5 Tips to Keep Thieves Out of Your Bank and Brokerage Accounts

Investment Adviser New JerseyToday, data breaches at major retailers like Target have made cybercrime front page news. It is unsettling because nobody knows when or what will happen once the personal information of tens of millions falls into the wrong hands. With ubiquitous computing, you cannot let your guard down for even a moment, especially when hackers are increasingly targeting bank and brokerage accounts. According to the U.S. Treasury Department’s Financial Crime Enforcement Network, illegal wire transfers are outpacing cases of identity theft. In fact, wire-fraud cases in the securities industry are up tenfold over the past decade.

Growing Cybercrime Sophistication

Cyber criminals have evolved beyond Nigerian scams or some variation of the Spanish Prisoner con. Today, online thieves are using sophisticated phishing e-mails, keystroke loggers, and remote access Trojans while going to great lengths to impersonate you, the client, to your advisers and financial institutions. The key vulnerability is your email account. Email hackers are no longer content gaining access to your account in order to send SPAM to your contact list. More than ever, perpetrators who gain access to a compromised account carefully search for email that contain investors' brokerage information and key contacts. In fact, hackers even seek out old letters of authorization, with scanned signatures, in an attempt to forge new wire transfer requests. Easily impersonating the owner of the compromised email account, thieves aim to mimic the tone and language of previous communications. Even the timing of attempts to access funds are carefully calculated. Few realize that email security is so critically important to the safekeeping of the balances in your bank and brokerage accounts. Read on for an ounce of prevention.

5 Tips to Keep Thieves Out of Your Bank and Brokerage Accounts

  1. Use a strong password. Your Password is your primary line of defense, so make it count. Do not create passwords using your date of birth, family name, or a pet’s name, and never use “123456” or “password.” Actually, it is even more effective to use a "passphrase." For example, “IgfNDUoJ1st2002” derived from “I graduated from Notre Dame University on June 1st 2002.” Even though it’s a hassle, experts also advise changing your passwords at least every six months.

    Don’t use the same password multiple times. According to some studies, more than half (55%) of adult internet users use the same password for most, if not all, websites. That’s a big mistake.

  2. Never use your email as your username. Some say that using an email address means that you've cut the would be thief's work in half. Furthermore, when it comes to your brokerage or banking log in, there have been cases where a thief simply enters a victim's email address as the ID and then requests a new password to be sent to the compromised email account.

  3. Never click on a link in a questionable email or website. If in doubt, call your financial institution directly. You can also use your mouse to hover (don’t click) over a link and the address will appear directly by the link or at the bottom left of your screen. Make sure that if an email appears to come from "ABC Bank" that the links don't point back to “idj29fad.com” - a clear sign of trouble. Also note that most financial institutions will never ask you for any personal information other than your username and password when logging into their website.

  4. Be weary of public Wi-Fi (unsecured wireless hot spot.) Public Wi-Fi is fine for non-private activity; but if you send email or access bank accounts, you likely have no security and are vulnerable to thieves who can gain access to your email accounts.

  5. Use two-factor verification to secure your email. Here is a powerful security feature that is freely available to most of us, but not frequently used. Gmail, Yahoo!, Outlook.com and other email providers offer a second level of security by requiring a verification code from your mobile device in addition to a username and password at log in. Although this feature varies across providers, many allow you to set "trusted computer" settings so that you do not need to input the verification on your home computer every time that you log in. Whenever accessing your account from a new device, you will be prompted for the verifiction code. Two-factor verification can go far in preventing data breaches to your email and sensitive information.

The good news is that banks, brokerage firms, and credit card companies understand the seriousness of cybercrime and are increasingly adding steps to maintain the security of your account and personal information. By being careful and following the simple steps outlined here, you can make a significant improvement in keeping your information and money secure.

Helpful links:

Hire a Better Adviser Checklist

Has your email ever been hacked? What steps have you taken to protect your personal information and banking accounts?


Share This Story, Choose Your Platform!

About the Author: Andrew Wang

Andrew Wang


Please remember that past performance may not be indicative of future results.  Different types of investments involve varying degrees of risk, and there can be no assurance that the future performance of any specific investment, investment strategy, or product (including the investments and/or investment strategies recommended or undertaken by Runnymede Capital Management, Inc.-"Runnymede"), or any non-investment related content, made reference to directly or indirectly in this blog will be profitable, equal any corresponding indicated historical performance level(s), be suitable for your portfolio or individual situation, or prove successful.  Due to various factors, including changing market conditions and/or applicable laws, the content may no longer be reflective of current opinions or positions.  Moreover, you should not assume that any discussion or information contained in this blog serves as the receipt of, or as a substitute for, personalized investment advice from Runnymede.  Please remember that if you are a Runnymede client, it remains your responsibility to advise Runnymede, in writing, if there are any changes in your personal/financial situation or investment objectives for the purpose of reviewing/evaluating/revising our previous recommendations and/or services, or if you would like to impose, add, or to modify any reasonable restrictions to our investment advisory services. To the extent that a reader has any questions regarding the applicability of any specific issue discussed above to his/her individual situation, he/she is encouraged to consult with the professional advisor of his/her choosing. Runnymede is neither a law firm nor a certified public accounting firm and no portion of the blog content should be construed as legal or accounting advice. A copy of the Runnymede's current written disclosure Brochure discussing our advisory services and fees is available for review upon request. Please Note: Runnymede does not make any representations or warranties as to the accuracy, timeliness, suitability, completeness, or relevance of any information prepared by any unaffiliated third party, whether linked to Runnymede's web site or blog or incorporated herein, and takes no responsibility for any such content. All such information is provided solely for convenience purposes only and all users thereof should be guided accordingly.

Search Website

Annuity Review Database

Follow Our Podcast

Google Podcasts
Apple Podcasts

Recent Posts