Online protection is easier than you think

These days, we have accounts for everything. Think about all the apps on your phone, all the businesses you frequent and all the loyalty programs you signed up for to get 10 per cent off at the cash register. More people know our names than ever before, and our accounts are treasure troves of information. It’s become crucial to protect them, but many of us don’t know how.

The information about cybersecurity and the time it takes to set everything up can be overwhelming. Especially for those of who truly don’t understand it all. But, the good news is there’s a simple way to beef up protection of all your accounts.

Multi-factor authentication (MFA) is the unsung hero of online security. For those who don’t already use it, it adds an extra step to logging in so that if anyone does get access to your username and password, they still won’t be able to access your account without a specific code. That code can either be texted to you or found in an authenticator app, like Google or Microsoft, that only you have on your phone.

MFA is a saving grace when used correctly. Many people turn it on for their most important accounts, like email, online banking and home security monitoring, but that’s where they stop. It’s important to remember to safeguard your MFA information as well.

Whenever you get a code via text or email, remember to delete it after use. If the code stays active for longer than a few minutes and someone else gets access to it, they may soon have access to your account.

Remember that no one will ask you for your MFA code. If you are on the phone with a customer service representative and they ask you for your MFA code, end the call. Call back on a number you’re sure is for the service you’re trying to obtain. Scammers can create realistic-looking business websites with phone numbers but it may not be a certified repair person or your real bank on the other end. Dialing your bank from within your app is always a good idea to ensure it’s the right number. You can also save companies’ phone numbers right in your phone so you don’t have to repeatedly look them up on search engines and wonder if they’re real or not. Scammers can be sophisticated enough to pretend to be third-party helpers of the organization you’re trying to reach when there’s actually no affiliation at all.

It’s important to stay extremely vigilant in these situations. If the person on the phone says something bad will happen if you don’t give them the code, that’s a red flag that something is wrong. Again, hang up and find a way to contact your service provider directly.

These scams can also happen on social media. If anyone tries to ask for MFA information over an online social platform, do not oblige. Scammers play the long game on these apps, developing the trust of their victims then asking for the information to “help” their victim with someone they don’t understand. It becomes easy for the victim to trust that this person will help them, but they soon find their accounts, personal information and money stolen.

If someone does ask you for your MFA information, report it to the BBB ScamTracker to help keep others informed and safe. You can also browse scams targeting your areas so you know what to look for to keep yourself and your family safe.