Tip #2: Making Yourself a Difficult Target
McRae Capital Management’s Cybersecurity Series
Multi-Factor Authentication: Your Digital Guardian
One of the most effective ways to discourage cybercriminals is to adopt multi-factor authentication (MFA), sometimes referred to as two-factor authentication, on all your crucial accounts and devices. No matter how strong your password is, if it gets into the wrong hands, it can be used maliciously. Multi-Factor Authentication (MFA) is a powerful tool that adds an extra layer of security to your username and password, by forcing the person logging in to also confirm their identity via this unique code. Setting up MFA is relatively easy. Most applications have a “SECURITY” option under “SETTINGS” where you can enable multi-factor authentication.
You may be familiar with MFA or already use it on some of your accounts. Here is how it works:
- You log into a website or app using a login and password.
- When you attempt to log in, a code or text is sent to your phone. This code is unique and is only useful for a short period of time.
- You enter that code into the website or app.
- Once the code is entered, you are allowed into the program.
Using MFA is more time-consuming as it adds an extra step to get into your application. However, this additional step is worth the extra effort it takes to further secure your important information.
Many people use biometrics when they use their mobile devices. You may use your fingerprints or face image to unlock your phone or automatically fill passwords into applications. THIS IS NOT MULTI-FACTOR AUTHENTICATION! This is a convenience that helps us use our phone quickly. It will prevent someone from using your phone should they get their hands on it, but it doesn’t prevent someone trying to gain access to the websites and apps if they have your username and password. You need to enable MFA.
One of the most effective ways to discourage cybercriminals is to adopt multi-factor authentication (MFA), sometimes referred to as two-factor authentication, on all your crucial accounts and devices.
Key Strategies Recommended by Fidelity’s Cyber Fraud Investigation Team
Strategy 1: Safeguard your financial accounts—employ extra layers of protection for accounts of value – investment accounts, bank accounts and credit cards
- Use a strong and unique username and password.
- Employ multi-factor authentication (MFA) for all financial accounts and sites that store your financial information.
- Activate alerts on all financial accounts to receive warnings about suspicious activity.
- Freeze your credit – this will make it more difficult for thieves to open new accounts in your name.
Strategy 2: Protect your email account(s)
- Use a strong and unique password.
- Enable MFA.
- Avoid storing sensitive data, like account numbers, in your email folders.
Strategy 3: Secure your mobile phone
- Use a strong and unique password.
- Employ MFA on your Verizon, AT&T or T-Mobile online accounts.
Strategy 4: Fortify your computer
- Keep your operating system up to date (auto-update is recommended).
- Use antivirus software and keep it updated.
- Be cautious when clicking on email attachments or links.
- Be cautious about public Wi-Fi networks; sensitive browsing should be done on trusted networks.
- Don’t save passwords or credit card numbers in your web browser.
Find out more.
- For a detailed discussion on these important topics, please refer to Fidelity’s “Make Yourself a Difficult Target for Cybercriminals.”
- How to add multi-factor authentication (MFA) on your Fidelity account, using Fidelity’s free VIP Access: https://www.fidelity.com/
- Activate MyVoice verification on your Fidelity account: https://www.fidelity.com/
- Setting up MFA and “Trusted Devices” on Apple products: https://support.apple.com/en-
- Adding MFA to Samsung devices: https://account.samsung.com/
- Most email and mobile providers—Google, Microsoft, Yahoo, Verizon, AT&T, etc.—also offer multi-factor authentication as a security option. A Web search of your provider plus “multi-factor authentication” or “two-step verification” will lead you to instructions.
- How to “freeze” your credit at the credit bureaus: https://www.consumer.ftc.gov/