Robinhood is in the news again. A number of users claim that their account was hacked, stocks liquidated, and money stolen from their Robinhood accounts. I don’t think Robinhood was breached internally, and I’m willing to bet that the users were not using two-factor authentication on their Robinhood or email account.
This should be a wakeup call to secure your financial accounts now. Banks and brokerage firms can be hacked, but often, people don’t use any advanced security features like unique and complex passwords or two-factor authentication.
In this post, I’ll walk you through how to secure your email and financial accounts, and improve your passwords, so you can minimize your chances of becoming a cyber victim.
Start with your email account(s) by updating your password, and turning on two-factor authentication. If your email provider doesn’t offer two-factor authentication, then you should stop using them and switch. Without two-factor, an attacker could get in and reset passwords for other accounts that utilize your email address.
I’ve actually seen this happen in real-time with a family member's email account. After the attacker got in, they reset passwords for shopping and social media accounts and then started making fraudulent purchases with their Amazon account. Thankfully I used to be a cybersecurity consultant and was able to help them recover everything and switch email providers in less than a week. While it was a nightmare, no real harm was done, but this could have been far more damaging and stressful.
The two most popular two-factor authentication methods are text message-based or authentication apps like Google Authenticator. You’ll want to use the authentication app method whenever possible as your phone number and text messages can be comprised.
Email accounts contain a treasure trove of personal data and can be the weak link when it comes to breaches, so make sure your email account is secure first.
A 2019 Google Survey found that 65% of people reuse passwords in some form across multiple accounts. With so many companies experiencing data breaches and cyber attacks, you should never reuse a password because attackers will often steal and sell account credentials online.
Using complex and unique passwords for each account is made easy by using a password manager. Password managers can help you securely store all of your passwords and accounts and help you organize your digital life.
For every online account I have, I use different randomly generated passwords that are created by my password manager. LastPass is a really good password manager that I’ve used for a few years now, and it makes all of this simple.
Password managers should be secured using two-factor authentication and a very strong password. Many password managers also offer apps that integrate into iOS and Android, so you can easily log in to your favorite apps on the go.
After you’ve secured your email account, set up a password manager, and downloaded Google Authenticator, it’s time to secure your financial accounts.
Now that you have a system in place, all you have to do is update your passwords and check your account settings to turn on two-factor authentication. Many banks and financial institutions support apps like Google Authenticator, but some only offer text message-based authentication. If you have a choice, Google Authenticator is far more secure and the way to go, but having any form of two-factor authentication is better than using only a simple password.
By using two-factor authentication and complex unique passwords, you can greatly reduce the risk of experiencing what happened to these Robinhood victims. Of course, you should also secure all of your online accounts, so you can minimize the risk of becoming a cyber victim.
While many are working from home right now and using home internet, you should always avoid using financial apps and websites on public wifi networks. This includes wifi in restaurants, stores, airports, etc. Public wifi networks can used by attackers to infect devices with malware and other malicious software.
The easiest way to avoid public wifi networks is to use a mobile hotspot device or turn on mobile hotspot on your smartphone. Your phone's cellular connection is much safer to use for sensitive apps and websites than public networks. Depending on your data plan mobile hotspot service may cost money, but for me, it’s included at no additional charge, and the speeds are often faster than those available on public wifi networks.
You could also invest in a VPN service to encrypt your data if you must use a public network for some reason. Just make sure to choose a reputable and trusted VPN provider as not all are created equal.
This goes along with avoiding public wifi networks, but you have to keep your operating system and software up to date. Connecting to a public wifi network with old software can lead to bad things.
Those prompts to update your software aren’t meant to be optional, they should be required. Security fixes are issued constantly as attackers continue to find vulnerabilities in websites, apps, and operating systems.
If your device does not support a new operating system or version, it’s time to consider upgrading your device to ensure you have the latest security fixes. It may cost money, but the cost of not doing so could be far greater in the event of a cyber-attack.
I hope you enjoyed this guide on how to keep your financial accounts secure. This guide is just scratching the surface, but these are the five most-basic things you can do to improve your cybersecurity practices and protect your finances.
It can be hard to know where to start or what to do first. As a financial coach, I have helped hundreds of people get out of debt, save more, and transform their relationship with money.
I will help you create a system that builds the right money habits to enable you to achieve your financial goals. Everyone’s situation is unique so you’ll get personalized coaching tailored to your specific needs. I guarantee that you’ll leave feeling confident about your financial future and in control of your money!
If you’re interested, please schedule a free consult on my website and we can see if we are a good fit for each other. You can also email me with any questions at firstname.lastname@example.org.