Create passwords and PINs not easily associated with you
- We recommend not using your children's names, your pet's name, the last four digits of your Social Security number or any other item of information that may be readily known by others. Consider using a combination of letters and numbers that is not easy for anyone to guess.
- o Example: Maternal grandmother’s initials + last two digits of your HS graduation year + abbreviation for birth state + first and last initial of your high school English teacher (Suzie M. Howard + 2003 + North Carolina + Cyndi Edwards = smh03ncce)
- Memorize your passwords and PINs; do not write them down.
- Do not share your passwords and PINs with anyone, even if someone asks. Note: Your financial institutions will not ask you for this information.
- Change your passwords and PINs regularly, especially if you suspect that someone may have knowledge of them.
- Consider using more than one method of authentication such as a password and a touch ID (ie. thumb print) or a one-time password and challenge question. Some websites offer an authorization code, which is a one-time number sent via email or text when you log in.
Use caution with email and websites
While email is an efficient form of correspondence, In fact, criminals can use electronic messaging (email, instant messages, SMS) to gain access to personal information.
Most financial institutions have a secure messaging feature on their Web sites (once you are logged on). Send personal information through known and trusted sites only; and, if you manage your financial accounts online, check them regularly for any unusual activity.
Also, technology changes quickly. Keep your computer's virus and firewall software current. Your employer plays a role in safeguarding your work devices, but you are responsible for your personal computer, tablet phone, router, etc.
Discuss the risks of identity theft and fraud with your family
- Warn children not to give out personal information to strangers on the phone, online or in person.
- Make teenagers aware of the dangers posed by online activity, such as phishing emails, fraudulent websites and unsecured messaging channels. Do not share personal information online without verifying the identity of the other party.
- Elderly people may be easy targets for criminals. Caution them against giving out personal information or access to financial accounts over the phone, online or to anyone soliciting door to door.
Safeguard your at-home information
- Use a shredder to dispose of all personal documents you are throwing away, such as your bank account statements, credit card statements and quarterly reports on brokerage accounts.
- Shred (or, at the very least, tear up) any unwanted credit card offers. If you are inundated with credit card offers, you can remove your name from the Direct Marketing Association's unsolicited mail list: www.dmaconsumers.org/consumerassistance.html
- If you receive telemarketing calls, register your landline and mobile phone number with the National Do Not Call Registry: www.donotcall.gov
- Keep a list of your credit card numbers, their customer service phone numbers and your driver's license number in a safe-deposit box in the event your wallet is ever stolen.
- Merrill Lynch now offers Trusteer Rapport Malware Defense Software. To learn more or download go to: https://www.ibm.com/security/trusteer/landing-page/merrilllynch/
Rapport provides an extra layer of protection by working alongside clients' anti-virus software and firewall to help:
- Prevent malware and fraudulent websites from stealing online IDs, passwords and other sensitive information.
- Secure browsers to keep malware from tampering with online transactions.
Features and Benefits of Rapport:
- Guards sensitive information when signed in to the MyMerrillTM and Merrill Edge websites, while your anti-virus software scans your computer files.
- Blocks malicious software that anti-virus software can’t detect or remove, keeping it from attacking, tampering and stealing sensitive information.
- Protects a computer's connection with our firm’s websites so criminals can't interfere or "listen in."
- Warns users if they accidently visit a fake website that looks like MyMerrillTM or Merrill Edge.
- Is free and requires no registration, restart or further commitment.
Mobile Device Security
Mobile devices are essentially small computers, meaning they are still vulnerable to viruses and malware. Update your mobile device operating system regularly and keep the following tips in mind:
- For maximum security, download the mobile application directly from your financial institution’s web-site, and use it on the go instead of an unsecured web browser.
- Guard your personal information on your phone or tablet device by using strong passcodes. Use caution when browsing websites, downloading applications, performing financial transactions and sharing personal information or location.
- Do not respond to suspicious fraudulent texting, calls or voicemails. Requests for personal information or a call for immediate action are almost always a scam.
Stay informed regarding mobile security issues in the news and be aware of fraudulent mobile banking applications. Criminals may develop and publish fake mobile applications in an attempt to steal your online credentials. Note: The Merrill Lynch mobile application still requires you to enter your online ID and password before accessing your financial information.