Protecting yourself online
Tips from the Securities and Exchange Commission (sec.gov) on how to keep your personal information and money more secure when you go online:
• Anti-virus, anti-spam and spyware detection security software packages increase your protection during online financial transactions. Make sure that the website address of a secure website connection starts with "https" instead of just "http" and has a key or closed padlock in the status bar (which typically appears in the lower right-hand corner of your screen). However, even if a web page starts with "https" and contains a key or closed padlock, it's still possible that it may not be secure. Some phishers, for example, make spoofed websites which appear to have padlocks. To double-check, click on the padlock icon on the status bar to see the security certificate for the site. Following the "Issued to" in the pop-up window you should see the name matching the site you think you're on. If the name differs, you are probably on a spoofed site.
•Security Tokens (if available) can make it even harder for an identity thief to access your online account. That's because a one-time pass-code that typically changes every 30 or 60 seconds offer a second layer of security. While hackers can use keystroke logging programs to obtain regular username and password information, they can't use these programs to obtain the security token pass-code.
•Don't download something that you don't trust. A program or file from an unknown source can bear unwanted malicious software programs on your computer.
•It's generally safer to access your online brokerage account from your own computer than from other computers. If you need to use a computer that is not yours, delete all of the your "Temporary Internet Files" and clear all of your "History" after you log off your account.
•Don't give out private information through a non-secure means, such as email. Pick up the phone and call the company yourself - using the number in your files, not the one the email provides!
•Even though a web address in an email may look legitimate, fraudsters can mask the true destination. Rather than merely clicking on a link provided in an email, type the web address into your browser yourself (or use a bookmark you previously created).
•Be safe - make your passwords difficult to guess. Create one using a combination of numbers, letters (both upper case and lower case), punctuation, and special characters. Change your password regularly and use a different password for each of your accounts. Don't share your password with others. Don't store your password on your computer, but in a secure, private place.
•Wireless networks don't provide as much security as wired Internet connections. Many public wireless networks in areas like airports, hotels and restaurants - reduce their security so it's easier for individuals to access and use these wireless networks. You can learn more about security issues relating to wireless networks on the website of the Wi-Fi Alliance.
•Log out completely by clicking on the "log out" button to terminate your online session. Don't let your browser "remember" your username and password information. If this browser feature is active, anyone using your computer will have access to your brokerage account information.
For more details, visit http://www.sec.gov/investor/pubs/protectyourselfonline.htm