against fraud. Some financial experts recommend checking your accounts and balances daily so you can quickly catch identity theft. If a fraudulent charge is made or money is withdrawn from your account without your authorization, you will be able to resolve the issue quickly, before more damage can be done.

Overdraft Fees and Bill Pay
Being able to track your account data also helps you protect yourself (and your money) from overdraft fees from the financial institution.

“If you sign up for online alerts with your [financial institution], you will receive an email when your checking account balance dips below a certain limit, say $50 or $100,” Lucy Lazarony, Credit.com contributor, wrote in an April 2014 article. Then you can make sure to transfer or deposit money into the account to avoid the penalty, which is $20 to $35 for most institutions.

Online banking also helps automate bill payments to help you ensure that your bills are paid on time and that they go to the correct person or business.

“You can have the payment go out on pre-determined dates (as in every month on the 15th) or simply log into your account each month and manually trigger the charges to your accounts. Either way, there is no postage to pay—and you can see the effect on your account balances immediately,” said Barnes.

With online banking, you will not only be more likely to think about what you’re buying but also be more aware of your transaction history, allowing you to catch and prevent identity theft and stay within your planned budget.

Used with Permission. Published by IMN Bank Adviser Includes copyrighted material of IMakeNews, Inc. and its suppliers.

How to Keep Track of Passwords Safely

Don’t leave your personal info vulnerable!

Passwords: You need thempasswordsafety_featured for nearly everything these days, and it seems like each website or account has its own unique specifications for their creation. And of course, it is strongly discouraged to use the same password for all sites. So how can you keep track of them all?

Expert technology writer Rick Broida of Computerworld wrote in an article for PCWorld that he discourages his friends from keeping lists in a text file, spreadsheet or other similarly insecure document.

“That’s a disaster waiting to happen. If a hacker ever finds his way onto one of their PCs, those passwords will be easier to steal than a whiff of chocolate at the Hershey factory,” Broida says. “What’s more, if one of my amigos ever needs access to those passwords while traveling, he’s out of luck. Same goes for a hard-drive crash: It’ll take down that password list along with everything else.”

The solution is simple. Utilize one of the multitude of password manager services out there, many of which are free and offer great, useful additional features. Here are some of the most recommended.

Clipperz
Access this free online password manager anywhere, and feel secure doing so.

“Storing passwords and other confidential information online can make [some people] nervous, but Clipperz uses an encryption method that means not even Clipperz knows what it’s storing,” writes productivity blogger Leo Babauta on Lifehack.com.

This is one of the solutions that stores more information than just passwords – Clipperz can save and remember credit card and account numbers and much more.

LastPass
For an app that utilizes fingerprint recognition and other biometric scanners, LastPass is surprisingly simple to use. Available on iOS and Android, and even alternative devices such as Windows Phones, the technology employs super-secure two-step authentication to access your information.

It too can store additional information, as well as capture Wi-Fi passwords, in a database-like interface – great for those trying to upgrade from an unprotected spreadsheet. It even offers a password generator feature to create a random password meeting all of a certain site’s specifications, and then it stores it safely and automatically.

However, Kit Eaton of the New York Times found that LastPass does have one drawback:

“While the app is free, to make the most of all its powers, like automatically filling in details on Web sites, you have to pay a subscription of $12 a year,” Eaton says in a 2013 article.

1Password
This may be one of the best-known password manager apps, and its popularity may be due in part to its amazing security. It doesn’t have two-step authentication, but it never sends data to servers, according to technology reporter for the Wall Street Journal Geoffrey A. Fowler.

“For the really paranoid, 1Password offers the most control over where your encrypted vault of passwords gets stored,” Fowler writes.

The tech allows you to sync passwords across devices using local Wi-Fi networks or Dropbox or other cloud-based service providers, which is a big plus due to its higher price and the fact that software for each platform (e.g., Mac, Windows, iOS) is sold separately.

Dashlane
Fowler recommends Dashlane for your secure password storage needs.

“Dashlane is like the memory you wish you had. It keeps track of not only passwords, but also credit card numbers and user IDs, filling them in when you need them across many different devices,” he explains.

It’s free to download on a single device, but there is a fee to use it – $30 a year allows the app to automatically sync your data across multiple devices. You can try it fee-free for 30 days.

The best part about Dashlane is its ease of use. Upon setup, the app and its web browser plug-ins find passwords that you’ve already been saving unencrypted on the internet and input them for you. It also has the unique ability to learn new passwords, usernames and much more automatically as you type them for the first time.

While each of these solutions comes with its own set of pros and cons, all are better than the alternative – an insecure, vulnerable set of passwords and account numbers.

Used with Permission. Published by IMN Bank Adviser Includes copyrighted material of IMakeNews, Inc. and its suppliers.

The Risks of Using Someone Else’s Wi-Fi

Protecting you and your money from hackers
The internet has made doingWiFiSeucure_Featured many things much easier. It provides instant gratification for shopping for that perfect outfit or new gadget, and banking and bill payment services are just a click away.

But the internet also has made it much easier for cyber criminals to get your personal information.

The dangers of using a public or unsecure Wi-Fi connection
When you connect to an unfamiliar Wi-Fi network, including a public Wi-Fi network at your favorite coffee shop, restaurant or store, you’re opening the door for hackers and cyber criminals to steal your personal and confidential information. They can impersonate you, steal your money or even sell your information on the cyber black market to a host of people who could do the same. How can they do this?

In a July 2014 article in Forbes, Vice President of Check Point Software Technologies Bari Abdul highlights common ways a hacker can get into your computer when you’re using a public Wi-Fi or someone’s unprotected Wi-Fi network.

Scenario No. 1: Rogue/evil twin Wi-Fi
“A hacker creates a hotspot named Hotel Wi-Fi in a hotel lobby using a USB antenna and laptop. You connect to it and log in to your email or other account,” says Abdul. “When [you] log in, hackers listen for your passwords and other sensitive information. They can also use these networks to get you to download malware.”

And you’re none the wiser, because most hotels offer free Wi-Fi to their guests, and why would something so official-looking be fake?

Scenario No. 2: Man-in-the-middle attacks
Man-in-the-middle attacks happen when a hacker intercepts communication between two computers while one is connected to an unsecure network, like public Wi-Fi.

“A common man-in-the-middle attack is when a third party or ‘middle person’ eavesdrops as you exchange bank account or credit card information. Traveling and forgot to set up a payment? Be aware that online shopping interactions or other financial transactions are highly susceptible to man-in-the-middle attacks,” reports Abdul.

Other common ways you could unknowingly allow a hacker access to your devices include using smartphones that automatically connect to any available Wi-Fi (including rogue Wi-Fi networks posing as legitimate ones) and even maintaining a home or office network that’s not up-to-date in its firewall and security software. A hacker will wait until you use the device on an unprotected connection and then eavesdrop on everything you type, looking for passwords and sensitive banking or credit card information.

Tips to protect you from becoming a victim of cybercrime
Kaspersky Labs, a renowned global cybersecurity company with a North American base in Massachusetts, shares tips on its website about how to protect yourself while banking or shopping online with an unfamiliar Wi-Fi connection.

  • Treat every unknown Wi-Fi connection with suspicion. If you’re in a retail store, talking with an employee before connecting.
  • Use your smartphone as a hotspot instead of connecting to any Wi-Fi networks, and turn off the capability in your settings to automatically connect to available Wi-Fi without permission.
  • Because links are often infected with Trojans or other malware viruses, always type in the full URL to the online bank or store instead of clicking a link.
  • Beware of fake messages from your bank asking for personal information. A legitimate financial institution will not ask you to send sensitive information via email or a pop-up window; nor will it ask you to visit its site for authorization.
  • “When you’re visiting a web page that needs you to enter confidential data, carefully check that the address of the page that’s shown on the browser corresponds with the page that you were intending to access,” says Kaspersky Labs. “If the URL is made up of a random selection of letters and numbers — or it looks suspicious — do not input any information.”
  • Before entering any sensitive information, check that the URL in your browser has a padlock icon and starts with “https” — not “http” — to make sure the connection’s encrypted.

If you have any questions on other measures to take to protect yourself from the dangers of using someone else’s Wi-Fi for online banking, bill paying or shopping, let us know and we’ll be happy to help.

Used with Permission. Published by IMN Bank Adviser Includes copyrighted material of IMakeNews, Inc. and its suppliers.

Fighting Against Data Breaches

What you can do to keep your financial data safe

Shopping online is convenient,DataOnline_Featured fun and growing in popularity, but many online shoppers worry about the impact of data breaches.

One tip for shopping online with an added layer of protection is to open a credit or debit card specifically for online shopping. If you use a debit card or a prepaid credit card, you can control exactly how much money is at risk. Keeping a separate credit card for online shopping with a low credit limit provides the same type of control and also limits the number of charges on each statement, so you can easily go through the statement and identify anything that seems amiss.

“Also, look into virtual credit cards if your card issuer offers this service,” advises about.com Security Expert Andy O’Donnell. “Some card issuers will give you a one-time-use virtual card number that you can use for a single transaction if you are concerned about the security of a particular merchant.”

Even if you don’t use a separate card for online shopping, examining your monthly credit and debit card statements is very important if you want to keep your data safe. It isn’t enough to simply check your balance and scan your statement for big purchases.

“Scrutinize your statement for charges you don’t recognize,” according to science and technology writer Davey Alba, writing in a 2013 Popular Mechanics article. “These don’t have to be massive charges, either. Hackers will often test the waters with micropayments first, amounting to a few dollars or even a few cents. Then, when it seems like the coast is clear, they’ll go for a big-ticket purchase.”

You can also gain peace of mind by talking to your financial institution or credit card provider to learn what data breach policies are in place. Credit card companies typically offer fraud-monitoring services for free and won’t hold you liable for fraudulent charges.

“Some ID-theft-monitoring services are paid, which you can consider, but … your own provider will typically offer one for free, and [that] can be just as dependable,” states Alba.

Depending on your provider, you may even be able to customize the specific fraud alerts that are most useful to you and reflect your typical spending activities. Popular options include the ability to receive email, text or phone notifications if a single charge is greater than a certain dollar amount, if daily or weekly expenditures exceed a specified total, or if more than a certain number of transactions occur in a set time period, such as one day. You may also have the ability to receive alerts if spending is in excess of a certain amount you specify or is higher than your past average in a select category, such as merchandise or travel.

“When using the online checkout process of a seller, always make sure that the web address has ‘https’ instead of ‘http,’” states O’Donnell. “Https ensures that you are using an encrypted communications path to transmit your credit card information to the seller. This helps to ensure against eavesdropping on your transaction.”

Lastly, make sure to use strong passwords for any accounts you set up with online merchants or financial institutions, and change them frequently. Furthermore, don’t enter your payment information if you are not using your own internet service, and make sure that nobody can use your device without a password. If you do end up making a transaction on a shared computer, log out of the store website and clear the browser’s cache, cookies and web history.

If you keep these tips in mind when shopping online and talk to your financial institution about data breach policies and fraud alerts, you can gain peace of mind and stay safer on all your future online shopping sprees.

Used with Permission. Published by IMN Bank Adviser Includes copyrighted material of IMakeNews, Inc. and its suppliers.

What to Know About “Spear Phishing”

The latest scam thrives on familiarity

Most of us are aware of the term SpearPhishing_061416“phishing” — a con game in which scammers use spam, malicious websites, and online messages to trick people into divulging sensitive financial or personal information.

Now there is a new twist on the old game, called “spear phishing,” and it is vital that everyone become aware of this increasingly popular tactic for scam artists.

Rather than casting a large net and hoping someone bites, spear phishing utilizes personalization, pinpointing you as the specific target.

“The emails are ostensibly sent from organizations or individuals the potential victims would normally get emails from, making them even more deceptive,” the FBI website states. Since you are familiar with the sender, you may be less vigilant and more apt to act without thinking.

How it works: Using your web presence against you
An angler looking to spear-phish will troll social networking sites, blog pages and utilize any piece of information you put out there to his or her advantage. The scammer can easily get your email address, gain access to your friends list, gather insight on places you frequent, find out about any recent purchases you may have made and much more. Then the crook will correspond with you, using that information as a means to request sensitive information in a seemingly legitimate manner. They will get you to click on a (fraudulent) link or respond to the correspondence and provide account information, PIN codes, username and/or passwords, etc.

How to avoid getting caught up in a scam
The most important takeaway from a spear-phishing scare — being smart online — applies not only to a potential stolen identity. How much and what specific information you put out in the online realm makes you susceptible not only to Internet fraud but also to real-life criminals.

Do you consistently “check in” at a certain place and time? That’s prime information for a burglar, especially if you just posted a picture of your awesome new flat-screen TV, for example. Just be careful about the information you divulge that you think is harmless but that could be pieced together to harm you.

  • Here are a few other tips you should consider to protect yourself from spear-phishers:
    Vary your passwords – Make every password you use different from the last, and change your passwords often, advises the website for Norton by Symantec, a popular and reputable online security provider. Internet security software and aspects of your operating system can help you keep track of your various passwords.
  • Keep your security software up to date – A simple click of the mouse when an update bubble appears could save you from a cyberattack. When you get update notices, don’t ignore them.
  • Don’t be hasty – Double-check with any source that requests personal information from you. Call or email (in an entirely new thread) to verify its validity. And keep in mind that most companies, financial institutions, etc., will not request personal information via email.
  • Do it yourself – Similar to starting a new email thread, when you want to check out a link provided in an email, always enter the URL manually rather than following the link provided. Also, if you want to call the alleged source organization, don’t use the number provided in the email — always look up the number yourself to ensure it isn’t fraudulent as well.

The FBI, the U.S. Secret Service and local law enforcement are working diligently to remove threats from these criminals. But ensuring you are aware of the issue of spear-phishing and prepared to avoid it is a great start.

Used with Permission. Published by IMN Bank Adviser Includes copyrighted material of IMakeNews, Inc. and its suppliers.