How to Stay Safe While Trading Online
Online trading has seen a surge in popularity over the last few years. An IBIS report on the eTrading software industry in the US revealed that the industry was in the growth stage of its lifecycle. Its size increased faster than the advisory and financial sector and even the overall US economy since 2003, reaching a value of $10.7 billion in 2020, despite a small dip in the face of the Covid-19 pandemic.
This growth can be attributed to the increased adoption of online trading platforms as the default mode of participating in the financial markets for both retail investors and institutional traders. The advantages of trading online are numerous, especially for dynamic markets, such as in forex. These platforms offer non-latent trade execution with negligible slippage and, consequently, minimal lost opportunities. There is, however, a flip side to the move online - malicious and opportunistic entities out to make a quick buck at the cost of unsuspecting online account holders.
The Red Queen Dynamic – Evolving a Defence for Safe Trading
In the online realm, there is a constant threat from continually evolving hackers that work against investors to gain access to their data and funds. In 1973, Leigh Van Halen, observing this evolution, theorised that for a population to maintain its level of performance, it must continuously adapt relative to populations that are continuously adapting against it. Van Halen called this the Red Queen Effect, inspired by the Alice in Wonderland character, who laughs at Alice futilely trying to run away from Looking Glass Land, commenting, “Now, here, you see, it takes all the running you can do, to keep in the same place.”
The UK Government Office for Science, in its Technology Trends in the Financial Markets report for 2020, drew on this evolutionary approach, commenting that “Cyber-security … involves an ongoing arms-race between attackers and defenders, predators and prey.” A 2019 Accenture research report revealed that security breaches had increased by 11% from 2017 to 2018 and a whopping 67% since 2014.
So, how does an investor adapt against these predators and not fall prey to the Red Queen dynamic? While pop culture, movies and television, might lead you to believe that the scales are heavily weighted on the hackers favour, there are a few ways to stay safe while trading online.
Security Starts at the Home (Device) – Antivirus
The first step to ensuring a safe online trading experience is to ascertain that the device that you trade on is protected via an up-to-date and trusted antivirus software. Antivirus software helps by:
- Regularly scanning the device and downloads for malware.
- Ensuring that websites visited via the device have up-to-date security certificates.
- Some provide safe payment browsers for an added encryption layer for third party gateways.
Strong Locks - Passwords
Having a strong password might seem like common sense and is one of those critical slivers of wisdom passed down to us from previous generations and signup pages alike. However, every year, Splash Data, a leading security application provider, releases a list of the 25 most common passwords, and weak passwords, such as 123456, regularly feature on the list. While online trading platforms will not necessarily allow such weak passwords, some can have weaker than ideal password policies. This was one of the security flaws in online platforms noted by IoActive and presented at Black Hat 2018.
A way to sidestep the need to rack your brains for a secure password that you can remember (frustrating failed signup attempts is an experience shared by most of us) is using password wallets. These wallets offer multiple advantages, such as:
- A password wallet from a reputable and secure antivirus or cybersecurity company can automatically generate extremely secure passwords and store them in an encrypted state.
- Asking trading apps to remember passwords might cause them to be stored without adequate encryption - another flaw noted in the aforementioned IoActive report. Wallets provide alternate encrypted storage options.
Keeping up with the Phishers
Here we move on from the device to the actual connection with the website.
Phishing is a lot like fishing, except the prey is the unsuspecting investor, and the bait is a website/email ID that looks, reads and operates much like the real thing. Login to a phishing link, however, and you are handing over login information to the predators.
In 2020, for example, Bitdefender identified a phishing campaign directed at the Standard Bank of South Africa, where emails from an email ID pretending to be from the bank, discussed “financial strategies to alleviate the economic impact of the pandemic.”
Attempting to open the link directed the user to a fake login page.
Much like the fish in fishing, investors can avoid taking the bait by paying close attention.
- Phishing sites often contain modifications in their URL from the original.
- Phishing emails often have slightly amended email addresses, as compared to the original version or may contain informal or incorrect language.
- Manually typing out your platform’s URL, rather than clicking on the link you receive tends to prevent phishing.
Pulling Down the Blinds - Encryption
If you are logging on to the online trading portal through a browser, there are a couple of things to observe to ensure that your data remains secure.
- Ensure that the website you are visiting is HTTPS (Hypertext Transfer Protocol Secure) enabled. HTTPS serves a dual purpose of a stamp of authentication and data encryption. This helps thwart “Man in the Middle” attacks, where hackers might intercept unencrypted communication.
- The secure part of the HTTPS abbreviation comes from SSL (Secured Socket Layer) certification. This, in essence, certifies that your data is being handled behind 128-bit encryption layers – the highest required by most regulators. To ensure such security, check that the padlock icon is whole, as in the image below.
Image Source: https://blackwellglobal.com
A Sturdy Gate – A Regulated Platform for Safe Trading
Finally, ensure that the platform that you are using is certified by the appropriate regulator, such as the UK Financial Conduct Authority (FCA). A regulator's certification ensures that you are dealing with a legitimate entity that is subject to oversight and standards of best practice, rather than one that is unregulated, leaving open the chances that they might act in bad faith.
Online trading is the most convenient way to participate in the financial markets but just like trading itself, the platform is also prone to risk. Criminal activity in the online world is a continually evolving threat, and safely trading online requires vigilance on the part of the investor. The above protections are by no means exhaustive but represent useful and relatively simple starting and intuitive points to stay safe online. So, before you rush in to take advantage of the recent Bitcoin momentum or to trade forex, based on the most recent news, take a moment to ensure that your defences are up and sturdy.
- https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/289029/11-1222-dr3-technology-trends-in-financial-markets.pdf -
- L. Van Valen (1973). A New Evolutionary Law. Evolutionary Theory, 1:1-30