October is National Cybersecurity Awareness Month, a month I eagerly await each year.
Cyber threats are increasingly common, with one study reporting more than 2,200 cyberattacks per day. That's one every 39 seconds!
As Apple Federal Credit Union's Chief Information Security Officer, it's my job to ensure we're protecting not only your financial information but also our financial institution.
We're so focused on protecting your online security that I don't want to give the bad guys any hints about our robust security measures and cyber strategy. However, there are steps you can personally take to keep yourself safe online. In honor of Cybersecurity Awareness Month, here are my top tips for protecting your financial information.
Phone Scams
What's the most common way cybercriminals get people's information?
It's not hacking the mainframe or sending a virus. Cybercriminals' top tactic is tricking individuals into providing personal and account information. There are many types of attacks, but I want to highlight one in particular—account takeover fraud.
Here's how it works. Imagine a bad actor has your login credentials for digital banking.
They call you posing as someone from the Apple FCU Fraud Team, saying they need to send you a one-time code to protect your account. It's triggered as they maliciously try to access your account, and you receive the code on your device. What should you do?
Hang up. Remember, an Apple FCU employee will never call unexpectedly and ask for this code or any personal or account information.
Today's cybercriminals are very sophisticated, and they prey on your emotions by using possible fraudulent activity as a ploy to bypass your protective security measures. Here are some ways to keep your accounts safe:
- Be wary of unexpected calls, texts or emails. Apple FCU will never unexpectedly:
- Ask for your PIN or security passcodes
- Ask for your Online/Mobile Banking username or password
- Ask for your full Credit or Debit Card number.
- Use a strong, unique password and change it regularly
- Don't trust Caller ID; it can be faked.
If you ever think you've experienced fraud or received a suspicious message, call us at 703-788-4800. We are always happy to help you determine if a call, text or email is legitimate.
Gone Phishing
Cybercriminals also use phone calls, email, text messages, websites and other techniques to access your information via phishing tactics.
The best way to avoid an attack is knowing what to look for. Phishing messages typically have a few tell-tale signs, including:
- A heightened sense of urgency to avoid loss or maintain account access
- An unfamiliar tone or greeting
- Grammar and spelling errors
- Inconsistencies in email addresses, links or domain names
- Requests for credentials, payment information or other personal details.
Never open a link or attachment from someone you don't know or from an email you never requested. Additionally, never click on a receipt for something you did not purchase.
We live in a fast-paced world where money moves within seconds. Cybercriminals take advantage of this convenience to make people react without thinking.
If you're unsure about a caller or message, don't click or act right away. Look at the message and ask yourself:
- Have I received a message from this person before?
- Does this request make sense?
- Are they pressuring me to act, provide security codes or other personal information?
Now think about your next move. Scammers are aimed at defrauding you, so stay vigilant and aware. By taking a second to stop, look and think, you can take a big step towards preventing fraud.
Strong Passwords
Finally, you can help prevent cyberattacks by setting up strong passwords.
Cybercriminals love exploiting weak passwords, typically ones with easily guessable information like birthdays or pet names. Here are some tips for creating strong, unique passwords.
- Make your passwords at least 12 characters long, and update them often, making sure you don't just change one letter or add a zero at the end.
- Avoid reusing passwords; none of your passwords should look alike.
- Use a mixture of uppercase and lowercase letters, numbers and special characters (like *#!?).
One way to create difficult-to-crack passwords is by combining three random words, making it easy for you to remember, but difficult for hackers to guess. Here's an example using the phrase Stop, Look, Think: 5t0P.luc.Th!nk.
Check out additional digital safety advice and learn more of our Fraud Prevention resources for the latest fraud scams, prevention and news. Additionally, the FBI has compiled list of some of the most common frauds and scams, as well as their tips for keeping you safe online.
Thank you for staying safe, and thank you for being a member of our credit union.