How to Stay Secure While Trading Online

By Sam Bocetta,
business.com writer
|
Dec 19, 2019
Image Credit: Nortonrsx / Getty Images

Here's how to keep your nest egg secure.

Gone are the days where in order to invest in a stock or mutual fund you'd have to call up your brokerage and wait for them to place an order. Thanks to the Internet, individual traders can now complete buy or sell transactions in a matter of seconds using a wide variety of digital tools.

But like with all new pieces of technology or software, the added benefits come with a serious set of risks as well. Every activity you perform, especially those involving money or confidential information, could be targeted by a hacker through one of many forms of cyberattacks.

In this article, we'll look specifically at the trend of phishing and spearphishing and explain why digital traders need to need to be extra prepared.

Why traders are targeted

To put it simply, the main goal for most hackers and cybercriminals is to make money. They design their attacks to target people or organizations that have access to electronic funds and could be vulnerable to an infiltration scheme. Often, the attacker has already compromised your systems and stolen resources before you even realize something is wrong.

Digital traders, especially those who exchange contracts for difference (CFD) options to maximize leverage, are a key target for cybercriminals all over the world. This is because they spend much of their day online and have thousands or even millions of dollars being transferred in and out of their local network. To add to the predicament, many online investors work from home or other remote locations that might lack security measures.

One tactic that many hackers are using after they infiltrate a financial organization is to set up bots that simulate trading activity to push markets in a favorable direction. Given how much capital is being traded on the Internet, they have been able to steal large amounts of capital, especially from investors who are involved in the cryptocurrency markets.

How phishing works

When picturing a cyberattack, most people probably imagine a hacker infiltrating a network or computer by using special coding tricks. In fact, the vast majority of attacks come about through person-to-person interaction. The concept of social engineering describes how one malicious person attempts to gain the trust of someone in order to advance their own agenda.

With a phishing attack, cybercriminals may contact their target through email, phone, or other forms of communication. In an email example, they may pose as a reputable company and tell the user to click on a link to verify their account. This link is actually pointing to a rogue website that is designed to steal your private information or install a virus on your computer.

Basic phishing scams are typically set to massive groups of individuals with the hope that one or two people might fall into the trap. But those in the business and financial sectors need to be on the lookout for other types of phishing as well. Spearphishing is a social engineering attack that targets a specific person or organization because of their valuable data. Whaling is another type that aims directly for high-level executives who may unlock huge sources of capital.

Staying anonymous online

Online traders face a difficult dilemma when it comes to trusting their financial activity online. If they never pursue the latest forms of technology, then their investment strategy may suffer. But if they move too quickly, it could leave them exposed to cyberattacks.

The goal for any online trader should be to stay as anonymous as possible. Obviously, when signing up with a digital brokerage account, you have to provide some identifying information and link a funding source. Make sure to fully vet the reputation of your brokerage before moving any money into it. Every financial website should use a secure sockets layer (SSL) certificate which encrypts the data being sent by your web browser.

In a similar vein, you should compare the top virtual private network (VPN) clients to add to your computers and mobile devices. A VPN encrypts all of your online activity through a secure tunnel while also providing you with an anonymous IP address. This means that even if a hacker is trying to trace your activity online, they are not able to decode any of the data you are sending or receiving.

Forex scams

If you ever want to expose yourself to a really big number, type “forex scams” into your favorite search engine and stand back. For the uninitiated, it might seem, on the surface, that this whole currency trading market is nothing but a giant Ponzi scheme.

The reality is that Forex is a legitimate market that a few people make money at. The problem is that, as a global market, it is easy for a scammer to set up shop in a lightly regulated country, pay someone to build a pretty website, and start taking deposits from customers left and right. After a few million (or more) has been collected, they close the site and abscond with the money, never to be seen again until they show up with a different website under a new name.

The name of the game for the retail trader (that’s you) is to be super, extra, triple cautious with your choice of broker. Don’t stop after the first glowing review you see. Dig deeper. Read more reviews. Visit trader forums and ask for feedback. Trust me, you’ll get it. 

The bottom line is not that the Forex market itself is a scam but there are a lot of scammers that operate inside it. Take care you don’t get taken in.

Blockchain as a solution

Blockchain technology is only a few years old and has already completely revolutionized the digital finance industry. Many new investors are looking beyond stocks, bonds, and mutual funds to place their money in cryptocurrencies like Bitcoin, which use special algorithms to verify all transactions around the globe.

But blockchain is good for more than just financial exchanges and CFD trading. It can be paired with artificial intelligence and machine learning technologies to improve cybersecurity at both the individual and enterprise levels. This kind of protection does not require any central authorities to manage credentials and is, therefore, less likely to fall victim to phishing scams or online fraud.

For example, running your communication systems through a machine learning algorithm can help you quickly identify and block potential spearphishing attacks. The algorithm learns normal behavior over time and then be able to analyze changes automatically and flag risks as they occur.

Bottom line

When the Internet first rose in popularity, many people were skeptical about performing any sort of financial transaction over the web. They were nervous to use services like eBay or Amazon because it would require them to divulge their credit card numbers to an unknown entity on the other side of the Internet. But now today, online shopping, banking, and investing is a normal part of life.

That said, consumers and companies need to be vigilant in protecting themselves against cyberattacks. Hackers often target active traders because of the number of resources they have linked to online accounts. Losing something as simple as a password can be an extremely damaging mistake.

Former defense contractor for the Navy. Security analyst and freelance correspondent for a number of media outlets. I find radical -- often heretical -- solutions to "impossible"? network security problems, and push early stage concepts from research to development. Program setup, people acquisition, deployment. Specialties: Naval engineering, Mechanical engineering, Marine Ops. Agile Management. InfoSec. Cryptography. Cyberwarfare & Cyberdefense. PRESENTLY: KRACK attack prevention, micropower systems defense. Writing my first book, democratizing personal privacy solutions for the broader public, due to publish in early 2021.
Like the article? Sign up for more great content.Join our communityAlready a member? Sign in.