How to Maximize Your Own Security
What steps can you take to maximize your own security?
- Develop strong passphrases, which are different than passwords. A passphrase may contain multiple symbols and spaces, is typically a long string of characters and is not grammatically correct.
Update your profile with a mobile phone number.
- Create a passphrase used only for MyGuideStone® or the GuideStone Employer Access® Program (EAP).
- If one of your passphrases was compromised, maintaining multiple passphrases on different platforms limits the likelihood of cybercriminal success.
- Do not share your passphrase with anyone.
- GuideStone® will never ask for your passphrase via email, text or over the phone. Your passphrase is encrypted, even from GuideStone employees.
- Create a strong passphrase that cannot be guessed.
- Use upper- and lowercase letters, numbers and special characters when creating a passphrase. Do not use your name, email, birthdate or any other personal information.
- Avoid using sequential or repeating characters (e.g., ABCD or 7777).
- Change your passphrase regularly.
- If you change your passphrase, then older passphrases that may have been compromised without your knowledge will no longer be valid.
- If you haven’t changed your passphrase in a while, change your passphrase now!
Safeguard your mobile device.
- Allows for multi-factor authentication
- This adds an extra security step for select transactions.
- Enables text alerts to your phone
- GuideStone can immediately notify you when certain activity occurs.
Secure your email.
- Password-protect your device or enable biometric security (fingerprint, facial recognition, etc.) if available.
- Check to see if your mobile phone no longer has a network signal or allows only emergency calls.
- If this is the case, it may have been hacked using a technique called Subscriber Identity Module (SIM) swapping or phone porting. Contact your mobile phone carrier immediately.
- Ask your mobile phone provider about setting up a PIN so they can verify your identity when you contact them.
- Do not download suspicious apps to your phone.
- Keep your mobile phone operating system and apps up-to-date.
Fraudsters often target your email accounts to steal your contact information or to read your email — including your most frequent business transactions and company relationships. If they have breached your email account, fraudsters can potentially have any email you receive copied and forwarded to them.
Secure your home computer.
- Enable multi-factor authentication on your email account if your email provider offers it.
- Do not open any suspicious emails — delete them immediately and permanently.
Fraudsters can install malware or viruses on your computer, allowing them to track your activity or even remotely take it over.
Enable strong Wi-Fi security for your home network.
- Install antivirus software on your computer, setting up automatic updates and regular scans of your machine. Some internet providers include software as part of their service.
- Keep your computer operating system and other software programs up-to-date.
An unsecure wireless network is an open door for fraudsters to access sensitive information about you.
Look out for suspicious or phishing emails.
- Ensure the network is password-protected with a strong password.
- Avoid sharing the password with guests, and create a separate guest network for them that you do not use.
- Ask your internet provider about other ways to increase security on your wireless network.
- Avoid public Wi-Fi access points when interacting with sensitive data such as checking email or entering login credentials. These public Wi-Fis are convenient but also vulnerable to malicious software that can steal your login credentials.
Monitor account activity.
- Mouse over the sender’s email address to confirm legitimacy.
- Using “phishing emails,” fraudsters will attempt to disguise their emails to look like correspondence from legitimate companies. These emails contain fraudulent internet links or malicious file attachments.
- Hover over links to read URL addresses before you click.
- Phishing emails can be hard to spot. Be careful responding to or clicking on any links unless you are sure that the email is legitimate.
- Navigate directly to an organization’s website through a new browser window instead of clicking on any link in the email.
- Report any suspicious emails you receive that claim to be from GuideStone.
- We may ask you to forward the email or include it as an attachment so our Security team can investigate. Let us know if you clicked on any links or entered any personal information on a website.
- Learn more about phishing from the Federal Trade Commission (FTC).
Browse the internet safely.
- Review your accounts at least monthly for unauthorized activity.
- You know your account activity better than anyone else. Contact us if you see anything unusual.
- Opt into security text alerts.
- This is the quickest way you can be notified of unauthorized activity.
- View your credit reports.
- You are entitled to a free credit report each year from each of the following three agencies: Equifax®, Experian and TransUnion®.
- Keep your contact information up-to-date.
- Updated information enables us to contact you quickly and send information to only your current address.
Use social media networks wisely — think before you share.
- Log out when finished.
- This prevents fraud when moving from one website to another.
- Beware of spoofed websites.
- Do not click on suspicious links in an email.
- Use a saved bookmark or type the web address yourself.
- Make sure the website is “s”ecure by looking for the “s” in “https://”, which is at the beginning of most website addresses.
- Look for a locked padlock next to the web address in your browser, which indicates the website certificate.
- Always use the most up-to-date version of your web browser. Most browsers can be set to update automatically.
Oversharing can put personal information at risk. Social network profiles are often available to the public. Fraudsters search the internet for personal details about you. With enough personal information, fraudsters may be able to convince others that they are you. Furthermore, if you share your location or travel plans online, criminals will know when you are not at home, leaving your home at risk.
Use our Investor Protection Checklist for a printable PDF document listing steps you can take to mitigate cyber fraud.