Three ways to ensure you aren’t a victim of online banking fraud

On the heals of the story that broke last week about How Hackers Took as Much as $1 Billion from Banks, it’s positive to note that the victim of the theft was the banks, not the consumers.

I have been teaching classes on how to “Tame the Internet” and am surprised by how many attendees have never used online banking. If you fall into this category, or are concerned, you should know that:

Make sure you are using an American bank that is insured against theft by the Federal Deposit Insurance Corp. The insurance applies to any sum up to $250,000 in checking, a savings account or a certificate of deposit at a U.S. bank.
Be vigilant about monitoring your transactions and respond to alerts from your bank if a charge or withdrawal appears to be suspicious.
Never respond to emails from your bank or click on an attachment. Because of the amount of fraud, banks aren’t using email to communicate more than a basic alert or a sales notice to their customers. If you are concerned, contact your bank by phone or in person (but don’t use information included in the email you received), or for those of you with online banking, log in and check to see if there is a message posted in the online portal.

Online banking has many benefits, from a simple way to set up bill payments to a historical portal to your banking statements. As the primary family caregiver to my parents when they could no longer manage for themselves, I have found online banking an incredible time and effort saver for me.

A BILLION Passcodes Stolen – What’s your plan?

NBC News just reported that a Russian crime ring stole over a billion passcodes. Our lives just got one notch more complicated.

Most adults average 28 online accounts. My last count was 87. That is A LOT of usernames, passcodes, PINs and information to remember. I manage several accounts for my Mom, some for my children (school, dance, soccer and track registrations), most of our household accounts and then all of the accounts for MemoryBanc.

We fail to recognize how many accounts we keep track of in our heads, on our mobile phones and even under our keyboards, I quickly realized how much information surrounds a household when I stepped in to help my parents. I started by documenting medical information (prescriptions, doses, doctors, history, follow-ups) so I could be a good health care advocate. Then I needed to pay bills and manage their finances, then came household services and ultimately online accounts. The binder I created to keep track of all of their information launched MemoryBanc. I quickly moved our own household to the print, then the digital edition of the MemoryBanc Register. Given I have more than 87 online accounts — I have made sure to document them all.

The NBC News story provides users with many options on how to create unique but varying passcodes as well as suggestions for online password storage sites. Most passcode managers have encrypted data and 2-factor authentication to prevent hacking — but nothing is 100% secure (just look at the issues the US has had with data breaches) and those protections also leave your loved ones without access should they need to act on your behalf. Make sure to have a solution that allows you to print out a copy of your passcodes. Should the company that owns your password manager have a critical failure … you should have a plan B.

If you don’t have have a list, I hope you will take this opportunity to document your accounts, I have included a simple excel spreadsheet that contains all the information you should be documenting. You can download it and document your usernames, passcodes, PINs and security codes (don’t save it on your computer please).

If you are worried about sharing this information, consider how helpful it would be to a loved one should you ever be unable to act on your own behalf. Pleaded.

My gift to you is this free worksheet that will collect and organize your usernames and passcodes.

Don’t put all of your usernames and pass codes in one place?

Last night I met up with colleagues from a job I had at the Software Publishers Association (now called the Software & Information Industry Association). Most of us worked technology jobs in our careers and one of my colleagues wanted to know what I thought about the “security experts” telling us to never put all of our pass codes in one place. I recently posted a blog on why it’s important and teach classes encouraging people to put this information in one place.

It’s easy for the IT guy or the security expert to tell us to not have them in one place. However, I’m not sure this is practical in the realm that I focus. In your home and your personal life, the likelihood that someone would break in and steal your usernames and pass codes is very, very, very low. The biggest risk you have is that a family member would use them to steal or snoop on you. If you have that possibility, then you might want to keep the list locked up or hide them and tell only those individuals you would trust to step in and use the information if you ever needed their help.

In your personal life, there is no IT support that can access your email and give access to someone else if something should happen to you. The Terms and Conditions of the user agreements you accepted preclude the ability of others, even with a “Digital Durable Power of Attorney” from accessing those accounts. Google launched an “inactive account manager” that lets you set up notification and access for others if your account hasn’t been used in three months, however, that is a long time to wait for access if you need to reset a bill pay pass code.

I stand by my recommendation. Having walked in the shoes of the person that stepped in to help when a loved one was unable to manage their own affairs, I hope you will consider documenting your usernames and pass codes — and ask everyone in your household to do the same. Convinced.

This is a topic that is near and dear to me. Related stories include:

The Digital Keys to your Estate

The Dirty Remnants of your Digital Footprint

There is no Federal Legislation Governing Digital Assets