Be cyber secure: Do's and don'ts for your family

Text size: aA aA aA
Keep this advice in mind to help protect yourself and your family from cyber threats.
Odds are you wouldn't disclose personal details, like when you're planning to go on vacation and leave your house empty, to a random stranger on the street. But many people happily post that sort of information on their social feeds for anyone to see — and if you aren't divulging your family's schedule (and secrets) online, your teens just might be. Review the following do's and don'ts to help you and your family stay safe in today's super-connected world.

1. DO educate your family about cyber risks

Children may not understand the risks of the online world. It's up to parents to teach them the dangers of sharing photos and personal information, like vacation routines or daily schedules — information that could be used by others to harm them. Teach them, too, that it's good practice to avoid downloading apps from obscure or untrustworthy developers and playing games or taking online surveys that ask for personal information.
Children may not understand the risks of the online world. It's up to parents to teach them the dangers of sharing photos and personal information.

2. DO keep your personal info private

Be careful about sharing valuable personal information, such as Social Security numbers, credit card information and birth dates, in a text or email with people you don't know well or trust. If multiple methods are available to provide personal information, it is recommended that using email or text be your last options. Deleting emails from sent items is also a best practice for any sensitive data. If you are shopping online, ensure you are on a reputable site before entering any sensitive information. And use a strong password, passcode or biometric login to protect your accounts online.

3. DO consider setting up a VPN

A virtual private network (VPN) is a tool that encrypts your communications, from banking to shopping to emailing, when you're connecting to the internet via Wi-Fi. Best of all, it can be used anywhere in the world. Setting one up can be easy and affordable, but it's important to choose a VPN you can trust. Talk with a security expert to determine which is best for you; you can find one by searching for companies that specialize in cyber security. Be aware, though, that you may have difficulty accessing some financial firms' websites through a VPN because of the anti-fraud protections they've put in place. In that case, you might prefer to wait until you can access the site through a secure, trusted connection.

4. DON'T leave your home network unprotected

Be sure to change the password on your router as soon as you install it. The router is the gateway to your home and touches all of your connected devices, from phones to smart home gadgets. Also, don't forget to configure security and privacy settings on your devices, and invest in reputable antivirus software for your computers. Download software updates on all the programs you use — automatically if that's an option. Software companies often discover vulnerabilities before cyber criminals do and rush to fix them. The longer you wait to update your software (or operating system), the greater the chance you'll be targeted.

5. DON'T drop your guard when on the go

We're so used to using our devices everywhere (or so concerned about hitting the data cap from our cell phone provider) that most of us don't think twice about logging on to the free public Wi-Fi system at the airport, coffee shop or dentist's office. Some Wi-Fi connections can't be trusted. Cyber criminals can infiltrate these systems and collect data that's sent through them. That's why it's always best to take the precaution of connecting to sites through secure connections or a VPN. Another potential risk when you're traveling: Public USB charging stations can be manipulated to infect your devices with malware. Protect your devices when using public USB power stations by connecting with power-only cables and never plug an unknown storage device into your laptop or phone.

6. DON'T use easily guessed passwords

Despite repeated advice from all corners, some people still use the most basic of passwords for their email, shopping and financial accounts. Or worse, they use the same password for all of their online accounts, making those accounts especially vulnerable to cyber criminals. Variety and randomness are your best bets, so if one password is discovered, your other accounts won't be at risk. Use multifactor authentication and enable biometric logins when possible. Even better, consider using a password manager, which assigns a random password to accounts. That way you only have to remember a single master password — for the manager itself. (You can find password managers in your app store.)

Stay connected, stay protected

To help keep your Merrill account information safe and secure, make sure your contact information is up to date and set up security and account alerts so we can stay in touch. Remember, if we need to reach out to you, we'll NEVER ask for personal or financial information or an access code through email, text or unsolicited calls. Visit our security center for tips on how to recognize potential scams and learn more about how to keep your accounts safe.
Next steps

Neither Bank of America nor its affiliates provide information security or information technology (IT) consulting services. This material is provided "as is," with no guarantee of completeness, accuracy, timeliness or of the results obtained from the use of this material, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, quality and fitness for a particular purpose. This material should be regarded as general information on information security and IT considerations and is not intended to provide specific information security or IT advice nor is it any substitute for your own independent investigations. If you have questions regarding your particular IT system or information security concerns, please contact your IT or information security advisor.

MAP6133750-06302025