FEEDBACK

The prevalence of identity theft has been in the news lately.  We, at TradeStation, would like to help you avoid becoming a victim of this.  As such, we have included some helpful information with respect to online identity theft and security reminders.

How Online Identity Theft Can Happen

Many identity thieves use malicious software programs to attack vulnerable computers of online users.  These software programs can monitor your computer activity and send information back to the thief's computer.  Sometimes, these programs will log your key strokes, which allows identity thieves to easily obtain username and password information for any of your online accounts, including your brokerage account.

Other identity thieves "phish" for your personal information.  "Phishing" involves the use of fraudulent emails and copy-cat websites to trick you into revealing valuable personal information - such as your account number, your social security number, and the username and password information you use when accessing your account.  Sometimes fraudsters will use phishing scams to try to get you to download keystroke logging or other malicious software programs unsuspectingly.

But not all identity thieves have gone "high tech." Many still use less sophisticated ways of stealing your personal information, such as looking over your shoulder when you're typing sensitive information or searching through your trash for confidential account information.

How to Protect Yourself Online

You'll need to protect yourself against identity thieves, whether hackers, phishers, or snoops, when you use your online brokerage account.  Here are a few suggestions on ways to keep your personal information and money more secure when you go online:

Beef Up Your Security.  Personal firewalls and security software packages (with anti-virus, anti-spam, and spyware detection features) are a must-have for those who engage in online financial transactions.  Make sure your computer has the latest security patches, and make sure that you access your online brokerage account only on a secure web page using encryption. The website address of a secure website connection starts with "https" instead of just "http" and has a key or closed padlock in the status bar (which typically appears in the lower right-hand corner of your screen).

Security Tip: Even if a web page starts with "https" and contains a key or closed padlock, it's still possible that it may not be secure. Some phishers, for example, make spoofed websites which appear to have padlocks.  To double-check, click on the padlock icon on the status bar to see the security certificate for the site.  Following the "Issued to" in the pop-up window you should see the name matching the site you think you're on.  If the name differs, you are probably on a spoofed site.

Be Careful What You Download. When you download a program or file from an unknown source, you risk loading malicious software programs on your computer.  Fraudsters often hide these programs within seemingly benign applications.  Think twice before you click on a pop-up advertisement or download a "free" game or gadget.

Use Your Own Computer. It's generally safer to access your online brokerage account from your own computer than from other computers. If you use a computer other than your own, for example, you won't know if it contains viruses or spyware.  If you do use another computer, be sure to delete all of the your "Temporary Internet Files" and clear all of your "History" after you log off your account.

Don't Respond to Emails Requesting Personal Information.  TradeStation and any other legitimate entity will not ask you to provide or verify sensitive information through a non-secure means, such as email.  If you have reason to believe that your TradeStation or any other financial institution actually does need personal information from you, pick up the phone and call the company yourself - using the number in your rolodex, not the one the email provides!

Security Tip: Even though a web address in an email may look legitimate, fraudsters can mask the true destination.  Rather than merely clicking on a link provided in an email, type the web address into your browser yourself (or use a bookmark you previously created).

Be Smart About Your Password. The best passwords are ones that are difficult to guess.  Try using a password that consists of a combination of numbers, letters (both upper case and lower case), punctuation, and special characters. You should change your password regularly and use a different password for each of your accounts.  Don't share your password with others and never reply to  phishing emails with your password or other sensitive information.  You also should not store your password on your computer.  If you need to write down your password, store it in a secure, private place.

Use Extra Caution with Wireless Connections.  Wireless networks may not provide as much security as wired Internet connections.  In fact, many "hotspots" - wireless networks in public areas like airports, hotels and restaurants - reduce their security so it's easier for individuals to access and use these wireless networks.  Unless you use a security token, you may decide that accessing your online brokerage account through a wireless connection isn't worth the security risk.

Log Out Completely.  Closing or minimizing your browser or typing in a new web address when you are done using your online account may not be enough to prevent others from gaining access to your account information.  Instead, click on the "log out" button to terminate your online session.  In addition, you should not permit your browser to "remember" your username and password information.  If this browser feature is active, anyone using your computer will have access to your brokerage account information.

Once again, we hope that you will find this information helpful. Please feel free to contact our Client Service department should you have any additional questions.