Phishers, social engineers, identity thieves – whatever their moniker, they’re all after the same thing – your personal account information. As online security protocols for most major retailers and financial institutions have become more sophisticated, so too have the techniques utilized by these evildoers to attempt to access your accounts and leave you feeling helpless.
SMCU’s Tips On Making Your Web Experience Safer
- Pay Attention To URLs
If you ever purchase goods online or log-in to any service where you have personal or confidential information stored, pay attention to the URL of the site you’re accessing. If the site URL begins with HTTPS, you know the site is secure and can be trusted with your credit card or account information. Be extremely cautious when providing this information to non-secure sites.
- Set Strong Passwords
Using a combination of mixed-case letters, numbers, and special characters can greatly decrease the chances of your accounts being hacked. For even greater security, password generation and storage tools such as 1Password* can create strong, unique passwords for all of your most accessed sites and applications and securely store them, so you can access them when you need to. Remember to change your passwords frequently and not to share them.
- Consider One-Time Passcodes Over Challenge Questions
If given the option between challenge questions or a one-time pass code, choose the one-time pass code. Challenge questions are no longer considered the best way to secure your account and will soon be abandoned by most websites. The reason is that the answers to your questions can be obtained through keyloggers and other scams that are already used to obtain your passwords. In contrast, a one-time pass code ensures that you are the right person logging in at the right computer.
- Use Multi-step Account Verification When Available
Sites like Google and Facebook both provide the option to use multi-step verification* every time your account is accessed from an unrecognized device. They do this by sending an authorization code to your mobile device, which must be entered in conjunction with your username and password. By separating log-in credentials in this manner, a hacker would not only have to steal your username and password, but also your phone.
- Don’t Send Confidential Account Information Via Email Or Text Message
The best way to ask questions or provide information about your account is by either calling our Contact Center directly or through your SMCU Online Banking secure email account.
- Always Log Out
It’s always best, especially if you are using a public computer, to log out of secure sites rather than simply closing the page. Many sites keep your log-in information stored temporarily, so you don’t have to re-log-in on your next visit. While this is can be convenient, it can also provide an open door for fraudulent activity. Logging out of a site is the best way to avoid stored passwords.
- Be Conscious Of Phishing & Social Engineering
SMCU will NEVER ask you for your password or other confidential, personal information. Should you receive any letter, email, or text message asking for this information, call our Contact Center at 206.398.5500 to verify if the communication is real or fraudulent.
* Always evaluate third party vendors prior to choosing one. SMCU does not endorse and is not supported by any vendor mentioned in this article and cannot assume liability for your expriences with their products or services.