How to keep your money safe from cyberattackers

  • One takeaway from the WannaCry ransomware attack? 'An ounce of prevention is worth a pound of cure.'
  • To help prevent fraud, monitor your accounts regularly — perhaps on an online aggregator.
  • Changing passwords and updating system software regularly are also good ideas.
Computer hackers can be foiled if users take precautions when banking online.
David Woolfall | Getty Images
Computer hackers can be foiled if users take precautions when banking online.

The WannaCry ransomware attacks have spread like wildfire across the globe. As White House officials try to pinpoint where the attacks on hundreds of thousands of computers in 150 different countries stemmed from, and how to get locked data released, consumers are left wondering if their most important data is safe.

With nearly 287 million Americans on the internet, handling everything from shopping to portfolio management with the click of a mouse or a tap on an iPhone, there's an extraordinary amount of data being produced every day that cybercriminals would love to get their hands on. This includes everything from Social Security numbers to email passwords and bank account information.

Just last year the global bank-transfer system SWIFT was hacked, and tens of millions of dollars were stolen. If a system like SWIFT is at risk, you can only imagine how accessible our personal data is, and the recent WannaCry hacks make that lesson clearer than ever.

More from FA Playbook:
Retirement saving remains a challenge for many women
What Trump's economic agenda means to you
Will students with student debt benefit under Trump?

The issue is so pressing in the wake of WannaCry that on May 17 the Securities and Exchange Commission issued a cybersecurity alert for broker-dealers, financial advisors and investment funds that stressed both the importance of undertaking penetration tests and vulnerability scans on critical systems and the necessity of upgrading systems on a timely basis.

The alert noted that in a recent SEC Office of Compliance Inspections and Examinations study of 75 financial firms, 5 percent of broker-dealers and 26 percent of advisors and investment funds did not conduct periodic risk assessments of critical systems to uncover vulnerabilities, potential business consequences and other cybersecurity threats.

There are certainly lessons that consumers should learn from the most recent cyberattacks, too. One big one is that proactive protection is far less painful than dealing with the trail of destruction that's caused when an online thief steals your information. Here are nine easy ways to implement best practices that you can use today to help keep your financial data secure.

1. Use a service that aggregates your financial accounts. The easiest way to review all of your financial accounts quickly for any suspicious activity is to aggregate your accounts with a tool that will show them all in one place. These aggregation services offer an easy way to check your statements and balances but don't allow you to move money, making them much less valuable to hackers. They also mean you will not be regularly logging on to multiple sites, leaving a trail. By limiting access points to your accounts and consolidating into one platform, you'll limit the number of opportunities for hackers to compromise your data.

2. Monitor your accounts regularly. It's good practice to monitor your financial accounts on a weekly, and even daily, basis. If you're using a financial aggregation tool, look for one that will also proactively provide you with account updates by sending you push notifications or emails, and flag any changes to your spending so that you can take immediate action if anything seems abnormal.

3. Utilize two-factor authentication sign-on. When selecting any type of online financial tool, only use one that offers two-factor authentication sign-on. With two-factor authentication, if you log in from a new device, you will be required to provide mobile phone or email verification (or both) to confirm your identity.

4. Don't reuse your passwords, and avoid sharing. Reusing passwords is an age-old mistake that is all too common, leaving you open to an attack. Use a unique password on every bank or financial site you access, and if you use an aggregator, make sure the password is secure and includes letters, numbers and special characters. Not only should you change your passwords at least every 90 days, you should never share password information with anyone (such as a spouse) by email or text, only in person or over the phone.

Sign Up for Our Newsletter Your Wealth

Weekly advice on managing your money
Get this delivered to your inbox, and more info about about our products and services.
By signing up for newsletters, you are agreeing to our Terms of Use and Privacy Policy.

5. Use read-only apps. When selecting a money-management app or a financial aggregation tool, it is best to use one that is read-only. This means that no money transfers can be made from the platform, and a hacker cannot transfer funds from your account into theirs.

6. Update your operating system (e.g., Windows, IOS) patches. Patches are software updates that correct a security vulnerability. You may have heard that Microsoft recently issued new ones following the WannaCry cyberattack. Updating your patches regularly helps protect your data, and both Windows and iOS have settings that allow them to be updated automatically, so you don't need to think about it.

7. Don't access your financial accounts on public Wi-Fi. Public Wi-Fi networks are prime targets for hackers, as these networks often are not secured. When possible, try to avoid surfing the web on public Wi-Fi, especially if you are accessing your bank or financial accounts.

"Attacks such as WannaCry remind me of the truth in the adage 'An ounce of prevention is worth a pound of cure.'"

8. Don't store your credit card information online. Not only are hackers targeting your personal financial accounts, they also frequent the companies and stores you favor. When you shop online, avoid storing your credit or debit card information on your favorite retail sites, as this can leave you vulnerable to a breach. Although entering your information every time you shop online or memorizing your credit card number may be tedious, it's much less tedious than dealing with being hacked.

9. Beware of phishing attempts. Email phishing attempts occur every day – from the obvious "You've won the lottery!" scam to a headline-grabbing attack earlier this month that targeted consumers with a fake shared Google document. Look out for any suspicious emails asking you to download attachments, click on links or share bank information. If you receive a suspicious email that appears to be from someone you know, confirm by phone whether they sent it before you click on any links or attachments.

Attacks such as WannaCry remind me of the truth in the adage "An ounce of prevention is worth a pound of cure." Adopting these best practices and going the extra mile to protect yourself online may seem tedious, but it is far less time-consuming and traumatic than dealing with the aftermath of a hack.

— By Fritz Robbins, chief technology and information officer for Personal Capital

Contact FA Playbook


    Get the best of CNBC in your inbox

    Please choose a subscription

    Please enter a valid email address
    Get these newsletters delivered to your inbox, and more info about our products and service. Privacy Policy.

Advisor Council

  • Lee Baker, founder, owner and president of Apex Financial Services

    Lee Baker is founder, owner and president of Apex Financial Services, an Atlanta-based financial planning firm "dedicated to helping individuals and businesses achieve their goals."

  • Louis Barajas is founder and CEO of Wealth Management LAB, a fee-only firm specializing in the entertainment industry.

  • Sophia Bera, founder of Gen Y Planning, has been named one of '10 Young Advisors to Watch.'

Latest Special Reports

  • Frontline insights and unique views on key issues and challenges facing today’s CFOs.

  • The personal and economic pain from the COVID-19 pandemic is being felt all over the world. As a result of this unprecedented disruption, businesses owners and employees are dealing with an immeasurable level of suffering and facing scenarios they never could have imagined. Through expert analysis and advice from proven business leaders, The Path Forward explores the extraordinary challenges businesses are facing and offers ideas to help owners navigate this global crisis and thrive once again.

  • The Workforce Wire provides news and information on what employers and executives are doing to adapt to the ever-changing workplace.

FA Hub