The invention of the internet has eased access to trading opportunities such that one can sit in the comfort of one’s home and trade financial instruments in different exchanges.
Brokers all over the world have capitalised on this innovation and created different apps to reach people no matter how remote the location is.In recent times, there have been cases of security breaches leading to loss of funds and also leaking of private information on some trading apps. This has brought about reservation concerning the usage of trading apps among traders.
But how safe are these apps? And how can one ensure private information and funds are protected when using trading apps?
This article will give insight into your safety concerns bordering on the adoption of online trading apps as a trader or investor.
Safety concerns when trading or investing via an online app
1. Data Breach at the Broker:
This term in cyber security refers to an instance where an unauthorised individual or group copies information from the broker’s servers. Most times, the individual or group breaks into the computer network and steals the data.
Research by Safe Forex Brokers found that data breaches have become common in recent times across online trading and investment platforms offered by brokers.
For example, FXCM, one of the largest forex brokerage firms offering online trading, and also accepting traders from Nigeria, has been hacked three times in the past six years. The earliest was in 2015 when the customer’s funds were stolen. Although they have confirmed that they have fortified their security system, there could be repeat attempts by the hackers to breach their network.
“Data breaches can also be a result of the broker’s negligence in adhering to standard protective measures” continues the analysts from Safe Forex Brokers.
In 2020, a group of tech investigative journalists discovered that FBS, a broker with millions of users, and thousands of customers in Nigeria, exposed around 20 terabytes of data comprising of millions of its customer’s private information such as email addresses, passwords, passport numbers, social media IDs, personal photos, bank statements, unredacted credit cards, etc. FBS, for example, did not encrypt the sensitive information of their customers on their database.
2. Phishing Attack:
This is a type of fake communication from an impostor acting as a representative of an organisation and seeking sensitive information from its victims which it uses to access and obtain sensitive information about an individual’s account or the company’s database.
In most cases, cybercriminals collect bank details, login details or even hijack and freeze the computer system till a ransom fee is paid.
Phishing works by sending fraudulent communication akin to how an organisation communicates to a large number of persons. The correspondence, usually in email and text messaging, contains links and attachments which when clicked, can make victims provide sensitive information about themselves which results mostly in financial loss. Phishing could be carried out through emails, text and voice calls.
3. Malware Attack:
This is a general term for any kind of malicious software designed to gain access and cause damage to any device, network or service running on computer programmes.
Cybercriminals usually use malware to obtain data with which they fleece victims of their funds. They also use this malware to gain access to your credentials and monitor your device’s activities.
Malware comes in different types; we have the virus, worm, spyware, adware, hybrid malware, ransomware, etc.
In the case of virus, it infects other parts of the whole computer itself. A virus may come as an attachment to an email, when the user opens it, the whole device is infected.
For ransomware, it encrypts the device and the hackers hold the disruption key till the victims pay a ransom or do what they are asked. It is usually done to government systems or those of large companies and organisations. Spyware spies and copies data on your computer without the knowledge of the user.
Malware attacks can occur on your online trading apps as a result of your lapses or those of the broker.
4. Stolen Identity:
Also known as identity theft, it is the act of obtaining personal records of someone with the intent of using such to carry out fraudulent and criminal actions. This makes the public and authorities think such criminal acts were the actions of the individual whose identity was used. This is one major concern when considering using online apps for investment and trading in Nigeria.
The most common type of identity theft is financial identity theft, where someone uses another’s data to obtain goods or services, take a loan, make fraudulent financial transactions, etc. Other forms of identity theft are used globally but financial identity theft is the most rampant in Nigeria and one we should be concerned about.
How to protect your online trading or investing account from harm?
Tip 1. Secure Your Device and Trading Accounts
This proves to be one of the easiest ways to secure your data and investment.
To secure your device, it is advised you set strong passwords. Having a password that can be easily predictable is dangerous for the safety of your account. It is advised your passwords contain a combination of upper and lower case letters, numbers and special characters. This will make it difficult to breach.
Also, you should avoid using the same passwords for different online trading accounts or passwords that contain names, date of birth, house address etc. Also try to change your passwords regularly.
Another way to secure your trading account is to activate Two-Factor authentication. This is a step in the log-in process that separates the account owner and his password. Here the account owner is asked to provide other information about himself or a code is sent to his phone number or email to confirm his log-in.
These steps are important since we cannot rely solely on the brokers for the safety of our vital information or funds invested.
Tip 2. Learn How Phishing Works
To avoid falling prey to phishing, you must know how it works. It is a kind of social engineering, where the victim’s psychic is manipulated.
Ways of detecting phishing include examination of email links and attachments, never give out personal information over an email (No broker will ask for such over an email).
You should be conscious of pop-up windows, ads etc. and don’t click on them. They can easily lead to dangerous websites. Also, be aware of social or emotional baits. Most of these phishing correspondences usually provide unrealistic incentives and benefits on bonus offerings with very short deadlines. This might seem charming, but try to reach your broker or customer support before engaging in such a bonus offer.
Tip 3. Use HTTPS Secured Connection and Anti-virus
HTTPS means Hypertext Transfer Protocol Secure and is symbolised by a padlock image in the browser window. It is more secure than just HTTP, as the data is sent securely in an encrypted form.
It is advised you use secured web browsers and a reputable anti-virus to protect against malware attacks, phishing and save your vital information.
Tip 4. Avoid Unregulated Brokers
Perhaps the most important step in protecting your important data and investment funds against scams and theft is to trade and invest only with a regulated broker. The regulators are as important as the regulations.
Securities and Exchange Commission (SEC) is the Nigerian Capital Market regulator and they issue licenses to brokers in Nigeria. You should only register with a broker that is registered by SEC or under a tier-1 regulator such as the UK’s FCA, Australia’s ASIC etc. in case of forex trading brokers.
These regulators have rigid security measures the brokers must follow before granting them licenses.
Failure to register with a regulated broker makes your account and investment vulnerable to attacks and scams that will not be compensated. Many of the brokers in Nigeria are scams, they can easily run away with your money or sell your data to scammers.
It is advised your carry out a thorough background check on the broker before you register.