Financial knowledge at your fingertips
As we continue to grow more technologically advanced, cyber criminals are simultaneously becoming more sophisticated with their attacks. It’s always important to protect your data online, but that need is compounded when it comes to your financial information and accounts. In this post, we’ll be exploring cybersecurity best practices and common scams to equip you with the tools to keep your defenses up against hackers and other fraudsters.
Cybersecurity is the process of protecting your networks and devices to reduce the risk of unauthorized access to your digital information. This can include personally identifiable information (PII), financial information, or other sensitive information. While financial organizations, like smiONE™, take every precaution to secure your accounts and identify fraudulent activity, it’s important to recognize that you play a huge role in keeping your online information protected.
According to the Federal Trade Commission (FTC)’s Consumer Sentinel Network, there were over 5 million reports of identity theft and fraud in 2023 alone. If not immediately detected, these crimes can be devastating to your financial standing and reputation, so you should always safeguard your accounts as much as possible.
One of the most common ways for financial fraudsters to access your accounts is through personal identification number (PIN) theft. Criminals can “skim” your PIN using devices that they connect to ATMs, point of sale (POS) systems, and gas pumps. Advancements, like the inclusion of EMV chips, have helped curb the risk, but experts say keeping your PIN secure will remain imperative.
Your smiONE™ Visa® Prepaid Card is a contactless card, meaning you don’t need to enter your PIN at checkout - simply tap your card to complete your transaction!
Strong passwords provide an added level of defense against hackers and criminals because they won’t be likely to guess what it is without running into other security obstacles like becoming locked out of the account. We recommend ensuring all your passwords are at least 12 characters in length and contain a mix of capital and lowercase letters, numbers, and special characters wherever possible. Similar to PINs, you should keep unique passwords for each account and be sure to update your passwords regularly to keep your accounts secure even if one has been compromised previously.
You should NEVER write your passwords down. Instead, opt for a protected password manager to store all your credentials. A password manager can be a real game changer when it comes to protecting your passwords. Password managers enable you to use longer, more complex passwords since you won’t need to worry about remembering them, and they can even recommend more secure passwords when necessary.
Multi-factor authentication, or MFA, is a security measure that requires more than one identity verification type to access your accounts. For example, you might log into your account using a username and password combination, and then be sent a security code via text or email to reconfirm your identity. Again, this step helps keep your accounts secure if your password has been compromised.
Your smiONE Card account is equipped with MFA functionality, so be sure to set up at least one additional verification method.
Make a habit of reading through your financial account statements and activity. This can help you identify suspicious activity or fraudulent charges early, so you can report them to the appropriate parties and reduce losses. It’s also a good idea to opt in for alerts from financial institutions. Similarly, this will ensure you notice activity that you don’t recognize immediately and can take the appropriate mitigation steps.
To enroll in alerts from smiONE, text ALERTS to 42627 (standard msg. & data rates may apply. Reply HELP for help, reply STOP to unsubscribe). To update the notification settings on your smiONE Card account, navigate to “Notification Settings” from the mobile app or your online account center.
Never click links or email attachments from senders that you don’t recognize. Always double check things like the sender’s email address, URLs, etc. for grammar and spelling mistakes or special characters that might be used to throw you off. You should always hover your mouse over a link to see it’s true address and confirm you recognize it. If you do receive a suspicious email, be sure to report it as spam. When you’re unsure or suspicious, you should go directly to your financial institution’s website and give them a call to confirm the validity of the request and avoid clicking on or responding to malicious communications. When visiting a website, make sure the URL begins with “https” rather than just “http”. The “s'' stands for secure, so this is a surefire way to make sure the site you’re viewing has security encryption protocols. If you need to open a new tab when accessing your financial accounts online, you should open it in a new window to avoid risking “session stealing,” wherein a bad actor can gain access to your session with a logged-in account. When you’re finished on your financial account, remember to log out.
Software patches will often contain updated security measures and software, so it’s important to stay on top of these and update them as soon as possible. If you have the option, you should opt in to automatic patching, so you won’t even have to worry about manual updates. It’s smart to leverage reputable anti-virus, spyware detection, and anti-spam softwares on your personal computers and devices.
Public wifi networks (like in the airport, hotels, coffee shops, etc.) are less secure because they typically aren’t password protected. Connecting to these unsecured networks can leave you vulnerable to fraudsters and hackers intercepting your communications. Some cybercriminals will even make their own networks disguised as familiar ones to entice you to join and give up your information. A VPN encrypts your data and masks your IP address, protecting your anonymity and concealing sensitive information like your location and identity.
Wireless capabilities like Bluetooth, location services, and wifi can be access points for hackers to get into your device and see your data. When you’re not using them, it’s wise to turn them off to eliminate any vulnerability to an attack.
Budgeting is NOT a one-size-fits-all exercise, and it can be hard to build the habit if you’re not using a method that resonates. Learn more about each of the different budgeting methods below and test them to find out which works best with your priorities and needs.
Phishing, smishing, and vishing are very similar types of scams, with the main difference being the contact method. With phishing, fraudsters will reach out to you via email and try to trick you into divulging personal information or clicking unsecured links and attachments by masking their identities or pretending to be a reputable organization. Links in these emails may install malware on your device, or it may lead to a fake login page, prompting you to input your account credentials, which will then be sent along to the scammer. Smishing is nearly the same thing, although it comes in the form of text messages, rather than emails. A smishing example we’ve seen recently will notify you that a package was unable to be delivered, prompting you to click a link. Finally, vishing occurs when a scammer calls you or leaves voice messages, pretending to be your financial institution, the government, or another influential party, to request personal information from you. With vishing, there’s also a risk of the scammer recording your voice to steal your identity later on.
SIM swapping is a type of scam in which the fraudster gains access to your financial accounts by reassigning your phone number to their SIM card, allowing them to send and receive forgot password, and other access links that may be sent to your phone number.
Scammers can replicate trusted websites to gather your personal and financial information. This makes it even more imperative to always double check URLs and NEVER click on links you don’t recognize. If a deal seems too good to be true, it likely is. Be weary of clicking ads, etc. if you don’t recognize or trust the selling company. These types of scams may ramp up during peak shopping and holiday seasons, so be sure to keep your guard up during these times.
Be careful when applying to jobs online because some fraudsters will even resort to fake job advertisements to collect your personal details. Red flags in this scenario might include a lack of details on the advertisement, a hiring manager trying to send you funds for equipment or pay and asking you to send extra funds back to them, or receiving a job offer without any formal interview.
Fraudsters have learned all about the payment apps like Venmo, Zelle, PayPal and CashApp, to name a few. Scammers are exploiting these avenues by pretending to be your financial institution and alerting you to fraudulent transactions. They’ll advise you that someone has gained access to your account, and then they’ll walk you through “fixing” the issue, leading to you sending the money back to your account, although the money will really end up being transferred to the scammer’s account.
Imposter fraud or imposter scams occur when the fraudster pretends to be a trusted figure like your financial institutions, a government agent, debt collectors, the IRS, or a law enforcement agent in efforts to get you to divulge sensitive information or send a payment.
A ransomware attack allows a hacker to hold your device hostage by restricting access or functionality until you pay them a specified ransom amount. You can become exposed to ransomware through malicious emails, links, or websites.
You are your best defense against fraudsters, so it’s important to take every action you can to protect your accounts and your information. Being informed is the first step, and now you have a checklist of secure behaviors to follow and an idea of red flags to watch out for.
If you believe your smiONE Card account has been compromised or you’ve been a victim of fraud, lock or suspend your card using the mobile app or in your online account center, so the fraudster will no longer have access to your funds. You’ll be able to unlock your card later if you choose. Then, call us immediately to report the fraudulent charges and minimize any losses. We will cancel your current card and ship you a new one while we work to resolve any fraudulent activity.
