Learn how to protect your computer, your information, and your online files

Protect your data

Criminals also love when consumers re-use their passwords on multiple websites and services. If one is compromised, they will attempt to re-use that password elsewhere. Always use a unique and complex password, particularly for critical services like your financial accounts, cell phone service, and e-mail. If you have the option to use multi-factor authentication, opt in!

Your cell phone holds some of your most sensitive, personal information. Things like your passwords and account numbers, emails, text messages, photos, and videos. If your phone ends up in the wrong hands, someone could steal your identity, buy stuff with your money, or hack into your email or social media accounts. Find out what you can do to protect the data on your phone and how to remove that information before you get rid of your phone.

4 Things You Can Do to Protect the Data on Your Phone (FTC)

  1. Lock your phone-Set your phone to lock when you're not using it and create a PIN or passcode to unlock it. Use at least a 6-digit passcode. You may also be able to unlock your phone with your fingerprint, your retina, or your face.
  2. Update Your Software-Enable auto updates for your operating system. These updates often include critical patches and protections against security threats. Make sure your apps also auto-update.
  3. Back up Your Data-Back up the data on your phone regularly. That way, if you lose your phone, you'll still have access to your personal information.
  4. Get Help Finding a Lost Phone-Mobile operating systems have programs that help you find your phone if you lose it.

The Internet offers access to a world of products and services, entertainment and information. At the same time, it creates opportunities for scammers, hackers, and identity thieves. Learn how to protect your computer, your information, and your online files. The FTC shares these hints.

The opportunities kids have to socialize online comes with benefits and risks. Adults can help reduce the risks by talking to kids about making safe and responsible decisions.

Business email compromise (BEC), also known as email account compromise (EAC), is one of the most financially damaging online crimes. It exploits the fact that so many of us rely on email to conduct business-both personal and professional.


In a BEC scam, criminals send an email message that appears to come from a known source making a legitimate request, like in these examples:

  • A vendor your company regularly deals with sends an invoice with an updated mailing address.
  • A company CEO asks her assistant to purchase dozens of gift cards to send out as employee rewards. She asks for the serial numbers so she can email them out right away.
  • A homebuyer receives a message from his title company with instructions on how to wire his down payment.

Versions of these scenarios happened to real victims. All the messages were fake. And in each case thousands or even hundreds of thousands of dollars were sent to criminals instead.

Scammers might:

  • Spoof an email account or website. Slight variations on legitimate addresses (john.kelly@examplecompany.com vs. john.kelley@examplecompany.com) fool victims into thinking fake accounts are authentic.
  • Send spearphishing emails. These messages look like they’re from a trusted sender to trick victims into revealing confidential information. That information lets criminal’s access company accounts, calendars, and data that gives them the details they need to carry out the BEC schemes.
  • Use malware. Malicious software can infiltrate company networks and gain access to legitimate email threads about billing and invoices. That information is used to time requests or send messages so accountants or financial officers don’t question payment requests. Malware also lets criminals gain undetected access to a victim’s data, including passwords and financial account information.
  • Be careful with what information you share online or on social media. By openly sharing things like pet names, schools you attended, links to family members, and your birthday, you can give a scammer all the information they need to guess your password or answer your security questions.
  • Don’t click on anything in an unsolicited email or text message asking you to update or verify account information. Look up the company’s phone number on your own (don’t use the one a potential scammer is providing), and call the company to ask if the request is legitimate.
  • Carefully examine the email address, URL, and spelling used in any correspondence. Scammers use slight differences to trick your eye and gain your trust.
  • Be careful what you download. Never open an email attachment from someone you don't know, and be wary of email attachments forwarded to you.
  • Set up two-factor (or multi-factor) authentication on any account that allows it, and never disable it.
  • Verify payment and purchase requests in person if possible or by calling the person to make sure it is legitimate. You should verify any change in account number or payment procedures with the person making the request.
  • Be especially wary if the requestor is pressing you to act quickly.

If you or your company fall victim to a BEC scam, it’s important to act quickly:

  • Contact your financial institution immediately and request that they contact the financial institution where the transfer was sent.
  • Next, contact your local FBI field office to report the crime.
  • Also file a complaint with the FBI’s Internet Crime Complaint Center (IC3).