Protect Your Account
- When you register for Northwestern Mutual online account access, we request personal information, including your product number and Social Security number, to verify your identity. This helps ensure that only you may register to access your own accounts.
- When you set up your password reminder questions for online accounts, select questions and answers that only you know. Avoid questions and answers that others may be able to discover about you, including information you share on social media sites.
- To protect your online accounts, use secure passwords.
- Avoid accessing your online accounts through publicly shared computers if possible.
A strong password is important to protect your online accounts. When you are selecting a password, keep the following tips in mind:
- Choose a long password of at least 8 characters. Longer passwords are more secure.
- Include upper- and lowercase letters, numbers, and symbols – this makes it more difficult for someone to guess it.
- Change passwords frequently – consider quarterly updates.
- Consider using a password manager.
- Keep your password private.
- Do not use real names.
- Do not use Social Security numbers, words or numbers associated with personal information, like birthdays, anniversaries, license plates, telephone numbers, or addresses.
- Do not use your login name or any variation of it.
- Do not use words from the dictionary.
- Do not use the same pattern for your passwords, such as smart1, smart2, etc.
- Do not write down your password or share your password with anyone else.
Password management software can help simplify choosing and maintaining passwords for your online accounts. Several password management applications are available for a variety of devices and operating systems. Check with a trusted technology expert to help you choose the appropriate password manager tool for your needs.
Stay Safe Online
Email hacking occurs when a fraudster illegally gains access into an individual’s email account. This allows the fraudster to read email messages and view the address book on the email account. Using this information, the fraudster (appearing to be the individual), contacts the individual’s financial institutions via an email message and tries to obtain funds. Learn about how to protect yourself at Email Hacking Fraud.
Identity theft occurs when someone wrongfully obtains another person’s confidential information, often to benefit the identity thief financially.
Victims of identity theft can spend months or years correcting the situation. Victims may also lose job opportunities or be refused loans for education, housing, or cars.
The Federal Trade Commission (FTC) provides advice to minimize your risk of identity theft and offers assistance for victims of identity theft at FTC.gov/idtheft.
Fight identity theft by monitoring and reviewing your credit report regularly. You can view your credit reports from Equifax, Experian, and TransUnion annually for free through AnnualCreditReport.com.
One of the most common ways identity thieves trick their victims is through phishing. This occurs when a cybercriminal tries to trick people into revealing confidential information or by installing malicious software (malware) on their computers. A phishing attack can take many forms, although the most common is an email message.
Identifying Phishing Messages
Phishing messages often contain common “red flags,” including:
- Generic greetings – Phishing messages often contain generic, non-personalized greetings.
- Urgent or threatening language – Many phishing messages contain urgent or threatening language. Criminals often try to manipulate people’s emotions. Do not fall for that trick. Take the time to examine unsolicited messages carefully.
- Awkward grammar or spelling errors – These may be signs of phishing messages.
- Tricky links and unsolicited attachments – Always be suspicious of links and attachments in unsolicited messages. These may point to malicious sites or contain malicious software.
To learn more about phishing and handling phishing messages, see OnGuardOnline.gov/phishing.
Social media includes websites and smartphone applications that allow you to stay connected with friends and family – but be careful what you share. Criminals could use the confidential details that you share publicly to conduct identity theft. A few tips will help you stay secure on these sites.
- Most social media sites offer settings and tools to help you restrict who sees your content. Learn how these settings and tools work for each site, and be aware of any updates to how they work.
- Realize that criminals can use social media to trick their victims. If a contest seems too good to be true, it most likely is. Links to the latest celebrity gossip or “shocking” pictures can lead to malicious software (malware) or sites designed to steal confidential information.
- Children may become victims of cyber-bullying. Depending on the severity of the issue, contact the social media site, school officials, or law enforcement to report the incident. You may want to monitor your child’s social media activity and review their friends list to ensure they are communicating responsibly.
- Remember that any information you post online could be saved and accessed forever. Make sure you log out of each application after you are done using it.
More information about social media safety is available at StaySafeOnline.org.
Secure Your Devices
Protect your computer from malicious software (malware) by installing and running up-to-date malware protection. A variety of options are available online or at local retail stores.
To remain secure online, update your operating system (the system that managers your computer’s hardware and software) frequently. Consider activating automated updates if available. Microsoft, Apple, Google, and other operating system vendors frequently update their operating systems. These updates may add functionality, increase security, and fix problems in existing software.
Other applications such as iTunes, Adobe Reader, and security software products also typically offer automatic update options.
Mobile devices include smartphones, tablets, laptops, cell phones, and other portable devices. They offer added convenience and flexibility. However, they do require additional protection. Treat your mobile devices as you would your wallet.
Consider the following best practices to keep your mobile devices secure:
- Use a PIN or password on your mobile device to lock your screen when not in use.
- Never leave your mobile device unattended in the open.
- Lock your mobile device in a drawer, closet, or hotel safe while you are traveling.
- Lock your laptop in the trunk of a car when transporting it in a vehicle.
Consider purchasing and using a cable lock to securely lock your laptop to immobile objects.
It is important to keep your web browsers up to date to correct any bugs or vulnerabilities that older versions may have.
Download the latest version of your web browser. The following links point to English versions of the web browsers:
If your web browser supports automatic updating, consider turning on that feature to ensure you always have the latest version.
Wi-Fi allows you to wirelessly connect your mobile devices to the Internet. The following tips can help you remain safe when you use public Wi-Fi networks:
- Realize that public Wi-Fi networks are not secure. Other people on the network can view the information you send and receive unless that information is encrypted.
- You can tell if your information is encrypted by looking at the web address of the site you are visiting. If the site begins with https://, your information is encrypted and is not visible to others on the network.
- If a site begins with anything other than https:// (such as http://), your information is visible to other people on the Wi-Fi network. Do not send or receive confidential information on those sites.
- Always log out of your accounts when you are finished.
- Beware of "shoulder surfers," thieves who physically watch your activities to steal your confidential information or passwords. Pay attention to your surroundings – leave if you are uncomfortable.
Managing your household records appropriately will help keep your financial affairs in order. Properly disposing of your records when you no longer need them will help protect your confidential information from falling into the wrong hands.
The U.S. government offers guidance on managing household records. Review this information to determine how long you should keep important documents.
Properly disposing of your records will help prevent dumpster diving. Dumpster diving occurs when criminals sort through trash to find other people’s confidential information.
Work with a trusted technology expert if you have questions about the following recommendations.
- Always shred your confidential information. Use a crosscut shredder that cuts the documents into small pieces.
- Shredders that cut documents into long spaghetti-like strands are not as secure. Properly motivated criminals can reconstruct those strands with enough effort.
- Shred DVDs, CDs, diskettes, tapes, and credit cards if possible. High-end shredders often have the capability to shred these items. Always confirm that a shredder can accommodate the items you want to shred.
- Before you sell a smartphone, perform a factory reset to remove confidential information from the device.
- Consider using secure erase software to wipe, or electronically “shred,” information on a personal computer’s hard drive. At a minimum, take the hard drive out of a laptop or desktop computer before disposing of the old computer.