Your brokerage firm must safeguard your personal financial information. But even the best procedures cannot prevent all instances of identity theft—especially if the vulnerability lies with you, the customer. This brochure describes the critical steps you can take to safeguard your financial accounts and help prevent identity theft.
How Does Identity Theft Occur? A host of ways. Some identity thieves use keystroke logging software to capture usernames and passwords, disseminating these programs through instant messages, Emails, or freeware. Others “phish” for sensitive information by sending phoney emails that purport to come from a legitimate financial institution but which ask for information your firm would never request through email—such as confirmation of an account number, password, credit card Number, or Social Security number. Still, others use the oldfashioned method of “dumpster-diving” to recover your discarded account statements or other records that haven’t been properly shredded.
How Can I Protect Myself? Take the following steps to secure your brokerage accounts and your personal financial information:
Protect Your Passwords and PINs. Do not share your passwords or PINs with others. You also should not store your passwords or PINs on your computer. If you need to write down your passwords or PINs, store them in a secure, private place. You should change your passwords and PINs regularly and use a different password and PIN for each of your accounts. Use passwords and PINs that contain numbers and letters or symbols.
Maintain Your Computer Security. Personal firewalls and security software packages (with antivirus, anti-spam, and spyware detection features) are a must for those who engage in online financial transactions. Make sure that your computer has up-to-date security software, including security patches, that the software is configured for automatic updates, and that the software is always turned on. For laptops, be sure to use encryption software. Computer hardware
Check for Secure Web Sites. When you access your brokerage account online, check to ensure that the login page indicates that it is a secure site. The address of a secure Web site connection starts with “https” instead of just “http” and has a key or closed padlock in the status bar (which typically appears in the lower right-hand corner of your screen). When you click on the padlock, the security certificate should confirm the identity of the site you are visiting. In Microsoft Internet Explorer 7, look for the address bar to turn green.
Don’t Respond to Emails Requesting Personal Information. Legitimate companies will not ask you to provide or verify sensitive information through email. If your financial institution actually needs personal information from you or your statement, call the company yourself – using the number in your files or on your statement, not the one the email provides! Do not respond to emails, such as “phishing” emails, seeking your password, PIN, or other personal information
Secure Your Confidential Documents. Keep all your financial documents in a secure place, and be careful how you dispose of any documents with financial or other confidential information. Shred documents that have confidential financial or identification information before throwing them away
Use Your Own Computer. It is generally safer to access your brokerage account from your own computer. Avoid using public computers to access your brokerage account. Public computers may
contain software that captures passwords and PINs, providing that information to others at your expense. If you do use another computer, be sure to delete your “Temporary Internet Files” or “Cache” and clear all of your “History” after you log off your account. You should occasionally check to make sure that no one else has attached any device or added programs to your computer without your knowledge or consent. Consult the Help function on your browser and operating system to learn how to delete this information.
What Should I Do If My Identity Has Been Compromised? If you think that your personal information has been stolen, immediately contact your brokerage firm and other financial institutions, including credit card issuers, to notify them of the problem. You should also notify the credit bureaus to put a fraud alert on your file. If you detect unauthorized transactions in or withdrawals from your brokerage account, ask the firm to investigate. Be aware that your firm will need time to determine what happened and may need your help in identifying family members or others who might have access to your account. In the meantime, be sure to change y