Cybercrime is making global headlines. Be proactive—and make sure your personal information is well guarded.
Cybercrime is a very real threat—regardless of where it originates in our digitally connected world.
J.P. Morgan is deeply committed to protecting you, your information and your assets: We invest more than $12 billion a year in technology—and another $600 million annually on sophisticated cybersecurity and fraud prevention systems and controls. Included in our efforts are three global security centers that monitor cyberthreats around the world, and a team of more than 1,000 cybersecurity and fraud specialists.
Your own efforts are equally critical.
Given recent events, it’s important now more than ever that you remain vigilant and actively protect yourself and your family.
Here are five security measures you can take right now:
1. Freeze your credit report
Implementing a credit freeze for yourself and family members—including for your underage children—prevents merchants, institutions and others from opening unauthorized lines of credit in your name and/or abusing your credit. Also review your credit file periodically to ensure accuracy and spot fraudulent activity.
In the United States, you can freeze your credit by contacting each of the major U.S. credit bureaus. Once frozen, the block remains in place until you temporarily lift or remove it. Internationally, most countries have their own credit bureaus that offer some form of identity protection service.
Note: A credit freeze will not impact your credit score, or prevent any of your existing creditors—or debt collectors acting on their behalf—from having access to your credit records.
2. Protect your online accounts
Preventing criminals from gaining unauthorized access to your accounts is essential. Here are three quick actions you can take. First, use a security token to log in to J.P. Morgan OnlineSM. Every 60 seconds, the token provides a real-time code that must be used in order to log in. Second, create strong, complex and unique usernames and passwords. Third, use multi-factor authentication (MFA) wherever available. MFA requires you to provide multiple pieces of evidence (i.e., factors) to validate your identity before gaining access to your account.
It’s also important to enable the “alerts” feature of financial or other accounts, which allows you to receive real-time notifications of activity.
3. Defend against a mobile device takeover
Cybercriminals can target your mobile service provider to have it transfer your mobile phone number and data to a device they control. If this occurs, criminals would be able to intercept your phone calls, text messages and emails, and also, by requesting reset codes, gain control of accounts that use your email or phone number for authentication.
If your online credentials are compromised, hackers can breach your account and gain access to your personal information, update your login details to lock you out of your account, or take other disruptive actions.
To protect yourself:
- Contact your mobile service provider to add a verbal authentication PIN/passcode on your account.
- Leverage your service provider’s “no-porting” and other security features (“no-porting” prevents your phone number and data from being transferred to another device).
- Secure your physical device by using biometrics (fingerprint, facial recognition) to unlock your device and by enabling the auto-lock feature so your device automatically locks after a period of inactivity.
- Reset your device back to its “factory settings” before returning it to your provider. This will ensure your personal information is erased.
4. Be aware of social engineering scams
Hackers use a variety of schemes, such as phishing (email messages), vishing (telephone calls) and SMiShing (text messages), to lure you into providing sensitive information (e.g., your passwords or banking and credit card details).
Before you click, text, post or respond in any way to requests for personal information or provide access to your data or devices, independently verify that the request is coming from a reliable source. For example, contact the requestor’s organization at a known telephone number (available on its website).
5. Avoid using public Wi-Fi and computers
Using an unsecured public computer or Wi-Fi connection (e.g., in a hotel or café), puts your personal information at risk for hackers to capture it. If you must use public devices or Wi-Fi to conduct business or make sensitive transactions, connecting your device via a Virtual Private Network (VPN) will conceal your data and online activity, thus keeping your browsing history and personal information secure. You can leverage a VPN through your mobile provider (where available) or from other suppliers.
We can help
If you believe you have been a victim of cybersecurity fraud or want to learn more about how to protect yourself, your family and your business from cybercriminals, please contact your J.P. Morgan team.
