15 Steps to Maximize your Financial Data Protection [Updated]
How difficult do you make it for cyber criminals to steal your card details, bank account info and so on?
We use computers to pay bills, shop online, chat and even keep in touch with friends on social media platforms. You might not realize it, but this makes us vulnerable.
Because we willingly broadcast over the Internet valuable details, such as our credit card information or bank account credentials – information usually needed by cyber criminals – we can never be too careful when securing our financial transactions or personal information.
A 2016 report from the PricewaterhouseCoopers indicates that cyber crime is the “2nd most reported economic crime, affecting 32% of organisations.” And the same study reveals another cause for concern, apart from the economic impact:
The insidious nature of this threat is such that of the 56% who say they are not victims, many have likely been compromised without knowing it.
The data clearly shows that cybercrime affects individuals and global economic growth. Cyber attacks on financial institutions or with financial consequences for users like you and me are putting financial assets at risk. Consequently, financial data protection should be a strong concern for anyone.
So is there a way to for our online activities to remain private and safe from cybercriminals?
Definitely! Here are a few best practices that will keep your system protected:
1. Check the link before you click it
Pay attention to the links you want to access. To make sure you are not deceived, simply hover the mouse cursor over the link to see if you are directed to a legitimate location.
If you were supposed to reach your favorite news website, such as “www.cnn.com”, but the link indicates “hfieo88.net“, then you should resist the urge of clicking the link. Hyperlinking is a common practice in phishing attacks and it’s always best to double check embedded URLs.
Most of us use shortening services for their links, such as goo.gl or tinyurl. But in some cases an unknown link may send you to a malicious site that can install malware on the system. So, how can you know where you’ll arrive if you click it?
To make sure you are about to access the right online destination, use a free tool such as Redirect Detective. This tool will allow you to see the complete path of a redirected link.
Alternatively, you can also check the suspicious links using a reliable URL checker, such as VirusTotal.
2. Check the file before you click it
We all know malware is everywhere. But how can we make sure a file (or an executable file) we just downloaded is what it’s pretending to be? Can we tell the difference between a safe file and a malicious one?
An important step for everyone is to use a browser which integrates a reputation-based technology. This technology uses a cloud scoring system to analyze each application downloaded and where it comes from. As a result of the analysis, websites that distribute malicious software – not yet detected by existing defense mechanisms – are more easily blocked. For more details, you can access the following article.
To make sure you are not running a malicious executable file (which may download a Trojan virus on your system), use VirusTotal, which analyzes suspicious files on multiple antivirus solutions.
3. Use secure websites to run financial transactions
Financial operations and transactions should be given high scrutiny, as they hold the key for cyber criminals to cashing out your life’s savings.
Here’s how to make sure you visit a secure website:
- Look to the left of the web address and find the “Lock” icon. This indicates that you are visiting an encrypted and/or a verified website.
- Make sure the web address starts with “https://”. The “s” comes from “secure socket layer” and it indicates you are connected to a website where data, which is sent and received, is encrypted.
4. Set strong passwords for your accounts
Your passwords should contain around 20 characters. Don’t forget to combine upper and lowercase letters, numbers, and symbols. Don’t use the same password for all your accounts. Make a habit of changing your main passwords every 30 days. Even if you are hacked, having different passwords for each account will help you limit a potential loss.
For more information on how to set strong passwords and manage them safely, see our step by step guide on password security. This includes details on how to use a strong and secure password manager like LastPass or Sticky Password.
5. Use two-factor authentication
This is one of the best ways to ensure your online accounts or your email inbox are not accessed by anyone else but you.
This option means that, besides entering your credentials, you will be required to enter a one-time code sent to your phone. Use this method to protect confidential information from social media accounts, such as Facebook, Twitter or valuable data from email accounts.
6. Log out
As soon as you’re done with financial operations on your e-banking platform, don’t just close the web browser, but always log out.
We recommend you also use a virtual browser for your financial operations (usually sandboxed) that’s designed to keep your online banking secure. You can find here some recommendations for free browser protection tools.
Private browsing sessions are also recommended if you want to prevent authentication credentials (or cookies) from being stored.
7. Don’t reply to unknown emails
Don’t reply to emails that offer an unexpected present or prompt you to update your security information.
It is a classic phishing scheme through which you are tricked into sending personal details, such as credit card information or personal data. If you’re not sure whether the email is from your bank or not, simply contact the bank directly for more information.
8. Use official banking apps
If you want to manage financial transactions on your mobile, install the official mobile application of your bank. To make sure you have the right application, contact your bank directly or access their official website.
9. Don’t post private information on social media account
Exposing personal details may lead hackers into finding your financial information. For the same reason, check your kids’ social media behavior to make sure they won’t expose private information that may possibly be used against you, in phishing attacks.
10. Don’t access questionable web locations
Don’t access or download content from unknown or controversial locations. Access websites that proved to be safe and you know you can trust.
Nevertheless, this is not a guarantee that you won’t get infected.Nowadays, cybercriminals exploit vulnerabilities in legitimate websites and inject malicious code, as to perform drive-by attacks on unsuspecting visitors. It may be a free screen saver or a browser toolbar that may infect you with a keylogger that can record and send your personal data to cybercriminals.
To make sure your system is protected and your credentials are not exposed, install a security product, such as Heimdal PRO, which can detect and stop malicious hackers from stealing valuable information from your system.
11. Use a good antivirus program
It is important to use a reliable antivirus solution on your system, one that includes real-time scanning, an automatic update (to stay clean even against the latest threats) and a firewall, which monitors and guards your network activity.
To choose the best solution, access the antivirus test results run by established names in the security industry, such as AV Comparatives, PC Magazine, AV-TEST or Virus Bulletin and select the best security solution for your system.
We have to mention now that a traditional security solution can hardly protect you against the advanced financial malware created to steal your private data and confidential information. To protect you against the most dangerous credential-stealing threats, such as Zeus Gameover (P2P) and Cryptolocker, you need security solutions designed to address these threats.
12. Use a dedicated security solution against financial malware
Install a security solution designed to protect your system from financial malware and phishing attempts.
By employing advanced anti-phishing and anti-malware technologies, Heimdal PRO has been designed to detect and block phishing sites and malicious servers from stealing your sensitive information. It can shield your PC from a man-in-the-browser attacks, detect Zero Day exploits and prevent data loss or network infections.
Heimdal offers another layer of security that normal antivirus products cannot provide.
To improve the financial control of your online banking account, you can set banking alerts to track your account activity. To set a tracking alert for your bank account, contact your bank directly for more information.
13. Don’t be vulnerable. Update your software.
Cyber security experts always advise to keep your operating system, web browser and the main software applications you use up to date by installing the latest security patches. The updates are mainly released to cover security breaches. Unless you keep your software updated, you will be exposed to the latest threats.
Better yet, use a free product to take care of your software updates and just kick back. This will secure your system by installing the latest security updates and patches for the software such as:
- Adobe Shockwave
- Adobe Flash (plug-in/player)
- Adobe Acrobat reader
- Google Chrome
- Mozilla Firefox
- Internet Explorer
- CCleaner and more.
14. Back it up
Even if the steps above will keep you safe from IT criminals and malicious software, there may still be hardware issues that could endanger your valuable data. To make sure your private information stays safe, we recommend using a twofold strategy, which should include combining an external hard drive usage with an online backup service.
Before jumping to the list of available online backup services below, we have to point out the necessity to select one which provides:
- stability (so look for a big company name)
- ease of use (so you won’t have a headache backing up from files)
- the possibility to synchronize your files with the online backup servers/li>
- some sort of security, such as encryption capabilities.
Check out our data backup guide for a free plan to start making copies of your digital assets so you can keep it safe from harm.
15. Use common sense
The steps we presented are just general guidelines and cannot guarantee total protection from all the malware out there. Use common sense if you want to access random websites, run online games or purchase from online locations you didn’t use before.
Instead of a conclusion
Our own reports from 2013 suggest that financial malware was responsible for more than 55% of the cases where corporations lost valuable information, while only 25% of data theft malware was detected by traditional antivirus software.
Low detection rates are caused by polymorphism, which means that malware is able to constantly change behavior and attack methods. The problem of data theft is growing, because data theft is no longer targeting a single PC, but the entire network by spreading from one computer to another.
At the beginning of June 2014, Operation Tovar was launched, in an international joint effort between multiple countries and major law agencies, such as U.S. Department of Justice, Europol, the FBI and the U.K. National Crime Agency to detect and stop these type of attacks.
Therefore, we are not alone in this fight against financial malware. Using a security solution is a must and we should combine traditional protection methods – signature based antivirus programs – with advanced detection technologies – to protect against polymorphic financial malware.
Do you have any other favorite tips, tools or recommendations in order to maximize your financial data security?
This article was originally published by Aurelian Neagu in 2014. It was updated in April 2016 by Andra Zaharia.