Many of us understand the importance of keeping our data safe from hackers and identity theft, but when you use the Internet to work or run a business, manage your bills, communicate with family and friends, stream entertainment and more, it can be easy to slip up. Think about it—you’re a smart person, but you’ve probably clicked the “accept terms and conditions” button on a website without actually reading the fine print. (No judgement—we’ve all been there.)


Fraud can happen to the best of us, but there are simple and effective ways to minimize your risk. Here are six easy ways to prevent identity theft and other fraudulent activity while navigating life online. If you have questions or would like to discuss other ways to improve your financial health, please contact us.

Use a secure password and connection

Choose a password that combines letters, numbers and symbols. It should be difficult to guess, so avoid things like your spouse’s name or your birthday. Whenever possible, use different passwords for each app or website. You may want to store your passwords in a notebook that’s kept in a safe place like your home office, or in an app designed to keep your passwords secure.


In addition to keeping your passwords private and secure, avoid logging into any accounts from unencrypted Internet sources. It’s safer to access your accounts from an encrypted Internet connection in your home or office than in a coffee shop with free wifi, for example. If it’s not urgent, wait until you’re home!

Update your passwords annually

Set a calendar reminder to update all of your passwords annually (or even every six months). It may help to keep a list of accounts that need updating—for example, your banking, your cell phone and utility providers, your email and social media channels, streaming subscriptions, etc. Once you’ve done this, be sure to update your physical list of password saving app with current information. This takes a little time, but it’s far less inconvenient than dealing with the aftermath of a hacker!

Use two-step verification

Two-step verification (or two-step authentication) involves adding an extra layer of security and protection to your online accounts. This usually involves something like a password plus a prompt on a physical device (typically your smartphone). Whenever possible, enable this feature to increase protection around your accounts. Some devices and programs allow you to enable biometric authentication—a security feature that involves reading your fingerprint or using some form of facial recognition from a mobile device. It’s another great option!

Be wary of scams

Email scams used to be fairly obvious—they were plagued by spelling errors, awkward phrasing and suspicious links—but modern hackers know how to confuse even the most media-savvy individuals by mimicking familiar formats, branding and other visuals. To avoid phishing scams and other forms of fraud, be sure to look at the email address as well as the body of the email (for example: is a real email address for our credit union, but is not). Even if the email comes from a familiar name, it could be a phishing scam or hacker, so take a moment to look for suspicious language, attachments and/or links. If you receive a link or attachment you aren’t expecting, you can always make a quick call to confirm the authenticity of the message before clicking. And when in doubt: delete and ignore.


Scammers often use similar techniques on social media and even text message, so this cautious approach should be used across all forms of digital communication. A popular Instagram scam involves hacking into someone’s profile and messaging their connections a request to “help verify” their account after being “locked out.” If you see this or something else that isn’t sitting well with you, block and report the account.

Keep your personal data private

Social media is a lot of fun and an easy way to stay in touch with friends (plus, a great marketing tool for small business owners), but it’s also the perfect target for hackers who want access to your personal information. Consider making your profiles private instead of public and limiting the number of connections you have to real-life friends, family and colleagues. You should also avoid oversharing details about your job, home, financial assets or travel plans.


If you see a social media post that prompts you to share your birthday, street name, mother’s maiden name or other personal data—for example, by asking you to provide a funny response that subtly identifies your middle name and hometown—don’t. It’s fine to read it and have a laugh to yourself, but scroll on without commenting. By following these best practices for online safety, you’ll be able to enjoy the web without worrying about it.