The New Hampshire Community Loan Fund encourages all our staff, customers, and supporters to protect their information and identity online and to continuously educate themselves about information security. To get you started, we have compiled the following list of information security fundamentals:
Passwords
Passwords are a good starting point in practicing good information security habits. Here are tips for generation and use of passwords for online sites:
Multi-factor authentication
Multi-factor authentication (MFA) is one of the best ways to protect your data because it requires more than just a username and a password to allow access. There are several types and levels of MFA, but all of them rely on you having a second source of authentication when attempting to log into a website. This way, if your username and password are stolen, the thief won’t be able to use them to log into the website because they won’t have your second source of authentication (most commonly, a smartphone). Many sites allow for MFA to be enabled and will instruct you on how to set it up for their particular site.
Typically, setting up MFA means registering your mobile phone number in your account on the website in question, then using an app (like Microsoft Authenticator) to complete the MFA process. Once this is set up, if you enter your username and password into the website using your computer, you will then be prompted by your smartphone to authorize access to the site on the computer. If your username and password are used by someone else, they will be stopped from logging in unless you authorize it through your smartphone app. In turn, you will know your password has been stolen because you will receive a request to authorize logging into the site when you are not trying to log in.
Avoid phishing scams (think before you click)
Phishing is still the most successful and most common way for a computer user to be hacked. Phishing is a type of social engineering attack wherein the attacker creates an email that looks like it came from a legitimate website and tells the recipient they must do something quickly to stop something bad from happening. The email may look like it’s from your credit card company and say unusual activity has been detected on your account and you need to log in to verify, or something of that nature. Once you click the link in the email, the bad stuff starts happening! It could be that link will immediately download a malicious piece of software, or it may be that the link takes you to what appears to be a legitimate site but, when you enter your login credentials, you really have just submitted them to an attacker who then uses them to access your account. Typically, phishing messages contain at least one of the following:
Below are some guidelines for avoiding falling victim to a phishing scam:
Anti-virus
Everyone should use and maintain a reputable anti-virus software package on their computer. There are several reputable vendors, including Windows Defender, Sophos, Symantec Antivirus, and McAfee Antivirus.. Installing, running, and updating one of these software packages helps ensure any viruses you pick up through email or web browsing will be quarantined from the rest of your computer and can be fully removed before causing greater harm to your computer.
Manage your digital footprint
If you don’t use an account anymore, delete it! Whether it’s an old eBay account you no longer use, a social media profile on a platform you no longer care about, a shopping site you don’t buy from any more, or a fitness app you stopped using, having unnecessary open accounts out there is a hazardous practice. Closing and deleting any accounts you no longer use ensures, if those accounts ever have a security breach, your information won’t be at risk.
Update your software
All software needs patching over time. Help keep your computer, mobile devices, and home router secure by checking frequently to see if software or firmware updates are available. If they are, apply them. A large part of hacking involves taking advantage of unpatched systems using known weaknesses. The more up-to-date you keep your equipment, the more difficult it is to hack.
Never send private information over public wifi
Never, ever, use free public wifi to transmit sensitive data. Do this only on secure, private, networks you know. And avoid connecting to random free wifi points while out in public. When visiting a shop, restaurant, doctor’s office, or store, it’s best to ask a staff member if the wifi offered there belongs to the organization. If you can’t verify the broadcaster of the wifi signal, you may well connect to an attacker when you think you are connecting to a coffee shop’s wifi.
Back up your data frequently
In the event of something happening to your computer, having good backups will ensure you are able to recover your data quickly and fully. Whether family photos or financial records, losing items because no backup was available can be gut-wrenching.
See our Website Privacy Statement.
Email is not a secure form of communication. Please do not use email to send any confidential or sensative information, including Social Security numbers, account numbers or passwords. If you need to provide this type of information to the New Hampshire Community Loan Fund, contact us by phone at (603) 224-6669, by fax at (603) 225-7425, or by paper mail.
Click the link above to continue or CANCEL
By clicking “Continue” you will leave the Community Loan Fund site. The linked site and its content, privacy and security are not controlled by the Community Loan Fund. We do not guarantee or endorse the linked site’s information, recommendations, products or services.
Click the link above to continue or CANCEL