Getting Hacked: How to Protect Yourself

We have all heard the horror stories.  A friend or colleague’s credit card getting hacked and ending up with $5K in charges AND months of back and forth with the bank to dispute it.  A twitter account getting compromised and 2K messages about a raunchy sex hotline sent to contacts.  And finally, someone leasing 5 iPhone X’s across different stores using your credit.

With breaches both in our personal accounts and with companies that hold our information (e.g., MyFitnessPal with 150M accounts compromised), the problem will likely affect most of us.

We did the research for you, so that you can take a few easy steps to protect yourself from a hacking situation.  Most importantly, this will help protect your financial accounts, your credit score, and make sure you are in good financial standing.

1) Do you have a secure and strong password?

Hackers today can get your password multiple ways – they might obtain it through a company that got compromised, they might get you to click a phishing email with a “fake” login portal, you might login to public wifi or computer, and more.   The best way to ensure that you are secure is to:

• Create a strong password: this might include special characters, numbers, or symbols.  Password managers (below) will be able to generate them for you
• Don’t store passwords in browser: browsers will often store your passwords for you, but if you think someone else might use your computer or have access, it’s best not to store it within the browser
• Use a password manager: password managers like 1Password, LastPass help you keep your passwords all in one place and don’t do autofill (higher point of failure).  They also help you generate unique passwords.  Since you are using a password manager, you won’t forget what your password is, and you can access it on your mobile, web, etc.  You can also share passwords across your family.
• Change your passwords every few months: by changing your password every few months, even if your password gets stolen you limit the usefulness for an attacker

2) Do you have two-factor (2FA) authentication?

Two-factor authentication is where a user is granted access only when they have presented with two verifying pieces of information.  For example, in Gmail you can set up 2FA and you will need to input your password and a code that is generated on the Google Authenticator app on your mobile phone before you can login.  This ensures that even if someone has your password, they won’t be able to get into your account.

We highly recommend an app like Google Authenticator or Authy over a phone text, as even if someone has ported over your phone #, they still won’t be able to get access.

3) Do you know what’s on your credit report?

Often times you might not know someone has stolen your credit until you get a letter in the mail (see 5 iPhone X example above).  The best way to keep track so that you will know immediately when someone has used your credit is to check your credit score.

You can get access to your free credit report and score through Credit Karma and AnnualCreditReport (you are guaranteed a free credit report each year).  What’s even better is if you track your credit report and lock it so that no one can pull your credit unless you unlock your report.  Equifax is offering a free year of TrustID to those who were affected by the their breach (you can check here).  You should check to see if you qualify as the offer ends in a few months, but make sure that you set up a calendar invite to cancel it in a year if you don’t want to renew it.

We all know password and account management is not the most exciting topics, but taking these proactive steps can save you huge headaches in the future.  Most importantly, this will help protect your financial accounts, your credit score, and make sure you are in good financial standing.