In 2024, nearly 25 percent of all cyberattacks in the U.S. targeted financial institutions, putting banks, insurance firms and investment companies on high alert. Between September and November 2024, Chinese hackers breached the U.S. Treasury Department, gaining access to more than 3,000 files, including documents from high-ranking Treasury officials.
These threats continue to grow each year. Financial institutions and individual investors alike are more at risk than ever.
As more financial transactions are handled online, they become more vulnerable to breaches. Although artificial intelligence (AI) capabilities become more sophisticated, making it easier to detect and prevent cyberthreats, cybercriminals use the same AI technology to make their own criminal activities more difficult to stop.
With these threats evolving, investors need strong cybersecurity solutions in their digital toolboxes. Three tools that can significantly reduce the risk of cyberthreats and protect your investments and personal information are password managers, multifactor authentication and virtual private networks. Let’s look at how each one of these tools can help you keep your data safer.
1. Password manager — Your first line of defense
A password manager is a digital service that helps you generate strong passwords and stores them in a secure, encrypted vault. You can typically use these managers as an app or a browser extension on any of your devices. And then, when you visit a site or open an app that requires you to enter a username and password, the password manager autofills the credentials for you. Some companies that offer password managers offer additional services, such as autofilling your other personal information, sending alerts about compromised websites and sharing sensitive information securely.
These tools help protect your personal and financial information and data, especially if you tend to reuse the same passwords and/or create weak passwords.
Using a password manager makes password management easy because you have to remember only one master password. Your other logins will automatically populate when you visit each app or website. An added benefit is that some of these services use end-to-end encryption. This means no one can see your passwords — not even the password-manager company.
Now, we are not endorsing any particular companies, but here are three password managers you can explore:
- 1Password offers plans for personal use and business use. In addition to the typical services offered by password managers, 1Password allows you to share passwords with your family members or coworkers by granting them access to individual vaults. Also, you can create expiring links to share any item with anyone, even people who don’t use 1Password.
- Dashlane provides credential risk detection, secure password management and threat response, all in one platform that boasts an intuitive user experience.
- LastPass secures your data through local, zero-knowledge encryption for the password vault and features such as a built-in password generator. It also provides automatic device sync across all your devices, so you can save passwords to mobile apps and immediately access login credentials on a web browser. In addition, LastPass provides dark web monitoring, also known as data breach monitoring.
Some password manager services offer free trials, but most require a nominal fee for a one-year subscription. If this resource protects you from cybertheft, it’s well worth the $10 to $60 per year you’ll spend for it!
2. Multifactor authentication (MFA) — Adding extra protection
Gone are the days when a single method of authentication, such as a password, is enough to protect your accounts from hackers. Today, investors need multifactor authentication (MFA), which provides extra security on accounts by confirming your identity on your own devices using two or more verification methods when you log in to an accounts. This second layer can come in several different forms:
- Something you know — This could be a personal identification number (PIN), a password, answers to “secret questions” or a specific keystroke pattern.
- Something you have — Something you have in your possession, such as a credit card or a smartphone
- Something you are — This more advanced category might include a biometric pattern of your fingerprint, an iris scan or a voice print.
MFA prevents unauthorized access to your account, even if a password is compromised. This extra level of protection is critical to keeping your sensitive financial information and investment accounts safe.
To enable MFA on email accounts, online banking apps and brokerage accounts, you will need to enable this feature for each account or app for which you want to use MFA. This usually involves just a few simple steps, like these:
- Go to Settings, often in your account profile.
- Look for and turn on MFA. It may be called “two-factor authentication,” “two-step authentication” or something similar.
- Confirm your choice. Select which MFA method tyou want to use from the options provided by each account or app.
Again, I’m not endorsing any MFA platforms, but here are three for you to check out.
- Authy is a free mobile app that generates secure passwords for specific actions on a website or service. As the user, you enter your Authy password in addition to your regular password to log in to an account. Also, Authy can send SMS messages to your phone to verify your identity.
- Google Authenticator is a mobile app that adds an extra layer of security to your online accounts by using MFA to generate one-time passcodes (OTPs) that you enter in addition to your password when you sign in to an account. Google Authenticator generates a unique six-digit passcode for each site or service you’re signed in to. The passcode is based on the current time, so each one is different. Hackers cannot intercept or redirect the codes. You can use this app on both iOS and Android devices.
- Hardware security tokens, also called “hard tokens” or “hard security keys,” are tangible hardware devices that use encryption algorithms, OTPs, time-based one-time passwords (TOTPs), authentication codes, biometrics, or secure PINs to complete MFA requests. In contrast, soft tokens are software installations, such as mobile apps, that fulfill the same purpose.
- Security professionals consider hard tokens safer than soft tokens because cybercriminals cannot bypass the physical devices with just an internet connection. In most cases, someone would need to physically steal or replicate a hard token to gain access to an organization’s security system. These tokens are small devices that you can clip onto a keychain. They look like thumb drives (flash drives), and you can buy them at retailers such as Office Depot, Amazon.com and online secuity-specialty stores.
3. Virtual private network (VPN) — Protecting your online privacy
Another way to increase the safety of your accounts is by using a virtual private network, or VPN. A VPN creates a secure connection between you and the internet.
A VPN establishes a digital connection between your computer and a remote server owned by a VPN provider. It creates a point-to-point tunnel that encrypts your personal data, masks your IP address and lets you sidestep website blocks and internet firewalls. This ensures that your online experiences are private, protected and more secure.
A VPN is virtual because no physical cables are involved in the connection process. It is private because through this connection, no one else can see your data or browsing activity. And it is networked because multiple devices — your computer and the VPN server — work together to maintain an established link.
A VPN is a must when you travel. It is risky to use public Wi-Fi in airports, hotels or coffee shops, where cybercriminals can easily intercept sensitive information. A VPN helps protect your personal and financial data from such threats. Always connect to a VPN before accessing financial accounts or conducting any sensitive activities on public networks.
Here are three VPN providers to consider:
- CyberGhost VPN, with plans starting at just $2.19 per month, keeps your internet activity hidden from anyone who might be watching, including hackers, advertisers, your ISP and the government. CyberGhost VPN encrypts your online traffic and hides your real IP address, whether you are streaming, gaming, shopping, banking or just browsing.
- ExpressVPN, launched in 2019, offers excellent speeds in many countries worldwide, as well as military-grade encryption and multiple security protocols. It does not collect user data, and you can use it on up to eight devices at once.
- NordVPN is an antivirus tool that uses machine learning and cyberthreat intelligence to protect against malware, trackers and ads. It includes a data-breach scanner, encrypted cloud storage of up to 1 TB of data, identity and SSN monitoring, credit monitoring, alerts, ID theft insurance and cyberextortion insurance.
Your smartphone might have a VPN configured on it. To find out if it does, go to your device’s settings, and tap “Network & Internet.” Then tap “VPN.” If you can’t find it, search for “VPN.” Any VPNs already configured on your device will show up there. You can also install a VPN app from the App Store or Google Play Store.
Combining cybersecurity tools for maximum protection
You can protect your identity, personal information and accounts even further by using these tools together. We recommend using all three tools in combination for a comprehensive cybersecurity strategy. Using a password manager, MFA, and a secure VPN connection will provide you with robust security that every investor needs. Again, a password manager will create secure passwords, MFA will add an extra layer of protection and a VPN will protect your online activities.
Are you using any of these tools? If not, we encourage you to begin using all of them as soon as possible. While we are here to help you manage, save and grow your assets, we also want to help you protect them using the tools that are easy to acquire and use. Please make this a priority!
