Sign up for our newsletter ⟩

Over 200 Finnish bank accounts emptied - 8 ways to keep your data safe

A Philippine bank card skimmer and his accomplice were sentenced to prison last Friday for emptying 200 Finnish bank accounts of over 100,000 euros in 2015. Sean Sullivan from the Finnish data security company F-Secure offers Yle readers some tips on how to keep your data safe.

Saimi Tikkanen tietokoneellaan
Image: Niko Mannonen / Yle

The Appeals Court of Eastern Finland decided Friday to uphold a sentence of three years and three months’ imprisonment for a Philippine man who copied bank cards in order to gain access to 200 bank accounts. The Kymenlaakso District Court found the man guilty in July of aggravated payment fraud.

The same court made a similar decision in July to uphold a year and ten month sentence for the man’s accomplice. In 2015 the two installed bank card copying apparatus on four bank card automats at unmanned petrol stations in southern Finland. They then used the copies to withdraw some 128,000 euros from over 200 people’s bank accounts from a location in the Philippines. The Finnish authorities believe a larger criminal network was behind the fraud.

Sean Sullivan is a security advisor for F-Secure Labs and a specialist on tech security, privacy and other related topics. He says there are eight rules consumers can follow to keep their data safe.

1 Use a two-step verification process

It is now much easier for laypeople to use a two-step process to verify their identity online. When you enable two-step verification, you add an extra layer of security to your account. You typically sign in with your password and a code sent to your phone. Sullivan says this two-step system should be used to protect your most important data at the least. It is not necessary to complete the second step and enter the code every time you use the service.

2 Use a password manager

Commercial password manager services are handy if you need to remember several passwords. A good password manager is both easy to use and secure, with smart cross-platform features that streamline your password usage without compromising your safety. F-Secure Key and 1password are two good options, says Sullivan. Services like these save your various passwords behind one universal password that is very difficult to hack. This way you only need to remember the one password.

3 Update your security questions

It is best to write the security questions required to reset your passwords yourself, if you are able. If not, use answers that can’t be sourced from public information or guessed easily. Seemingly absurd or symbol-heavy security questions and answers are harder to guess. Example: What is your mother’s maiden name? MadMax. What is your pet called? Flu_649_fy. Write down your security questions and answers and keep them in a safe place, preferable an online service that requires a password.

4 Keep your email accounts to a minimum

Think about what email service is most important to you and concentrate your activity to one account with a unique and complex password and good security questions. Check your other email accounts and change their passwords or cancel them altogether. This way, hackers can’t use your old data to gain access to your more important accounts.

5 Organise your emails

Create a separate folder for your personal messages and direct other messages that include calendar invitations, cc-messages and mass mailings to other folders. During your workday, concentrate on the personal emails only. Phishing attempts and scams will most likely end up in your mass mailings folder, but if it does reach your personal folder, you will probably notice it more readily.

6 Come up with a secure password or phrase

Passwords like “password” and “sunshine” are bad because they are all part of our everyday vernacular, and therefore easily hacked.

Password generators create virtually impenetrable passwords like “e$""&~rCs/e&*#4-[Hub”. Passwords like this are ideal for protecting your primary online accounts, like your Apple ID or your Google account. A string of characters like this is however very difficult to remember, so it is best to write it down or use a password manager service.

A relatively good password that is easier to remember is a phrase constructed from an adjective, a 3-number series and a noun, for example: red_057_headphones. 

7 Create a new impersonal email to manage your computer and phone accounts

Do not use your work or home email when asked to provide an email for your computer or phone’s account manager (for example, Apple ID or a Microsoft account). It is better to create a separate email that does not refer to you personally to manage services. Keep your account manager ID a secret in the same way you would your bank ID.

8 Create a lock code on your mobile phone that is based on a longer word

A skilled hacker can break your mobile device’s lock code easily if it is only four characters long. Sullivan says it is better to choose a longer word that can be entered on the lock screen as a series of numbers, for example: grandmother = 47263668437.

Latest in: News


Our picks