I was alarmed yesterday when I received an email regarding a login to my EA (Electronic Arts) account from the Czech Republic! First, I didn’t know I had an EA account and second, I was busy looking at Twitter – how could I be logging in!
I didn’t click on the link in the email thinking it might be a hacker trying to get my personal information but instead typed the address for EA directly in my browser. The site came up and I used my standard username and password and logged in with no problems.
So I did have an account! I was alarmed that my standard credentials worked and apparently were compromised. I nosed around and made sure there was no payment information attached, nothing had been purchased, or any other secret information was available to thieves. I proceeded to change my password to some nasty string I’ll never remember; added two-factor authentication to make it even harder to get in; then logged out remembering I had created the account four years ago for the PlayStation I bought for the grandkids.
Reflecting, I am embarrassed to admit I did use the same username and password for this site that I had used on other “unimportant” sites. I know better! I preach it all day every day – yet I am guilty of doing what I rail against. Luckily, no damage was done but it could have been much worse.
Which leads me to some words of caution – you may have an account with money or other financial value that you established and never bothered to setup access to it through the internet. In fact, the internet may not have existed when you did it!
Financial institutions have progressed, in spite of what ads would have you believe, and made your accounts available online. It’s all in the spirit of making it easier for you to control your accounts and transact business without leaving the comfort of your favorite recliner. Mainly, it’s to keep you out of the offices and making them hire tellers to help you.
Some of your accounts may be long term and you have no reason to ever look at them beyond your statements you get in the mail. You figure when you need the money in your old age that’s when you’ll figure out how to withdraw it.
In the meantime, the folks in the world of the dark web have gotten all your personal information. Through all the breaches that have occurred you can bet your secret life has been stored in a database, along with millions of others, and is available for less than a dollar.
These nefarious characters can take advantage of all the convenience institutions have created for their customers and create an online persona with access to your account. Answer a few questions, setup a username, and the vault opens. With all the information they brazenly call the help desk if they encounter issues with ‘forgotten’ passwords and usernames. It doesn’t take much to convince the phone reps that they are you!
Before you know it – the pile of cash you are counting on for your sunset years is gone – wired to some bank in the sunny Caribbean!
What I’m suggesting – if you have online access to your financial accounts make sure you login regularly and keep your username and password updated. Use hard stuff – write it down if you must – but make it difficult to figure out. If you haven’t setup online access but it’s available you should set it up before someone else does that for you!
This is not my normal style – well maybe it is – but I really felt a PSA was in order. I’m very close to this subject and just wanted to be a noisy gong in the desert.