Introduction
You probably received a message from a friend asking to borrow money. It turned out that the friend’s account on Telegram or WhatsApp had been hacked.
Now that we handle most of our financial activities online, often with nothing but our smartphones, all sorts of wrongdoers target us to steal money.
While all financial service providers, including online brokers, use advanced account protection tools, users must also take all the required precautions.
How do criminals steal data
We can now do everything online—from buying air tickets to trading stocks—so it is no surprise that wrongdoers inventing new forms of cyberattacks.
Phishing
Phishing aims to steal users’ data, such as email addresses, passwords, full names, and bank card details. Attackers trick people into providing this information in phone calls or text messages or by filling out online forms.
You may receive a message from a person or company you know with a convincing story, and click a link. The link may install malware on your device or bring you to a page where you will enter your data without realizing you are sending it to thieves.
Credential stuffing
This popular cyberattack relies on automated tools that try to use leaked usernames and password combinations on various websites.
Since most people reuse their credentials on multiple platforms, attackers often manage to access accounts with these tools. Besides, regular database breaches make thousands of accounts available to fraudsters.
Brute force
A brute force attack is a form of hacking that involves guessing a password for a username through trial and error. This attack is considered outdated, but it is still rather popular. If this method works for attackers, they may get access to a user’s data and money.
How to recognize an attack
The general rule is to suspect fraud whenever anything unusual happens.
You get an email or a message asking you to click a link or open an attachment.
A person or a company chooses an unexpected way to communicate with you. For example, you can get a message from a friend on Telegram even though you usually talk on WhatsApp.
You are requested to update some financial information. You are urged to do it right now, as urgency is a common trick fraudsters use.
You are offered some money (a bonus, a refund, etc.), but first, you are pushed to provide some data to receive it.
The email does not include your name. Instead, the sender uses “Hello dear” and other generic greetings.
How to protect your account
Use the tools provided by your broker
No broker wants their users’ accounts to be compromised, so they implement various protection measures. You may want to learn what protection tools are available before you decide on a broker to trade with.
Here are some factors you want to consider when registering with a broker and passing the verification process.
Evaluate the broker’s reliability. It is better if a broker is well-known in the industry, and you can easily find reviews posted by other traders.
A broker must be licensed.
A broker must have a website with all the information you need to make a decision: trading conditions, licenses, policies, contacts, etc.
A broker should have a technical support service you can contact when you need help via the channels you are comfortable with.
Protection measures offered by FBS
If you browse the FBS website, you will easily confirm the protection measures that are in place:
FBS is a global brand that has all the necessary licenses and regulations.
The broker uses encrypted channels and web application firewall to help prevent attacks, does not store user account passwords, banking information, and only uses official channels for communication.
The broker performs external vulnerability scans with approved scanning vendors to ensure transaction safety.
The broker has disclosed all the email addresses that it uses to send user communications: [email protected], [email protected], [email protected], [email protected]
What you should do to protect your account
Even the most sophisticated tools will not help protect your account if you violate some basic security rules yourself. Here are some things you should always keep in mind.
Pay attention to important system notifications delivered to your inbox. This is how you may learn about suspicious login attempts or other events requiring your action.
Never click any suspicious links or download unrequested attachments. Do not trust people claiming to be broker employees and offering signal bots on discussion forums. Such files may contain malware. Avoid downloading any APK files from Telegram or YouTube.
Never enter personal information on web pages you are not entirely certain about.
Use strong passwords and never reuse them across different sites. Use a password manager instead of text notes.
Only trust official communication channels. FBS employees never send links or attachments with promotional offers in personal messages. FBS representatives will never ask you to provide account information, such as your password or confirmation PIN, in a private message.
Install antivirus software and update it regularly.
Regularly install all security updates and patches for your device’s operating system.
Regularly monitor activities in your banking applications.
Ensure you have access to your recovery methods (email, social networks, phone number, devices).
Avoid using third-party devices to access your account. If absolutely necessary, do so in incognito mode.
Never ask anyone to access your FBS Trader Area using your credentials.
Never leave your Trader Area open when your device is unattended. Log out or lock the screen.
Only provide your identity documents to institutions that need them for legitimate reasons.
Never share the email address or mobile phone that you use to receive verification codes. Never share your PIN or transaction confirmation codes with anyone.
What should you do if you open a malicious link
Install antivirus software and scan for viruses.
Reset all your passwords.
Conclusion
Security of your online accounts is vital. A single mistake can make your sensitive data available to wrongdoers, and you may lose access to your accounts and money. There are some basic things you should always pay attention to. The general rule is to be suspicious and use all the protection measures that are available to you.