Are Your Online Financial Accounts Secure?

September 21, 2017

Earlier this month, Vanessa and I dealt with a frustrating cyber-security threat. One of our accounts was hacked, and the individual was able to steal some financial resources. We are working with appropriate parties to recover the loss, but the entire process is extremely frustrating and time consuming.

If you haven’t yet experienced this type of cyber-crime, be thankful. But more than that, you should take precautions to minimize your risk exposure so that this doesn’t happen to you.

The Growing Threat

The volume, scope and cost of cyber-crime continue to increase rapidly in our increasingly complex, and highly connected financial world. Cyber-crime is up 20% since 2014 and is the fastest growing economic crime, according to PricewaterhouseCoopers’s (PWC) latest biennial survey. Juniper research recently predicted that the rapid digitization of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally by 2019, increasing to almost four times the estimated cost of breaches in 2015.

I cite these studies to make a point – this is a growing threat across the globe. If you use the internet to manage any of your financial accounts, you are exposed to this threat.

How Does it Work?

There are numerous different hacking methods that can be used to steal your personal information. Some of the most common types include email phishing scams, where the criminal sends out a targeted email that mimics a legitimate organization or personal contact. If opened or downloaded, the email/attachments often infect your computer with malware to track or steal your personal login information.

Other hacks can easily track keystrokes and login information when entered using an unsecured internet connection. This is common at restaurants, coffee shops, airports, shopping malls, and the other numerous places that offer free, unrestricted WiFi access. Many consumers believe these connections to be secure, but they are wide open and easily exploitable.

There are an increasing number of other, more sophisticated hacking techniques that are highly targeted. With these, hackers often target specific, high net worth individuals. If they are able to gain access to even one account or credit card, they are able to exploit and steal assets or other economic information. Sometimes they steal account information through brute force attacks on encrypted accounts or logins, but don’t immediately use it. They use the first account as a gateway to crack more accounts, then execute a planned attack.

How to Protect Yourself

The bad news is that attacks continue to evolve and become more sophisticated. The good news is that with a few simple precautions, you can greatly improve your cyber-security defense and protect yourself against many of the most common types of cyber-theft.

1) Install a password manager

A password manager is a necessity in 2016. Most people have numerous online accounts, scattered across multiple devices, each requiring a password. Having multiple accounts isn’t a problem, but recycling the same password over and over is a major problem, because it makes your accounts much easier to hack. Instead of using one simple password, or a combination of simple passwords, you need to use unique combinations for each online account. Furthermore, each password should be long, difficult to hack combinations of letters, numbers, and special characters.

What I’m describing is a password manager. Password managers generate and store all your passwords in a secure environment. Most can even auto-fill login information for each of your stored accounts, and sync your passwords across all your devices (computer, mobile, tablet, etc.).  Password managers allow you to have unique, lengthy, difficult to crack passwords for each of your online accounts. These passwords are automatically saved on trusted and verified devices, which means you no longer have to memorize each unique passcode.

Furthermore, the best password managers do much more than that. LastPass allows users to automatically log into any specified online account. With one click, LastPass will visit the appropriate url, input your saved username and password, and log into your account. This saves a lot of time. You can also securely save any form information, such as names, addresses, credit card information, etc. All of this is encrypted securely on your local machine, untouchable by outsiders (and even the LastPass employees).

When we were hacked, a trusted source immediately pointed me to LastPass. The free version is excellent, and the premium version allows you to sync your passwords across unlimited devices for a mere $12/year. Lastpass is continually rated is one of the top three password managers, and is the cheapest premium password manager on the market. I have been extremely happy with the service thus far, and I did extensive research on available options before decided on LastPass. As an added bonus, if you sign up using our referral code, we both get a free month of the premium version (which I already purchased upfront).

2) Enable two-factor authentication

Most password managers, including LastPass, allow you to add an additional layer of security when you access your accounts, called two-factor authentication. This requires you to enter a unique security code, randomly generated and sent to your phone or other specified device, in addition to your standard login. While not completely foolproof, two-factor authentication makes password cracking much more difficult for hackers.

3) Avoid unsecured WiFi networks

Your home Wi-Fi network comes with built-in security on the router, but it’s not foolproof. If your network provider supplies you with a router ID and password, you need to change the default settings. Cybercriminals know the defaults for major network providers, making these devices extremely vulnerable.

Never access anything important using open (unsecured) WiFi hotspots. This is one of the easiest ways to get hacked. If you are traveling and need to access anything important, try to use your phone’s secured internet connection. Most modern smartphones allow tethering, and basic browsing uses little data.

4) Be careful with emails

Phishing scams are increasingly common, and can be difficult to spot. Hackers are learning how to make these emails look official and enticing. Be careful when opening any of these emails.

You should also avoid sending important account or login information through standard email accounts. Email isn’t always fully encrypted.


No one wants to spend time thinking about all the bad things that can happen in our digital world, but you need to be aware of the increasing threat, and take precautionary steps to protect yourself. Making a few changes in your user habits will significantly improve your online security. If nothing else, take the following precautions:

  • Avoid using personal information (such as important names, dates, or phrases) in your passwords. Hackers can easily find lots of public information on you, which makes password cracking very easy.
  • Instead of using a common password for your accounts, consider using LastPass or another dedicated password manager. These programs allow you to use unique, extremely strong passwords for each personal login, making hacking much more difficult.
  • Avoid using public WiFi as much as possible – and never log into secure accounts while connected to an open network.

Do you have any other important security tips for our community? Share with a comment below.

Related Articles

Leave a Reply

14 Comments on "Are Your Online Financial Accounts Secure?"


LastPass has been one of the best tools I’ve come across in a long time. For people like myself that have a couple of passwords I use for EVERYTHING, LastPass is a lifesaver. I went back and created strong passwords for all my accounts and store it all in LastPass. Great tips Jacob!

David Dreyfus
David Dreyfus
Nice post. I am a big fan of password managers. I am a long time Dashlane user. I am sure it is similar to LastPass. I love the ease of changing passwords, syncing my password changes to the phone app, and many other features. I will never go back to remembering passwords. Also, you can store just about any sensitive information into the program, such as credit cards, bank account numbers, and more to help with auto-filling forms on websites. I save a great deal of time not trying to figure out passwords I can’t remember and never having to… Read more »
1)Frankly, I don’t take any of the precautions you recommend and have never been hacked. It’s implied that you used a password that can be guessed at like high school name or birthday. I have taken a few precautions which seem to have served me well. 2) make the password difficult. I have even written the password down but I don’t write any User IDs on the same piece of paper as the password. As time has gone by, I have come to rely on mnemonics. I still write the password down but as soon as I memorize the mnemonic,… Read more »
Full Time Finance
Full Time Finance

I actually would also recommend looking beyond the password tools 2 factor identification to the brokerage or financial companies 2 factor identification as well. Fidelity and Schwab both offer these functionalities for free if you just remember to ask


I like 1Password because they have a one time purchase fee option in addition to a subscription option. Then again, I think that LastPass may have some nice features (auto password changing) that are not available in 1Password.


Roboform is a great password manager too.


This is the first time I heard of LastPass, and it seems to be a good service for password security. Thanks for sharing Jacob.


It is so scary to think how much personal information can easily be stolen through cyber-hacking! I know personally, when I set up passwords I always have different ones for each account and make sure to have at least one capital letter, a number, and asterisk or exclamation point!


I have been lazy about better password management for too long. I’m going with Last Pass today. Thanks for the post.