Protect Yourself and Your Information Online
By Ryan Douglas, Senior Vice President and Risk Officer
More and more of our daily life is moving online every day, and scammers are getting better and better at using the Internet to gain access to our sensitive personal information. For instance, computer networks and email servers are subject to hacking, but have you ever used email to send information that you wouldn’t want someone other than the email recipient to see? If so, you may want to rethink how you use email and look into secure alternatives.
What shouldn’t I put in an email?
The basic rule is not to put anything in an email that you wouldn’t be comfortable having an unknown person read. That is because email is inherently insecure, and once an email is sent, there are many ways that a bad actor might be able to gain access to the information within it. Some of the most sensitive information we all need to protect involves our finances. You should never put any of the following information into an email:
- Social Security numbers: Your Social Security number (SSN) is one of the most sensitive pieces of information, and you should take steps to protect it from disclosure or misuse. Never put your SSN in an email or attach any files to an email that might contain your or anybody else’s SSN (such as tax returns, personal financial statements or loan applications).
- Usernames, passwords or PINs: Take steps to protect your usernames, passwords and personal identification numbers (PINs). This is particularly true of usernames and passwords used to access your financial accounts. If someone is able to log in to your online banking account, they can transfer funds or issue payments out of your account as if they were you. They can also access and use loyalty points from airlines and hotel chains, or make orders using your saved payment information at online retailers.
- Checking account or routing number: There may be a legitimate reason to share this information with someone, such as your Human Resources department to set up direct deposit or to make a payment for a legitimate bill. However, if someone else gets access to that information, they can make withdrawals or payments out of your account. Only submit payment information through a secure channel such as an encrypted website or in person.
Credit or debit card information: While your credit card number should be kept private, you should also ensure that you do not give out the expiration date of the card, the security code (CVV) on the front or back of the card, or even the billing ZIP code associated with the card. These pieces of information, particularly taken together, can allow people to make payments in your name.
The same caution should apply to any sensitive information, such as a driver license or passport number, sensitive health information or documents protected by attorney-client privilege.
How does Pacific Crest protect me?
Like any bank, we will never ask you to provide sensitive information via email. We will also never ask you for a username and password over the phone. We know that we have a duty to protect our valued clients even if we require sensitive information to service your deposit accounts, provide payment services and extend credit. We use an encrypted email and file-sharing service called ShareFile to securely share information between bank employees and our clients. If you need to send sensitive information to a Pacific Crest employee, they will provide you with a link to securely upload those files, or you can upload them directly to our online File Drop.
How else can I protect my information?
There are many things you can do to increase your security online.For instance:
- Enable two-factor or multi-factor authentication (2FA or MFA) whenever offered.
- Use strong and unique passwords to secure your accounts. Do not reuse passwords.
- Make sure that all of your software and devices are up to date.
- Install and enable antivirus software on your computer and other devices.
For information on scams and how to avoid them, as well as tips for what to do if you’ve fallen victim to a scammer, visit the following resources.