FDIC Consumer News - Summer 2018
25th Anniversary Edition
 A Cybersecurity Checklist
Excerpted and updated from “A Cybersecurity Checklist,” Winter 2016.
As consumers have become increasingly reliant on the internet for everything from shopping and communicating to banking and bill paying, the FDIC highlighted the potential benefits and risks in a special edition of FDIC Consumer News entitled “A Bank Customer's Guide to Cybersecurity.” The back of the guide also included a checklist with reminders about simple things bank customers can do to help protect themselves from online criminals. Here are some tips from the checklist:
Have computer security programs running and regularly updated to look for the latest threats. Install anti-virus software to protect against malware (malicious software) that can steal information such as account numbers and passwords, and use a firewall to prevent unauthorized access to your computer.
Be smart about where and how you connect to the internet for banking or other communications involving sensitive personal information. Public Wi-Fi networks and computers in public places such as libraries or hotel business centers can be risky if they don’t have up-to-date security software.
Ignore unsolicited emails asking you to open an attachment or click on a link if you don’t know who sent it or why. Cybercriminals are good at creating fake emails that look legitimate, but can install malware. Your best bet is to either ignore unsolicited requests to open attachments or files or to independently verify that the supposed source actually sent the email to you by making contact using a published email address or telephone number.
Be suspicious if someone contacts you unexpectedly online and asks for your personal information. A safe strategy is to ignore unsolicited requests for information, no matter how legitimate they appear, especially if they ask for information such as a Social Security number, bank account numbers and passwords.
Use the most secure process you can when logging into financial accounts. Create “strong” passwords that could be easy for you to remember and difficult for others to guess. The National Institute of Standards and Technology has suggested passwords that are at least 12 characters in length and include multiple character sets, such as a mix of uppercase and lowercase letters, numbers and keyboard symbols. A good example is “1Banana+1Pineapple.” Change passwords regularly, and try not to use the same passwords or PINs (personal identification numbers) for several accounts.
Be discreet when using social networking sites. Criminals comb those sites looking for information such as someone’s place of birth, mother’s maiden name or a pet’s name, in case those details can help them guess or reset passwords for online accounts or figure out answers to security questions that some sites use.
Be careful when using smartphones and tablets. Don’t leave your mobile device unattended and use a device password or other method to control access if it’s stolen or lost.