Six tips to be more secure online

As cyber fraud continues to evolve, it is more critical than ever to take measures to protect your identity and mitigate potential security risks.

Here are six ways to help protect your identity, your accounts, and your technology.


Sign up for 2-factor authentication when you have the opportunity. 2-factor authentication can help stop cyber fraud in its tracks by giving you an additional security check point every time you log in, or whenever you log in from a new device. You can sign up for 2-factor authentication to safeguard your UC Retirement Savings Program accounts today. Log in to NetBenefits, select Profile, then Security Center, then select 2-Factor Authentication. Make sure your phone number is on file before you sign up.

Enroll in identity theft monitoring and protection services.  There are many services available.  Comprehensive identity theft protection services are available through UC’s legal benefit, ARAG. Visit UCnet to learn more about your UC benefits. 

Review all your credit card and financial statements as soon as they arrive or become available online. If any transaction looks suspicious, immediately contact the financial institution where the account is held.

Use secure channels for sensitive information. Never send account information or personally identifiable information over email, chat, or any other unsecure channel.

Be suspicious of any unsolicited email requesting personal information. Further, never respond to an email requesting information by clicking a link within the email. Instead, type the website’s URL into the browser yourself.


Set a regular reminder to reset your passwords. Reset all your passwords—including those for your email accounts—regularly.

Use a unique username for financial accounts you access online. Never use your Social Security number in any part of your login activity.  And avoid using the same password across a range of financial relationships.

Create strong passwords. The strongest passwords are long and employ a mix of numbers, upper- and lower-case letters, and special characters. One element of your password could be the first letter of each word in a phrase. For example, “the quick brown fox jumped over the lazy dog” would become “tqbfjotld.” Another tip is to use a passphrase that includes special characters such as “Iowa w!nters are C0ld.”


First, install the most up-to-date antivirus and anti-spyware programs on all your devices. Remember to update these software programs as updates become available. Run your antivirus and anti-spyware programs regularly to provide maximum protection for your devices.

Next, access your sensitive data only through a secure location or device. Never access confidential personal data via a public computer, such as in a hotel or cybercafé.

Finally, if you have children, consider setting up a separate computer for games and other online activities. That way, their online gaming activity has less chance to introduce security issues for your sensitive files and data. 


Never access confidential personal data on the Internet from unsecured or unknown wireless networks. Unsecured networks—such as those in public locations like hotels or coffee shops—may lack virus protection and are highly susceptible to attacks.

Log in to secure sites directly. Open a new window before logging on to a secure website, and be sure to log out of the site before closing the window.


Limit the amount of personal information you post on social networking sites. Never post your Social Security number (even the last four digits). Consider keeping your birth date, home address, and home phone number confidential.

Consider whether you want to post information about births, children’s birthdays, or the loss of loved ones. Sharing too much information can make you more susceptible to fraudsters and allow them to quickly pass a variety of challenges related to the authentication of your personal information. Never underestimate the public sources individuals will use to learn critical facts about people.


Delete any emails that include detailed financial information beyond the time it’s needed. In addition, continuously assess whether you even need to store any personal and financial information in an email account. Also consider establishing separate email accounts for personal correspondence and financial transactions.

Use secure data storage programs to archive critical data and documents. Secure data storage programs include cloud storage and/or online vaults.

Review unsolicited emails carefully. Never click links in unsolicited emails or in pop-up ads, especially those that warn that your computer is infected with a virus and request that you take immediate action. To validate a link, hover over the link with your curser to view the URL.