Fraught with Fraud: Tips for Increasing your Digital Security

“The police can't protect consumers. People need to be more aware and educated about identity theft. You need to be a little bit wiser, a little bit smarter and there's nothing wrong with being skeptical. We live in a time when if you make it easy for someone to steal from you, someone will.” - Frank Abagnale

I was at a limited partners’ investor conference in Dallas, Texas this past week where Frank Abagnale led a discussion covering identity theft and information protection. Frank Abagnale, whose life inspired the movie Catch Me If You Can and the TV show White Collar, briefly told the story of his life - how he used check fraud and identity theft to travel the world as a young adult.  He was caught, spent less than five years in a United States prison before being released to work with the FBI. Over the past 44 years, Abagnale has worked within the FBI to investigate crimes committed by fraud and scam artists, and, as technology has continued to develop, this role has transformed into a significant online identity theft and identity protection role.

With an increasingly connected digital age, data and information have become a valuable resource.  Your name, date of birth, social security number, passwords, addresses, emails, etc. all sit online somewhere - whether in your online bank account, sitting within Gmail or stored as a note on your iPhone. With all these vulnerabilities, here are some things Abagnale suggested you can do to minimize the risk of security breaches.

Credit Freezing

A Credit Freeze is a newly free (per recent legislative requirements) tool that lets you restrict access to your credit report. Placing a credit freeze on your report makes it exponentially more difficult for identity thieves to open new accounts in your name because creditors, whom need to see your credit score to open accounts, are unable to access your credit report unless you have explicitly permitted it.

A credit freeze does NOT do the following:

  • It does not affect your credit score.

  • It does not prevent you from opening new accounts, but to open one, you must lift the freeze temporarily. Essentially, you are shutting off access until you open it again.

  • It does not keep you from applying to jobs, renting an apartment or buying insurance.

  • It does not prevent a thief from making charges to existing accounts.

You can place credit freezes on your accounts at the following addresses:

Password Management

Passwords, at least in their current form, were invented in early 1960s. We’ve used the same functional technology of username/password for about 60 years now. They were meant for a desktop era and need to be re-imagined given the advances in machine learning and the number of vulnerabilities that exist with password security today. Frank Abagnale has a strong dislike for passwords and is currently working on developing new, more secure methods to verify one’s identification. While most of the technology is still early in development or not yet widely adopted, here are a few things that you can and should do today to bolster your online security.

Password Security

If your password is anything like “Password1”, “March2020” or “Mulcahy2014”, that should change.

In fact, the most common passwords in 2018 were the following: “123456” (and other variants), “password”, “111111”, “sunshine” and “qwerty.” SplashData, the publisher of this data, estimates that no fewer than 10% of people have used at least one of the 25 worst passwords on 2018’s list. Most sites now require a special character (@, !, #, etc.) and a number. When this requirement was broadly rolled out, my standard password changed from “Password” to “Password1!”. Clever, right? Not so much. 

Here’s a better way to create a password:

Bad: Michael

Better: M1chae!

Good: M1c.443L!

Best: ws5@20!A

LastPass, a company that exists as a password manager, published a list of 7 Bad Password Habits to Break Now.  Working backwards, here are some good password habits to adopt:

  1. Use different passwords for every online account.

  2. Have a secure, encrypted password system like LastPass or 1Password.

  3. Update your passwords frequently. If you’ve used the same password since 1995, it’s time to change it.

  4. Do not check the “Remember Me” option on website. If someone gets ahold of your device, they’ll have access to your online account.

  5. Do not store passwords in the browser.

  6. Do not share your passwords with others, especially if you use similar passwords across all sites.

  7. Never email your password or share it over electronic mediums.

Two-Factor Authentication

Two-factor Authentication (2FA) is a service many websites have started to offer as an extra layer of protection which often requires a code from an app or text message in addition to a password to access your online account. Any inconvenience in time or effort is worth it for that second layer of protection that may protect you from falling victim to someone accessing your online account without permission. Here’s a quick video explaining 2FA in more detail.

Payment Methods and Data Security

The last item that Frank Abagnale highlighted was how to securely provide payment for goods and services. In Abagnale’s words, “I don't use a debit card. The safest thing is a credit card because you're using the bank's money. If someone accesses your information, they are stealing the bank's money, not yours.” Under the Fair Credit Billing Act (FCBA) with a credit card, your maximum liability for fraudulent transaction is $50, and many credit cards promise zero liability for all fraudulent transactions. With a debit card, your potential liability according to the Electronic Funds Transfer Act (EFTA) is virtually unlimited - depending on how quickly you notice the transaction (needs to be before 60 days).

What’s the worst method of payment? According to Abagnale, physical checks. On the check you give someone your name, your address, your bank account number, your routing number and what your signature looks like. That check is physically handled by any number of people before it is securely stored then destroyed.

The bottom line: In Abagnale’s opinion, credit cards are the safest way to provide payment for goods and services, both within stores and online. (I would just add - remember to pay them off promptly!)

Conclusion

It’s a dangerous world on the internet. There are plenty of soft spots for individuals to access your online account information, your personal information and ultimately your financial information. It is important to stay up-to-date on the latest security issues, topics and breaches. Here are a few resources to help you secure your personal and financial data and accounts:

And specifically, for our clients who utilize Fidelity, Schwab or TDAmeritrade, use the below links to enable Two-Factor Authentication:

Michael Mulcahy, CFA®, CPWA®

Michael serves as a Vice President of Kings Path where he provides portfolio design and planning services to help families and foundations achieve their financial and legacy goals. Michael has a passion for developing tax-saving investment and asset location strategies, consulting on the development of estate structures, building and communicating business succession plans and coordinating philanthropic projects for business owners and generous givers.

Prior to joining Kings Path, he was a Senior Investment Analyst at Salient Partners where he worked across different strategies including the following: leveraged credit, value-oriented US equities, covered call and long-short tech-sector. Additionally, Michael worked on special projects where he assisted with capital financing projects, strategic acquisitions, and business unit sales.

Michael received his bachelor’s degree in business honors and finance from Texas A&M University, graduating cum laude. He is a CFA® charterholder and a CPWA® professional through study at University of Chicago Booth School of business. He is a member of the Investments & Wealth Institute® and the CFA Society of Houston.

Michael serves on the board of Vision Inspired Foundation which he helped found in 2017. Happy to be back in his hometown, Michael lives in Sugar Land with his wife, Jordan and two daughters.

Send an email to Michael

Kings Path Partners, LLC (KPP) is an SEC-registered investment advisory business based in Sugar Land, Texas. KPP has published this article for informational purposes only. To the best of our knowledge, the material included in this article was gathered from sources KPP believes to be accurate and reliable. That noted, KPP cannot guarantee that this information is accurate and complete and cannot be held liable for any errors or omissions. Readers have the responsibility to independently confirm the information herein. KPP does not accept any liability for any loss or damage whatsoever caused in reliance upon such information. KPP provides this information with the understanding that it is not engaged in rendering legal, accounting, or tax services. In particular, none of this published material should be considered advice tailored to the needs of any specific investor. KPP recommends that all investors seek out the services of competent professionals in any of the aforementioned areas. With respect to the description of any investment strategies, simulations, or investment recommendations, KPP cannot provide any assurances that they will perform as expected and as described in this article. Past performance is not indicative of future results. Every investment program has the potential for loss as well as gain.

Previous
Previous

COVID-19 Market Update: March 12, 2020

Next
Next

2019 Forecasting Follies