What I Learned About Online Security When my Bank Account was Hacked
After a business / fun trip to New York City, my bank called me with unnerving news: a transfer of $2,000 had been initiated to a stranger. My password & contact email had been changed too. The bank intercepted the transfer & cancelled it.
Now, I have to say my laptop had been acting weird, but I had an anti-virus (free version) & the sudden blue screen or occasional slowing down didn't equal virus in my mind. During the summer, my anti-virus completely turned off – it was impossible to turn back on, so I installed a different (free) one.
After the initial shock, I scanned my computer with 5 – five! – free anti-viruses. All came to the same conclusion: my laptop was clean + safe. I thought I must have been compromised by an unreliable internet connection while I was traveling. I changed my bank card & reset my password.
Two days later, $3,000 was transferred directly to another bank account. This time, the money was gone. Again, I couldn't log into my account & I hadn't been warned that my password had changed, even if my email had remained. I signed an affidavit at the bank to declare the fraud & they subscribed me up for one year of credit surveillance at TransUnion & Equifax as it was supposed that the hackers had had access to my social security number & other personal information. Yikes! The money was transferred back into my account, the bank suffered the loss.
This time, I didn't hold back: I transferred all my personal files on an external hard-drive (it's now in quarantine) & I did a factory reset on both my laptop & my phone. My laptop was still under guarantee so I sent it back to the manufacturer for a brand new Windows installation. When it came back, I immediately installed the latest updates, a paid anti-virus & a VPN.
Logistically, all it took was some Googling to educate myself about online security & making informed decisions.
Emotionally, this whole period of nearly 3 weeks took a toll on my capacity to concentrate & my sense of safety. As I walked to the bank the first time, I decided to forgive whoever had breached into my account & focus on the solution instead. The second time I walked to the bank, I felt shaken, blindsided & quite vulnerable. I reminded myself that I'm a business woman & I'm taking care of business.
I promised myself that if my bank account was compromised a third time, I would simply recycle my laptop & buy a new one – or maybe sell it to an anti-virus company, ha!
I learned a lot about online security. Here's the most important parts:
Protect your information
Choose Strong Passwords
I like to use LastPass to generate random & strong passwords. As an online business manager, it's also very useful for my clients who can share their passwords with me: I never know their password & they're automatically updated if/when they change it. They can also revoke sharing privileges at any time.
For all my banking accounts (my banks, Stripe & PayPal), I don't store my password anywhere, not even in LastPass. To create a strong password that I'll remember, here are a few tips:
• Choose a long phrase & replace some letters by special characters. For example: I<3allmym0ney
• Add a special ending to make it unique. For example: PayPal$
• Your complete password would be I<3allmym0neyPayPal$. It has more than 12 letters, capital letters, numbers & special characters & it's unique to your PayPal account. Since you'll be using the same beginning for your other banking accounts, it's easy to remember too.
Pay For an Anti-virus
The free anti-viruses out there share the same data bases as the paying versions, so you'll have the same detection rate (around 99%) with either. Where the paid versions become interesting is for their added protection layers to prevent the malwares to enter your computer in the first place. Many offer anti-phishing protection, a file shredder (to prevent ransomwares), webcam protection & more. These are additional barriers of entry for the virus.
You're much less vulnerable to malwares if your laptop is a Mac or a Goole Pixelbook but I don't know enough about them to give advice on their OS vulnerability.
Avoid Mobile Banking Apps
Because of the nature of their operating system & the multitude of apps we install on them, phones are more vulnerable to virus + malware. Your bank’s app might be safe, but how about that new game you installed? I suggest to play on the safe side & keep your banking to your desktop.
Use a VPN
Especially if you live in an apartment building or if you often work in cafes or other public WiFi networks, a VPN creates a safe tunnel for your information to transit. It's not an anti-virus so if you download an infected image, you still need to scan it. But at least, no one can spy on your bank login information when you submit it.
You can also install a VPN on your phone if you rely on wifi. If you have a plan with data, you’re good & don’t need to worry about it.
Be ready
If, like me, you do get a virus & need to format your laptop + phone, here are some preventative actions you can take to prepare for your re-installation.
2-Factor Authentication
When you enable 2-factor authentication for online services & apps, a few actions will potentially save you a lot of time if you lose your phone or reset your devices.
• Opt for both SMS codes & Google Authenticator.
• Take screenshots of your Google Authenticator QR code & either keep the file in a protected folder (your anti-virus should provide that) or print it & keep it hidden.
If your phone is stolen or you forget to deactivate your 2-factor authentication before you reset it, you'll be able to reload your Google Authenticator app in no time. If you still have your phone, you'll also be able to receive SMS codes & deactivate your 2-factor authentication if you lost your QR codes.
If someone does steal your phone, they'll still need your username & password to get into your accounts, the 2-factor authentication isn't enough.
Back up Your Files in the Cloud
You can do periodic back ups on an external hard drive, but it'll rarely be up to date & these physical tools are subject to deterioration + failing. I keep all my client files in Google Drive – it's always backed up & ready as soon as I log in my Google account, from anywhere. I also sync my photos so that even if I drop my phone in water, they're not lost.
Have a Backup Laptop
I'm a minimalist & I don't keep things that don't serve me anymore, but my husband keeps all kinds of things in case of. And this time, it was a total saver that we still had my old (slow) laptop. As my computer was sent away to the manufacturer + during the time to set it all up again, I could use this backup laptop & not miss a beat with my client work or even internal projects. I spent considerable time strengthening my banking security & setting up my security systems on my laptop, but at least I could keep working.
Sync Your Bookmarks
This will save you a lot of time when you start anew on your freshly reset laptop or from your backup laptop!
Now I want to know:
What’s 1 tip you can implement right now (today) to increase your online security?
Let me know in the comments below!
Marie xo
Marie-Eve Talbot is an online business manager, mentor & course creator for life coaches, holistic healers & light workers. She blends her passion for online business management with a mindful lifestyle. She lives in Montréal, Canada.