Protecting online banking accounts is of the upmost importance in the digital age, as important information can easily end up in the hands of fraudsters. Nick Sosnowski, chief financial officer at IAA Credit Union, says focusing on five areas can help secure online farm assets:

1. Email security. Sosnowski says email is the master key for fraudsters to access valuable information.

“Email is the No. 1 thing you need to lock down,” he says. “If a fraudster gets access to your email, they can do just about anything — like reset your password, sign into your online banking or even email your friends and family.”

He recommends a four-faceted approach to keep email accounts secure:

A strong password. Use a different password for every account, containing a random assortment of numbers, letters and characters. 

Good security questions. Use these like a second password, with answers only the account holder would know, even considering random answers.

Multifactor authentication. These are things like an email or text code, facial or fingerprint recognition, a token generator like Microsoft Authenticator or Google Authenticator, or a physical token like YubiKey.

Password resets. Reset your passwords regularly.

2. Phone security. With access to a phone, a thief can access financial accounts, change passwords and wipe the phone completely. Securing a phone begins with strong passwords and using caution with what is stored on the phone, including social security numbers, passport information, etc.

Sosnowski says if a phone is lost, the first step is to erase the device to lock out hackers. “You have to do this quickly, because it’s essentially a race between you and thief,” he says.

3. Social media security. Social media has become a source for hackers to collect information for fraud. Sosnowski recommends the following:

4. Strong passwords. Most password compromises occur from the reuse of passwords and can create a chain reaction of compromises across accounts. Sosnowski’s top advice is to use a password manager that generates random passwords and encrypts them to keep information safe, such as:

“I know it’s a pain, but I assure you it’s more of a pain to have all of your accounts hacked,” says Sosnowski, explaining that most hacking comes from human error from clicking fraudulent links, using poor passwords, giving away codes and oversharing personal information.

5. Further protection from hackers. Some of the most common forms of hacking are:

Phishing. This is an email that appears to be legitimate with a link to something that’s typically urgent. In just one click, hackers can steal passwords, personal information and even lock up computers. Never click the link, unless it is something you’ve been expecting from a known source.

Smishing. This is phishing via text message often shown as fraudulent credit card charges, account suspensions or FedEx delivery tracking codes. If a text message seems suspicious, call the sender directly instead of clicking links or replying to the text.

Vishing. This is voice phishing to extract key information over the phone, such as credit card numbers or multifactor authentication codes. Fraudulent caller ID and voice-cloning artificial intelligence have made vishing particularly challenging to detect. The best way to protect from vishing is to control who is on the other line by hanging up the phone and calling the source directly.