By Amanda Mitchell, AFC®
Military Consumer month is an annual collaboration effort with the Federal Trade Commission, Department of Defense, several other federal agencies, and non-profit organizations geared toward educating military members and their families about consumer issues that directly affect them. This year the focus of Military Consumer month is on online fraud. Deployments, TDY assignments, and long distances between families make the internet an essential tool in maintaining the overall wellness of military families. This makes it even more critical to know current threats and ways to ensure your family’s online presence is secure. I am going to be honest with you right now. I did not give online security a second thought before my husband started studying information technology (IT). I had no clue how reckless I was until he began his studies and told me all about what not to do. Not everyone has a resident IT person, so here are a few precautions you can take to keep your personal information safe:
- Don’t Reuse Passwords
These days you need a login ID and password for everything. It is hard to remember which one you used for which site. It makes sense to reuse passwords…right? WRONG. While this might make your life easier because it will prevent you from getting locked out of your Disney+ account while you’re in the middle of a PCS, and the only thing your toddler wants in life right this second is to watch Bluey, it also makes the lives of hackers easier. Even if you have one “really strong” password that you use, once that one has been compromised, they now have access to everything you used that password for, and data leaks are unfortunately becoming frequent. For whatever reason, this didn’t register with me until my husband said it out loud. With three kids and a hectic Army life, I tend to go on autopilot a lot. Realizing my autopilot was exposing my family’s financial future to a lot of risks, we had to make some changes with how we were doing things.
- Don’t use actual words in your passwords. This is counterintuitive, I know. But the more obscure your password, the better.
- Make them a minimum of 10 characters, but the longer, the better
- Use uppercase, lowercase, and special characters
- Consider using a password management system. Several different companies offer a version of this for free, such as Bitwarden and Google. It helps you create long and complicated passwords that are very difficult for someone to hack, increasing the chance that they will move on to an easier target. It also stores your passwords in an end-to-end encrypted “vault” so you can access your passwords easily and never forget what they are.
- If you don’t use a password manager, write them down in a “password book.” I had a journal that I bought specifically for writing down my passwords before I learned about password management systems. Keep it in a secure location, and always hand carry it when you PCS.
- Always turn on multifactor authentication if available.
2.Visiting Websites that Don’t have an https Address
Https stands for hypertext transfer protocol secure. What this means is that the data is encrypted between the website and your computer. This makes it harder for people to steal your information while surfing the web. Most all reputable websites will have an https address. Be careful when browsing sites such as Facebook, many times, you cannot see the full address of the link you are clicking, especially when you are accessing it from your phone.
- Don’t Answer Those Fun Surveys Your Friend’s Are Doing On Social Media
We’ve all seen them. Those fun questionnaires that walk us down memory lane seem to take over our social media feeds from time to time. Your DJ name = your high school mascot + the name of the street your childhood house is on, or your professional rapper name is your mother’s maiden name + the make of your first car. They are silly and seem harmless. I can’t lie, I like reading them. However, scammers love reading them as well because they give not so little hints to the answers to the security questions keeping your personal information safe. Slow it down, “Fighting Badger 37th Street”, and keep that DJ name and personal info top secret.
- Always Change Your Network Name and Password
Whenever you PCS and get a new internet service, make sure you change your network name and password to something unique. I used to think that it didn’t matter because the network name the router came with was obscure, and so was the password that came with it. However, you don’t know how many times your router changed hands before it made it to you or if someone might have written it down. Plus, a fun part of setting up your new wifi is that you get to come up with a clever network name that keeps your neighbors guessing. A few fun ones I have seen over a few PSCs are:
- Panic at the Cisco
- FBI Surveillance
- The Force
- Access Denied
- Don’t Click That Link!
We all know about the Nigerian Prince that needs our money. However, phishing emails are getting far more sophisticated. They look convincing, so much so that often people will click without a second thought. Stay on defense and always remember that:
- Banks and other financial institutions will not send you emails asking for your personal information
- The IRS and other governmental organizations will not send you emails, call you, or text you asking for information
Even if things do not look out of place, always double-check and never disclose personal information unless you are 100% sure it is to the organization you intended.