Protecting Your Personal Financial Information

More than ever before, we are being asked to trust the financial institutions with which we do business to ensure our personal information cannot be accessed by what seems to be an ever-growing number of identity thieves and cybercriminals. But it’s important to realize that we have a role to play in protecting that information, as well.

In this article, we’ll recommend specific steps you can take to insulate yourself from the risks associated with online criminal activities like identity theft, phishing, and fraud schemes. And we’ll share information about the procedures we follow in the interest of protecting our clients.

Protecting Your Personal Information

One useful way to think about protecting your personal information is by taking intentional actions that will make it difficult for someone to access your credit card and account numbers, your passwords, or even your Social Security number.

In many cases, your passwords or PINs are your first line of defense, so consider these best practices:

• Change all passwords regularly. Use a mix of numbers and letters – never use common words or phrases. Your password is more secure and harder for criminals to guess if you include a special character, like an asterisk or an exclamation point. 
• Protect your PINs and other passwords. Do not share your passwords or pins with anyone. Make sure your password is unique and difficult to guess.
• Use a reputable password manager application. Password managers are designed to store your passwords in an encrypted database, accessible only with your master password. They can generate, store, and retrieve complex passwords for all your accounts, making it easier to use unique and secure passwords everywhere. 

Ensuring the security of your electronic devices is another effective way to safeguard your sensitive information. Here are some useful rules of the road you should follow:

• Maintain appropriate security on your computers and other electronic devices. Make sure you secure your wireless network and protect your computers and electronic devices from viruses and spyware. Most major software companies regularly release updates to address new security threats.  You should keep your system and applications updated with the latest patches and releases by enabling automatic updates and making sure your security firewall is turned on. 
• Remember to protect your information when disposing of computers and other electronic devices. Your computers and other electronic devices may have a lot of sensitive information on them. It could be financial information like your account numbers or tax returns, or it could be personal information like email messages, text messages, voice mail or photos. When disposing of your old devices, it’s important to take steps to help ensure this information doesn’t end up in the hands of an identity thief.
• Avoiding using public wireless networks and public computers. Many cell phone carriers offer "data tethering." Consider using your cell phone's ability to access the web with your laptop or tablet instead.

Safe and responsible use of the internet is another important way you can deter those seeking to gain access to your personal financial information. Here are a few suggestions for limiting your risk:

• Download cautiously. If you visit a website that looks questionable, leave. Some free games and free downloads are really tricks to download viruses or spyware on to your device.
• Watch out for “phishing attacks.” If you receive an email that looks suspicious, don’t click or open anything. Simply delete it from your inbox. 
• Be wary of advertisements, emails and spam phone calls: You may receive what seem like great deals or limited-time offers that require you to act fast, but you should verify they are legitimate before clicking or sharing any personal information. If you don’t know the company or sender of an email or who’s calling on the phone, that can be a red flag. Look up the information online and make sure you only go to sites that are “https” — with the “s” representing secure.  Avoid financial transactions on “http” sites.

Not all threats are of a digital nature. There is still a real world out there, and it’s important to take steps that make you less likely to be a target. Here are some suggestions you may find helpful:

• Store personal information in a safe place. Tear up or shred old receipts and account statements before throwing them away.
• Guard your mail from theft. Do not leave bill payment envelopes in your mailbox with the flag up. Instead, deposit them in a post office collection box or at the local post office. Promptly remove incoming mail. It is recommended to sign up with the USPS Informed Delivery service which provides daily emails of what is to arrive at your mailbox that day.
• Carry only the minimum amount of personal information you require. You can adopt a minimalist approach by utilizing a digital wallet on your phone to store payment cards, loyalty cards, and even driver's licenses or other IDs (where permitted).

Finally, one effective but sometimes overlooked line of defense is simply awareness. Here are a couple of examples:

• Pay attention to billing cycles and statements. Inquire if you do not receive a bill. 
• Check account statements carefully to ensure all charges, checks or withdrawals are authorized. 
• Consider purchasing credit monitoring services or identity theft protection. These tools can help you check your credit score and reports regularly and alert you about changes and concerns. They will flag activity such as applications for credit in your name, credit limit increases or additions of authorized users on your account. Some service may also offer public record searches and scans of chat rooms and black-market websites for your personal information. 
• Order copies of your credit report from each of the three major credit bureaus once a year to ensure they are accurate. 

What if you've already been a victim of identity theft?

To this point, our focus has been on how to prevent yourself from being a victim of identity theft. But what if you believe it’s already happened? In that case, it’s important to take immediate action and keep records of your conversations and correspondence. While the exact steps you should take may vary depending on the nature of the crime, all of these measures should be considered.

1. Contact the fraud departments of any one of the three major credit bureaus to place a fraud alert on your credit file: 
   • Equifax (www.equifax.com): 1-888-766-0008 / P.O. Box 740241, Atlanta, GA 30374 
   • Experian (www.experian.com): 1-888-397-3742 / P.O. Box 9532, Allen, TX 75013 
   • Trans Union (www.transunion.com): 1-800-680-7289 / P.O. Box 2000, Chester, PA 19016 
2. Contact the creditors for any accounts that have been tampered with or opened fraudulently.  
3. File a report with your local police, or the police in the community where the identity theft took place, and get a copy of the police report. 
4. File a complaint with the Federal Trade Commission (FTC). Complaints can be filed by phone, 1-877-IDTHEFT, or through the FTC’s identity theft Web site.

Working Together to Protect Your Confidential Information

This probably seems like a daunting set of information security “assignments,” but making these best practices habits can help reduce that burden. And you can rest assured that you’re not in this battle alone. Everyone at First Command takes our responsibility to protect our clients’ personal information seriously, and we have developed specific protocols and systems to support those efforts.

• Ensuring privacy and security during online sessions. First Command uses industry standard security protocols during your online sessions, these protocols along with password requirements and multi-factor authentication options helps protect the safety and confidentiality of your information.
• Encrypting email communications. We provide a secure channel to communicate with us via your online portals.  Any communication that contains confidential information should be sent through your online portal.   
• Verifying transaction requests. Never use email, text or voicemail to request, authorize or affect the purchase, sale or transfer of any security or financial product. For your protection, First Command will never accept instructions on your account without first confirming your identity and intentions before we take any action impacting your investments or other financial products.

For more detailed information on First Command’s information security practices and procedures, view our Online Security Notice and Privacy Notice.

Despite our combined efforts to protect and secure your confidential information, it’s important to understand and acknowledge that information security is a never-ending battle. As technology evolves, regulations become outdated and identity thieves and cybercriminals become increasingly sophisticated, it is essential that we work together to keep pace.