By Chris Keller, Senior Vice President and Chief Information Officer
Celebrated every October, National Cyber Security Awareness Month (NCSAM) was created as a collaborative effort between government and industry to ensure every American has the resources they need to be more secure online. In today’s environment, it’s likely you are concerned about the safety of your private information. Whether it’s because you’ve recently shopped at a store who has reported a security breach or because your email was hacked, it’s important that you are prepared.
There are steps you can take before a potential breach that can go a long way in helping better protect your assets.
- Protect your Credit Cards and Online Passwords – never lend your credit card or PIN to anyone.
- Shred It – shred documents that have personally identifiable information on it. If you have access to a document shredding bin that is useable for personal documents that would be best.
- Think Before Opening Email Attachments – don’t open email attachments from people you don’t know. These attachments may contain viruses or other malware. Additionally, think twice before you open an attachment from someone you do know.
- Watch Out for Phishing – do not respond to phone calls or emails asking you to verify your account information; you should be the one initiating communication with your bank regarding fraudulent activity. If your bank does contact you ask to verify by calling them back.
- Keep it Personal – do not use a public computer system for sensitive business or personal needs.
- Look for ‘HTTPS’ – look for signs that the site is secure, which includes a URL address that begins with “HTTPS”. Only use HTTPS sites when sending credit card information over the Internet. All major reputable vendors should secure your credit card information in this way.
- Use a VPN Service – when using a public or guest wireless network consider using a VPN service to encrypt your traffic. If unavailable, refrain from using it for sensitive business or personal needs.
- Consider Two-Factor Authentication – two-factor authentication requires a user to provide an extra form of identification beyond just your login ID and password.
- Keep an Eye on Accounts – regularly check all financial online accounts for unusual charges.
MY ACCOUNT HAS BEEN COMPROMISED. NOW WHAT?
In the event a data breach occurs you want to be sure to take decisive actions to ensure you can protect your assets to the best of your ability. In a world that has a constantly changing landscape of potential theft, knowing where to start can be almost overwhelming.
- Change Your Passwords – if you suspect your email account has been compromised, change your password immediately from a secure system. In addition, you should change the “security questions and answers.” After you change your email password, follow up by changing your financial and other critical accounts. This is because password resets for all your other accounts are typically sent to your email.
- Order a New Credit Card – request a new card and PIN if you notice any fraudulent charges, or close the impacted account and open a new one. Request the latest security enhancements with your new cards, such as “chip and pin” technology.
- Contact the Credit Bureaus – in the case of identity theft, order a copy of your credit reports, and file an initial fraud alert with the three major credit bureaus: Equifax, Experian and TransUnion.
- Report It – report any suspicious activity to local law enforcement and your financial institution as soon as possible, regardless of the amount. This includes lost cards and incorrect charges to the card issuer immediately. When necessary, file a complaint with the Federal Trade Commission or the Consumer Financial Protection Bureau.
- Ask Yourself Why – while you are fixing things, it’s a good time to take a step back, and ask yourself a more basic question: What was the reason for the breach? If it was your bank account, the answer may be obvious. In other cases, such as email, it can be for a host of reasons. Knowing why you were targeted can also sometimes help you understand how you were breached.