Member security: Protecting your privacy and finances
Basic hygiene consists mostly of common-sense habits we perform automatically, like washing our hands or brushing our teeth. We don’t usually give these habits much thought, but we stick to them because we know they help prevent disease and contribute to our long-term wellness.
Digital hygiene — taking action to protect your data privacy — isn’t all that different. It’s all about common-sense practices that, when incorporated into your online routine, can help prevent identity theft and contribute to your long-term financial wellness. Yet we often overlook these basic measures when using technology.
Unfortunately, we can’t rely on our devices to protect us. No matter how advanced their security measures become, cyber criminals always find a way to slip through the cracks. That’s why it’s so important to practice good digital hygiene. With just a few simple data protection habits, you can ward off most cyber threats and keep your sensitive information private and secure.
Use strong passwords
A password is your first line of defense against hackers. It’s also a common weak spot for many of us; bad passwords are one of the top causes of data breaches. Choose strong passwords at least eight characters long that include a mix of upper and lowercase letters, numbers and symbols. Avoid using easy-to-guess passwords, like the word “password”. In fact, it’s best to using avoid any words that appear in the dictionary. You should also avoid using any words or numbers that are easily associated with you, such as your birth date or Social Security Number.
Having trouble remembering all those complex passwords? You definitely don’t want to write them down or keep them anywhere near your device! Instead, store them securely in a password manager tool.
A few additional password tips:
- Never use your password on a device you don’t trust.
- Never enter your password when using public Wi-Fi or any other network you don’t trust.
- Never email your password to anyone, as you don’t know how secure their email is.
Pro tip: Enable two-factor or multi-factor identification whenever possible, This adds an extra layer of security by requiring an additional form of ID, such as your fingerprint or a code sent to your phone or email.
Ignore suspicious emails or texts
Most legitimate organizations will never contact you by email or phone to ask for your personal information. This includes government agencies such as the IRS, financial institutions such as OCCU, and responsible companies. If you receive a request via email or a text from what appears to be a business or organization you have a relationship with and you feel unsure, we strongly encourage pausing before you reply or act. It’s important to verify the sender by looking up their phone number and calling them to confirm that the request is legitimate.
Other good communication habits to develop:
- Never open a suspicious email attachment, as it could contain keystroke-logging malware.
- If you receive a link via text or email, think before you click — even if it appears to be legitimate.
Pro tip: When in doubt, perform a Google search of the message contents. If it’s a common scam, you’ll find out pretty quickly!
Secure your smartphone
Our phones have become an essential tool in many areas of our lives, so it’s important to keep it as secure as possible. For starters, enable the passcode lock and, if available, take advantage of biometric features such as fingerprint authentication or facial recognition. Turn on the auto-lock feature that locks your device whenever it’s idle. It’s also wise to turn off the autofill feature, which automatically fills in your login info on certain websites and applications. Finally, consider enabling Find My iPhone (Apple) or Find My Device (Android) so you can track your device if it goes missing.
A few additional safe smartphone practices:
- Download apps only from secure, trusted app stores.
- Turn off Wi-Fi and Bluetooth when you’re out in public, as these can provide a gateway for hackers to access your device.
- If you do need to use public Wi-Fi, use a Virtual Private Network (VPN) client to connect securely and shield your browsing activity from prying eyes.
Pro tip: If you want to add even more protect, enable your phone’s built-in encryption feature. This will help prevent unauthorized access and make your data unreadable in case of theft.
Update your devices
Those update notifications on your computer or mobile device aren’t just annoyances you can ignore. Hackers are always finding new loopholes to exploit, and updates to your software or firmware often contain important security patches to shore up known vulnerabilities in your device. Don’t put them off for long.
Pro tip: Even if your device is set to update automatically, it may need to be connected to Wi-Fi, plugged into a power source or restarted for the installation to occur.
Report fraud to the proper authorities
Visit our Security page to learn more about how to protect your personal information and finances.