Staying Safe Online: Quick Tips for Enhanced Cybersecurity


When October comes around each year, we often think about fall or the knowledge that the holiday season will be upon us soon. Since 2004, it has also served as Cybersecurity Awareness Month.

Due to our ever-connectedness through smartphones, tablets and computers, cybersecurity is becoming even more critical. New Covenant Trust Company is proud to participate in national Cybersecurity Awareness Month to help spread the word about the best practices for how to protect ourselves in this fast-paced world of technology.

You can greatly increase your cybersecurity online, at work and at home by taking a few simple steps:   

  • Think before you click
  • Recognize and report phishing
  • Update your software
  • Use strong passwords, and don’t reuse passwords
  • Enable multi-factor authentication when available

Multi-factor authentication (MFA)

MFA is one of the best tools to deter a bad actor. Although it can seem annoying to have to enter a code every time you log into your financial institution accounts, it can help you avoid the stress and headache after a bad actor has gained access to your accounts.

Pay particular attention to receiving an MFA request that you did NOT initiate. That likely means that a bad actor has your login credentials and is trying to access your account. Do not click on any links in a text or email, in case the notice is actually a phishing attempt. Instead, contact your financial institution and change your password immediately.


Phishing emails and text messages are frequently used by bad actors. The messages will typically appear to come from a trusted source — a bank or even Amazon! The messages create the appearance of the need for urgent action. 

For example: “We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below, and confirm your identity.”

When in doubt about the validity of an email or text, the safest action is to NOT click on any links. Instead, we recommend contacting the institution directly, through phone or secure email that you initiate. It seems counter-intuitive in our electronic age, but often speaking with someone directly by phone is your best option. 


One critical way to protect yourself is to create complex passwords and avoid using the same password for multiple services. If you use the same password for different types of accounts, once a hacker has access to one, they will likely be able to get into other accounts as well. This is especially critical for the passwords you use for financial institutions.


Email is a wonderful way to communicate with people on a schedule that works for you. It’s also handy to have a record of past information exchanges. However, email isn’t intended to serve as a document retention repository.

If financial institutions send you emails about statements, etc., the best practice is to delete those emails immediately. That way, if hackers are in your email box, they won’t know the identity of the financial institutions where you have accounts. 

The Cybersecurity and Infrastructure Security Agency (CISA) provides resources to help you learn more about cyber basics, as well as advanced cybersecurity issues on their website here

If you’d like to discuss cybersecurity more with us, we’re always available. Please don’t hesitate to reach out at 800-858-6127, Option 6.