2020 brought us deeper into the immersion of technology into our everyday lives. With the COVID pandemic increasing our everyday reliance on technology, it is more important than ever to take smart, secure approaches to protecting our digital information.

We’ve put together a guide of practical advice you can use to secure your digital life - financial and otherwise. Below you will find advice on best practices for cybersecurity, tips for staying safe online, and how to recognize and avoid phishing attempts.

Be skeptical. If you receive a phone call, text message, or email from someone you do not know, ask yourself how much information you are willing to give to this stranger.

Be cautious. Never send money or disclosure sensitive personal information (like social security or credit card numbers) to someone you do not already trust.

Be discerning. Some websites will ask for information like your mother’s maiden name, your birth town, or your phone number. While these bits of data cannot be used to directly access your accounts, they can be used in password recovery schemes.

Be proactive. Regularly checking your bank accounts and your email can quickly bring to your attention a charge or login you were not expecting. Many banks offer fraud protection, and many services will send you a notification email informing you of a new login.

Be safe. Public areas like grocery stores, coffee shops, or public transportation are not good areas to disclose sensitive information out loud.

Be aware. If you receive a call asking you for payment via gift cards, prepaid debit cards, or bitcoin, recognize these are not legitimate requests.

Many public spaces like coffee shops or boutique shops now offer WiFi to their patrons. These WiFi networks are generally unsecured - think twice before connecting to them. If your wireless plan includes setting up a hotspot, consider using the hotspot instead. A hotspot is basically a WiFi network from your phone and includes a secure password.

If you are connected to a public network, do not install any software updates. Hackers often disguise their bugs as “software updates” or other seemingly-benign updates that can, once installed, cause trouble on your device.

When creating your usernames and passwords, do not use personal information like your social security number, birthday, or home address. This information is often the easiest to guess, and much of it can likely be found publicly online (aside from your SSN).

Consider using passwords that use a combination of lowercase letters, uppercase letters, numbers, and symbols. As passwords get longer, they become more difficult to guess. A password with more than eight characters is considered a secure password, but the longer the better.

If the service you are using (Google, Amazon, etc.) offers two-step (or two-factor) authentication, enabling it creates a much more secure defense against any unauthorized user trying to access your account. The two-step authentication process ensures that it is actually you (or someone you recognize) who is trying to access the account.

If you are like most of us, remembering usernames and passwords for your accounts is both troublesome and exhausting. To avoid becoming overly-familiar with the process of resetting your passwords, you can use a password manager like LastPass which both generates secure passwords and automatically stores them in a secure place, which can be used to autofill usernames and passwords.

Although many websites automatically show a secure lock next to the website address (URL), some sites do not have this type of security. Be careful of entering any information into websites that do not have a closed lock next to the URL bar.

Another common scheme to obtain users’ information is sending them to a webpage they were not expecting through an advertisement, popup, or banner. If you find yourself on a website you do not recognize or do not know, exit out of the webpage and do not enter any sensitive information.

Phishing is the fraudulent practice of sending emails or texts appearing to be from reputable companies (Chase, Apple, etc.) with the intention of getting users to reveal their passwords, account numbers, or credit card numbers.

Phishing attempts usually come with an extreme sense of urgency (URGENT: Your Chase Account) and have attachments or links that look like legitimate links, but can be harmful if clicked on.

If you suspect an email may be a phishing attempt, do not click on anything inside the message and call the company directly if you suspect they are trying to reach you. The company will be able to verify that they did or did not contact you with a legitimate request.

When calling the company, use the phone number listed on the back of your card or the number on their website - do not use any phone numbers listed inside the phishing email itself (it is likely a fraudulent number).

As we become more and more dependent on technology, the frequency and sophistication of cybersecurity attacks will only increase. It is always important to have a trusted friend, family member, or associate you trust in case you are presented with a situation you are unsure of.

At Chicago Partners, we take the security of our clients seriously, and if you ever have any questions or suspicious activity appear on your account, we will be ready to help.