The Heartbleed Bug, Your Risk, and Online Banking

The Heartbleed Bug, Your Risk, and Online Banking

Rate information contained on this page may have changed. Please find latest savings rates.

Information on how much of a risk the Heartbleed bug is for online banking and financial transactions. Tips on what you can do to protect yourself.

By now you've probably read or heard about the Heartbleed bug. Discovered one week ago, the bug makes encrypted Internet communication vulnerable to being hacked and easily decrypted. It is a particularly insidious bug because it leaves no trace of being hacked, so if information is stolen, the theft is never detected. Still, it is important to remember that as of now, there is no known case of hackers using the bug to steal information. 

So how much of a threat is it really, and what can you do to protect yourself? 

Are You Impacted?

The general consensus from the media and security experts is that people should be concerned and vigilant about the bug.  Mark Nunnikhoven, a security expert at Trend Micro said that about 17% of secured sites on the Internet are vulnerable to the Heartbleed bug. The website Mashable.com has done a nice job putting together a list of major sites that were impacted by the bug. Some large sites include: Netflix, Youtube, and Gmail. On any of these non-banking sites, your personal information and credit card could be compromised. So, although they are not banks per se, you might still conduct financial transactions on them.  

Large Banks Not as Impacted

The list from Mashable also shows that large banks have been largely unaffected by the bug. Big banks have multiple layers of authentication and rely on more than just a secure certificate to keep their customer's information safe.

Smaller Banks May Be Vulnerable

What about smaller banks? I went to several smaller bank sites and used a Heartbleed Vulnerability testing tool.  In five out of five cases, I received the message below.

Server software: Apache

Was vulnerable: Possibly (known use OpenSSL, but might be using a safe version)

SSL Certificate: Possibly Unsafe (created 8 months ago at Aug 16 00:00:00 2013 GMT) Additional checks SSL certificate history yielded no new information

Assessment: It's not clear if it was vulnerable so wait for the company to say something publicly, if you used the same password on any other sites, update it now.

You can test your own bank using the tool found here.

In contrast, this is the message I received when I tested Bank of America's website:

Site: www.bankofamerica.com

Server software: Not reported

Was vulnerable: No

SSL Certificate:SafeAssessment: This server was not vulnerable, no need to change your password unless you have used it on any other site!

This doesn't mean that smaller banks have the bug but if you receive the Possible message using the test, you should call your bank and ask if the bank was vulnerable to the bug and if they have fixed it.

Conclusion

While you shouldn't panic, it would be wise to change your passwords if you use any of the sites listed as vulnerable. While it's unclear if this vulnerability was ever exploited, it makes sense to change passwords on a regular basis anyway. So, use this opportunity to upgrade your own personal digital security. One caveat though. You might want to wait a few days or even a week to ensure that all of the vulnerable sites have upgraded their software. Otherwise, you could be giving out your new password to an insecure site.  In the meantime, check your bank statements and credit card activity regularly to make sure you don't see anything out of the ordinary.

Image: www.softonic.com

Contingent Income Auto Callable Securities: Don't Blur the Difference Between Equities and Fixed Income

Contingent Income Auto Callable Securities: Don't Blur the Difference Between Equities and Fixed Income

Rate information contained on this page may have changed. Please find latest savings rates.

Another sign of a frothy equity market has arrived in the form of a new equity-based structured note format that is making its way across Wall Street, and allowing brokers to market high yielding sexy products tied to some of the names that have driven the equity markets to their current levels. Unless you have the ability and the knowledge to properly hedge the risk of these instruments, you should avoid them.

I recently got a call from a broker at a well-known investment bank who was excited to tell me that he finally had a new series of high yielding products to sell.   The products - called a Contingent Income Auto Callable Security - pay a fixed rate of return for a fixed period provided that a given target equity trades at our above a target price and are each issued by an investment bank (such as Morgan Stanley or Royal Bank of Canada).

After looking at several prospectuses, the issue that struck me as most interesting was a one year Note (CUSIP: 48127E510) underwritten by Morgan Stanley against the equity of Yelp (NYSE: YELP).   Yelp was trading at $90 a share on the March 19, 2014 issuance, and the terms of the issue are that it will pay a quarterly dividend amounting to 15.6% a year so long as Yelp is trading at more than 50% of its value at issuance on each quarterly measurement date (i.e., the Note pays 3.90% a quarter as long is Yelp is trading at or above $45 a share).  The quarterly dividend is forgone if Yelp is trading below $45 on a quarterly measurement date.  At the end of the 12-month period, you receive back your full principal provided Yelp is trading above that threshold level.  If it is trading below, you receive back the equity that you would hold if you were to purchase the stock on the issuance date.  In other words, if Yelp is trading below $45 on March 19, 2015, you recover some percent of your principal that is below 50% and equal to the stock price on that date divided by its March 19 price of 90. 

While many will feel that the downside on Yelp is negligible, it should be noted that Yelp traded at $22 a year ago, and could be shut down in two seconds if Google were to adjust its search algorithm.  It should also be noted that on March 20, 2014, the day after this Note’s issuance, the stock closed at $84, having fallen 8% already.   On the other side, it could double or even triple over the next year as it did over the last year.  And, if it does, you will have swapped all of that upside for a 15.6% return.  In other words, you are giving up your upside for 15.6% and still taking on limitless downside exposure. 

The dividend offering in the Yelp Note is much greater than those offered in the other similar Contingent Income Auto Callable Securities (most offer a 5-7% yield, which in some cases is only 2x the underlying stock’s dividend) and some have thresholds where the threshold for a loss of principal is only a 20% decline in the underlying equity.  In other words, Yelp is the most compelling offer that I saw in terms of yield and arguably had the least risk to principal.  The other issues therefore should certainly be avoided.

But, the Yelp issue too should be avoided.  As you can see from the example, you have limitless downside, and because you don’t own the stock, you won’t be able to sell the stock or even hedge it easily if it should begin to fall.  You are also giving up your upside in return for a fixed yield that, while attractive, is not commensurate with the risk to this highly volatile name.   To boot, you are assuming credit risk of the issuing bank.

Bottom Line: Unless you are somehow running this trade as a hedge against a short position in Yelp or can somehow otherwise hedge a contingent income auto callable security, you should avoid it.

Full disclosure: The author has never had a position in Yelp, does not have a position, and is not recommending any position – long or short – in the stock.

Image: Keerati at FreeDigitalPhotos.net

5 Ways to Save Money and Impress Your Partner

5 Ways to Save Money and Impress Your Partner

Rate information contained on this page may have changed. Please find latest savings rates.

It's often assumed that being a saver kills the passion in a relationship. Here are five tips on how to be a prudent spender in a way that lights a spark in any relationship.

Money is often considered an aphrodesiac. And everyone likes to go out and have a good time now and then. But saving money and padding your account can also show your partner that you are a resposible person. And a fat bank account is often more impressive than spending money frivolously. Below are five ways to save money in a way that pads that account but also keeps the passion burning.

Be disciplined: budgets are sexy

There is a pervasive cultural norm out there that dictates that going out to eat on a consistent basis is standard behavior for couples. These are the same people who have you buying gifts on Valentine’s Day, shopping for expensive jewelry, and taking nice trips to far-off places. Many of you will be surprised to discover then that if you opt to cook dinner and stay in to watch some Netflix your significant other will not kick you to the curb. It’s entirely possible to show your partner that you care without spending unnecessary cash; it just takes creativity and a little bit of advance planning.

If you inform your partner that you’ve created a budget to tighten your belt, a budget that has a nice section in there for time with them, cooking dinner with premium ingredients four nights a week instead of going out twice a week, your new budgeting plans will sound less stingy and more sexy. My girlfriend’s proclivity for savvy financial planning is a long- term turn on; there’s nothing more attractive than somebody who knows the real value of a dollar.

Be decisive: forward thinking gets you discounts and saves you money

It’s easy to think of money as a renewable resource. You earn it, save a little, spend a lot, and then earn some more to replenish your coffers. When you get a promotion it’s as if you’ve struck oil, more and more fuel available to burn. That’s not how you should be looking it.

Consider that there is a finite amount of money you are going to make in your lifetime. Whether it’s $10 million or $10 billion, there is some limit to how much you will be earning before it’s all said and done. Every dollar you spend is another “brick” taken away from your grand total, and it you can never get it back. Looking at things this way,  it’s clear that every purchase you make big or small is significant in some way. Depending on the state of your relationship, your partner is also consciously or subconsciously counting the amount of bricks you have left to put toward your life together. That’s where forward thinking comes in.

There are certain items that you know you will need to purchase over the next three, six, or twelve months. Many make the mistake of waiting until just before the time of immediate need to purchase these goods or services, and thus miss out on a plethora of discounts. There are a variety of different sites out there that post discounts and deals of every shape in size in a variety of different industries. Do yourself a favor and write out a list of the different items you will need over the next year (if you can plan out that far in advance) and keep them in a nice spreadsheet. When you see a deal come along that is unlikely to be trumped by any significant margin (and is probably more likely to disappear), then you should pounce. This might mean you wreck your budget in one month and spend little in another, but at the end of the day your net gain will be much higher and you’ll have more bricks with which to build your future.

Be inquisitive: just because it’s expensive, doesn’t mean it makes a good gift

Here we introduce the novel concept of asking your partner what it is they really want. I know I know, the point of gift giving is surprising them so you have to buy something really expensive to ensure they’ll like it so even if they don’t they have to pretend like they do. No, that doesn’t make any sense; do yourself a favor and just ask. There are obviously more subtle ways of prying from your significant other what it is that would make their life better, and if you’ve got a good idea then go for it. But please for the love of your wallet, don’t buy something just because you’re concerned and think that’s what they’re supposed to want and what you’re supposed to purchase.

Two categories of purchase that are always guaranteed to please are (1) things that involve them seeing more of you (2) practical things that they’ll touch every day and will remind them of you. No, that doesn’t mean lots of rings and jewelry all the time, though for some that is exactly what they’re looking for. This holds especially true for those in long distance relationships where the urge to buy your partner things as a form of pseudo-replacement can be bank account crushing at times. Clothing is nice if they’re going to wear it frequently. Hundreds of dollars spent on a dress or shirt for a few wears is probably suboptimal; spend that money on a plane ticket to go visit them.

Be knowledgeable: doing the research for one benefits both of you

A budget is only the tip of the iceberg when it come to financial saavy and should be a stepping stone in what should be a life-long financial process. More than likely by now you’ve been exposed to a variety of different savings and investment vehicles, but you might not know how to take advantage of them. Using that an excuse to not do anything with your money is a poor path. The next time you hear about a 401k match but don’t know what it is, find out. I guarantee if you come home and say “honey let me tell you about this new way I found for us to make/save more money” they’ll be one happy camper.

There are a plethora of online sources for financial education available to you, as well as a variety of different publications to get you started. I’d suggest finding a few good sources and then for a short time every day until it becomes a part of your routine as much as brushing your teeth.

Be happy: always keep the end goal in mind whenever you touch your money

Why are we trying to make money in the first place?  To buy a new house? To help loved ones? Improve your quality of life? We all have our reasons, but it’s important not to forget the overarching goal of this endeavor. Money can’t buy happiness; what it can buy is financial flexibility which can be leveraged in a variety of different situations to allow you to do things that make you and your partner happy. 

Your partner won’t love or appreciate you because you make more money (if they do then you need to reevaluate who you’re in a relationship with); they’ll love and appreciate you for showing the characteristics and taking the actions that generally result in monetary gain. Developing a budget results in a financial boon yes, but it’s the character traits and thought process that caused you to develop the budget and implement it that’s really important. And for the most part, these traits, which include inquisitivenss, discipline, knowledge, and big picture thinking are exactly what turns a partner on.

Image: photostock at FreeDigitalPhotos.net