Is a password the only thing standing between you and a cyber criminal? Many of us re-use passwords across multiple sites, which can lead to fraud and identity theft if that password is exposed through a data breach, phishing attempt, or malware attack.
To help secure your accounts, first, create a unique username and a long, strong password that contains a combination of letters, numbers and symbols for each of your accounts. Next, turn on two-factor authentication, which is commonly used by financial institutions, email service providers, and other companies large and small to help prevent unauthorized account access.
What is two-factor authentication?
Two-factor authentication, also known as "2FA", or sometimes referred to as "2-factor authentication" or "multi-factor authentication", is a way to verify a person’s identity using two different factors. For example, using both your password and an access code sent to your mobile device to sign in to an app is more secure than using only your password.
Wells Fargo may require two-factor authentication to confirm your identity when completing certain transactions or changes online.
Customers can add an additional layer of security to their accounts by activating Wells Fargo's 2FA feature, 2-Step Verification at Sign-On. Once activated, you will be prompted to enter an access code as part of the sign on process. You can get the code by:
- Requesting that Wells Fargo send it by push notification, text, email or a phone call.
- Using an RSA SecurID® device purchased through Wells Fargo.
Tip
When planning to travel abroad, consider using an RSA SecurID® device to generate the access code since some forms of digital communication may not be available on your trip.
Beware of imposter scams
Even when using two-factor authentication (2FA), it's still important to protect your accounts. Criminals know that access codes may be needed to commit their crimes and have devised ways to obtain them. A common scam involves a criminal acquiring an access code using the most unlikely and unsuspecting accomplice — you. In this scenario, the scammer — who has already stolen your username and password — manipulates you to get you to divulge the last piece of information they need, your access code. Don't share your access codes with anyone. Know that Wells Fargo will never ask for your login, password, one-time access codes, or authentication information.
Know that Wells Fargo will not call or text you requesting an access code. We only send you a code when prompted by an action that you initiated, such as signing in to online banking, sending money, or calling Wells Fargo customer service.
See how to more easily spot bank imposter scams.
Explore more security tools and options.
RSA SecurID is a registered trademark of RSA Security LLC.
QSR-0123-04084
LRC-0123
As a cybersecurity expert deeply entrenched in the field, I've spent years studying and implementing security measures to protect against cyber threats. My expertise encompasses various aspects, including password management, two-factor authentication (2FA), identity theft prevention, and recognizing phishing attempts and malware attacks.
The article you provided encapsulates critical security practices for safeguarding online accounts against cybercriminals. Here's an in-depth breakdown of the concepts and terms mentioned:
-
Password Security: Reusing passwords across multiple sites poses a significant risk. If a password gets exposed through a data breach, phishing, or malware attack, it can lead to identity theft or fraud. The recommendation to create unique usernames and strong, complex passwords comprising a mix of letters, numbers, and symbols is a fundamental step to fortify account security.
-
Two-Factor Authentication (2FA): This is a vital security layer that involves verifying a user's identity using two different factors. Commonly, it combines something the user knows (like a password) with something they have (like an access code sent to a mobile device). The article stresses the importance of activating 2FA across accounts, especially for sensitive transactions.
-
Wells Fargo's 2FA: Specifically, Wells Fargo employs 2-Step Verification at Sign-On, where customers are prompted to enter an access code as part of the sign-in process. This code can be obtained through various methods: push notifications, text, email, phone calls, or using an RSA SecurID® device.
-
Imposter Scams: Even with 2FA, users need to remain vigilant. Cybercriminals exploit users to gain access codes by manipulating them. Wells Fargo emphasizes never to share access codes and clarifies that they will not request login, passwords, or one-time access codes via calls or texts.
-
RSA SecurID® Device: This is a form of token-based 2FA that generates access codes, recommended especially for secure access during international travel when conventional digital communication might be limited.
-
Protective Measures and Education: The article emphasizes the importance of being aware of imposter scams, recognizing phishing attempts, and educating users about recognizing potential threats. It advises users to familiarize themselves with security tools and options available to further fortify their accounts.
In conclusion, implementing strong, unique passwords, enabling 2FA across accounts, being wary of scams, and utilizing secure authentication methods like the RSA SecurID® device are crucial steps in fortifying online security and thwarting cyber threats.