College Countdown
  • About
    • About College Countdown
    • Parent Advisory Council
    • Our Contributors
  • Articles
    • Affording College
    • Using Your 529
    • College Admissions
    • Student Life
    • Academic Success
    • Parenting
    • COVID-19
  • Timeline
    • College Prep Timeline
    • For Junior Parents
    • For Senior Parents
  • Videos
Academic MindsetAcademic SuccessParenting

How to Help Your Student Anticipate an Academic Sense of Belonging

You’ve likely saved for years with the goal that they will take full advantage of the academic opportunities college offers. You prepared for it. Now it’s time to prepare them.…
Jennifer Tharp, Ph.D.August 3, 2020
Please talking about managing loans.Affording CollegeSenior Student

10 Ways to Pay for College Without Student Loans

A necessary evil. And while a minimal amount of college debt, borrowed responsibly, can be a worthy investment in a student’s future, borrowing for that college degree is not always…
Bright Horizons College CoachAugust 1, 2020
Affording CollegeSenior StudentVideos

Can Grandparents Help Pay for College Without Disrupting Financial Aid?

Grandparents that want to help pay for your college expenses are a huge help, but make sure to follow these tips to minimize the effects their gifts might have on…
Bright Horizons College CoachDecember 31, 2020
Affording CollegeSenior StudentVideos

Should You Fill Out the FAFSA If You’re Wealthy?

Shannon Vasconcelos, a former Financial Aid Officer, goes over the reasons you may want to fill out a FAFSA application even if you don't believe you will qualify.
Bright Horizons College CoachDecember 31, 2020
Sexual Assault PreventionSenior StudentStudent Life

Sexual Violence on College Campuses

We’re here to help and want to make sure your family is safe and knowledgeable about the resources that colleges offer to keep students safe. This page will provide you…
Neil Best, Ph.D.December 31, 2020
Affording CollegeCollege AdmissionsVideos

Underserved in a Land of Plenty: Pre-recorded Panel Discussion

A Conversation About Transition from High School to College Among Underserved Student Populations.
ScholarShare 529December 21, 2020
College Grads Throwing CapsAffording CollegeJunior StudentSenior StudentUncategorized

Pay for College Without Student Loans

The cost of college rises every year—forcing parents to decide if they will compromise the dream of helping their kid go to college and limit their shot at a great…
ScholarShare 529December 18, 2020
Student viewing computer.Affording CollegeJunior StudentSenior Student

6 Myths About Paying for College

These common assumptions about paying for college can unfortunately influence parents and students to take missteps in their college planning. 1. If my parents save for college, it will hurt…
ScholarShare 529December 17, 2020
College student moving in.ParentingSenior StudentStudent Life

What to Bring to College

Here are a few suggestions: Bedding: Before you buy sheets, find out in advance what size bed your kid will have in her dorm. Twin? Or twin extra-long? In addition…
ScholarShare 529December 16, 2020
Girl looking at a computerAffording CollegeJunior StudentSenior StudentUncategorized

Can I Pay for College in Installments?

It can be challenging to pay for a college term in one lump sum. That's where installment plans come in. 1. College payment plans are like no-interest loans. Deferred payment…
ScholarShare 529December 16, 2020
Father talking to sonJunior StudentParenting

Teaching Your Kid Fiscal Responsibility

One often unspoken subject between parents and their (almost) adult children is financial responsibility. Use your years of experience to help your child understand how to manage money responsibly. Here's…
ScholarShare 529December 15, 2020
Diverse StudentsAcademic SuccessParentingSenior Student

7 Tips for Parents of First-Generation Students from a Student Success Coach

Rather there are myriad ways students can make the most of undergraduate study based on their majors, living situations, strengths, prior experiences, use of resources, and campus involvement. Each of…
Jennifer Tharp, Ph.D.November 30, 2020
Affording CollegeUsing Your 529

Report on Higher Education 2020

California Higher Education The New Normal I know people are exhausted by the phrase new normal. But our experiences in 2020 can, in fact, represent our new normal in positive…
ScholarShare 529November 29, 2020
Junior StudentParentingSenior Student

A Necessary Partnership

There’s even a seasonal lawn mower parent—the “snow blower” who clears obstacles out of their student’s way. Quite likely, these or similar terms have contributed to less than optimal relationships…
Michelle Samuels-Jones, Ed.D.November 29, 2020
1 2 3 … 8 Next

Trending Posts

  • Last Call List for High School Senior Year July 31, 2020
  • 10 Ways to Pay for College Without Student Loans August 1, 2020
  • Going to College: 7 Big Talks to Have Before They Leave July 31, 2020
  • 8 Tips for Negotiating College Scholarships July 31, 2020
  • How to Write a “Why this College?” Essay August 2, 2020

Tags

529 Athletics Budget California College Essay Covid FAFSA Financial Aid Health Junior Loans Scholarships Senior Sports Summer Time Management Tuition Underserved Videos Visit

Latest Articles

  • Academic MindsetHow to Help Your Student Anticipate an Academic Sense of Belonging August 3, 2020
  • Please talking about managing loans.10 Ways to Pay for College Without Student Loans August 1, 2020
  • Can Grandparents Help Pay for College Without Disrupting Financial Aid? December 31, 2020
  • Should You Fill Out the FAFSA If You’re Wealthy? December 31, 2020
  • Sexual Assault PreventionSexual Violence on College Campuses December 31, 2020

About Us

  • Welcome
  • Our Story
  • Parent Advisory Council
  • Our Contributors
  • Back to ScholarShare529

Articles

  • Affording College
  • Using Your 529
  • College Admissions
  • Student Life
  • Academic Success
  • Parenting

Timeline

  • College Prep Timeline
  • For Senior Parents
  • For Junior Parents

©2020 College Countdown. All Rights Reserved. 1292708

Legal Disclaimer Security Center

For more information about the ScholarShare College Savings Plan, call 1-800-544-5248 or Click here for a Plan Description which includes investment objectives, risks, charges, expenses, and other important information. Read and consider it carefully before investing.

Please note: Before you invest, consider whether your or the beneficiary’s home state offers any state tax or other state benefits such as financial aid, scholarship funds, and protection from creditors that are only available for investments in that state’s qualified tuition program. You should also consult your legal or tax professional for tax advice based on your own circumstances. Investments in the plan are neither insured nor guaranteed and there is the risk of investment loss.

The ScholarShare College Savings Plan is offered by the State of California. TIAA-CREF Tuition Financing, Inc. (TFI), program manager. TIAA-CREF Individual & Institutional Services, LLC, Member FINRA, distributor and underwriter for the ScholarShare College Savings Plan.

The Plan Web site contains links to other Web sites. Neither the Plan nor TFI and its affiliates are responsible for the content of those other Web sites. The accuracy of information on those sites cannot be confirmed.

The views and opinions expressed in the articles published here are those of the authors and do not necessarily reflect the official policy or position of ScholarShare 529 or TIAA.

All social media platforms are managed by the State of California.

  • Overview
  • Checklist
  • About Identity Theft
  • Safeguarding Your Online Transactions

Security Overview

TIAA-CREF Tuition Financing, Inc. serves as program manager for ScholarShare College Savings Plan (the “Plan”).  Ascensus College Savings Recordkeeping Services, LLC provides recordkeeping and account processing services. Our cybersecurity response program is designed to help keep your financial information safe and is intended to comply with applicable federal and state laws. Online security is a shared responsibility between you, the account owner, and us, the service provider. Safeguarding your assets, your personal information, and privacy is one of our fundamental priorities. We utilize a variety of controls to detect and prevent unauthorized access to our network and sensitive information.

OUR SECURITY PROMISE:

We are committed to keeping your financial information secure. Please know that we’ll never call or email you to ask you for your login credentials. If you receive a suspicious message, don’t click on any of the links or respond with personal information. Please report suspicious activity by calling your plan’s customer service at 1-800-544-5248.

Safeguarding your own information: Account owner security checklist

While we strive to keep your information and transactions safe, there are actions you can take to contribute to your own security. The following are some best practices to follow.

Protect your account

  • Do not use your Social Security number (SSN), in full or in part, for a password or PIN.
  • Review your credit reports frequently (at least once a year). Verify the information listed about you is up to date and accurate and that it includes only those accounts and activities you’ve authorized. Work with the credit reporting agencies to have any inaccurate information removed.
  • Store your Social Security card, other identification cards, checks and accounts statements in a safe and secure location.
  • Do not carry your Social Security card, passport or birth certificate with you unless absolutely needed.
  • Do not share your personal or financial information over the phone or in person unless the information is absolutely necessary and you can confirm that the individual and company are legitimate.
  • Frequently monitor your financial accounts and report any suspected fraudulent transaction immediately.
  • Retrieve and review your mail promptly.
  • Shred financial documents no longer needed, pre-approved credit offers, receipts, and other documents that may contain financial and personal information.

Protect your computers, cell phone and other mobile devices

  • Install and set your anti-virus and anti-malware software to update automatically.
  • Activate all operating system security features on your internet capable devices.
  • Make sure your personal computer and home network are properly protected from malware by setting up your firewall. Check to see that the firewall has been properly installed – or enabled if it came bundled with your operating system.
  • Make sure to keep your web browser software up-to-date by installing the most recent version.
  • Keep the operating system for your computer or mobile device up-to-date.
  • Never leave your computer, cell phone, or other mobile devices logged on and/or unattended in public.
  • Password protect and lock your computers, cell phone, or other mobile devices when not in use.
  • Only download applications from reputable sources. Be suspicious when installing applications that require you to provide information that has nothing to do with the application’s purpose.
  • If you believe your mobile device is infected with malware, contact your service provider.

Keep your information secure

  • If you have any doubts about the authenticity of an email, which appears to be from TIAA-CREF Tuition Financing, Inc. or the ScholarShare 529 Plan, or involves your Plan account, call the Plan’s customer service at 1-800-544-5248. Then, be sure to delete the suspicious emails from your mailbox.
  • Do not click on links or attachments if an email seems suspicious, especially if they tell you the problem is urgent. This is known as scareware and intended to make you react without thinking.
  • Do not give out personal information. Check a website’s privacy policy before you give them your email address.
  • Create strong passwords. Make your password hard for others to guess by using a combination of letters, numbers and symbols that are meaningful only to you. Avoid using the same password for multiple websites, particularly financial websites, and be sure to change your password often (at least annually). See also “Create a strong password” below.
  • Account owners should also avoid using the same password for multiple sites and may want to consider using a password manager (software to securely hold multiple passwords) to securely manage passwords.
  • Never share your password with anyone.
  • Do not include personal or sensitive data in, or in response to, an email.
  • Monitor your account activity closely and watch for unusual activity.
  • Promptly review all transaction confirmations, account statements, and any email or paper correspondence sent by your plan.
  • When you finish your online and/or mobile banking sessions, be sure to log out. Simply closing the browser window does not equate to logging out. By clicking on the X to close the browser window your online session may still be open.
  • Shred documents containing personal information.
  • Protect your mail from theft. If you are planning to be away from home, call or go online to contact the U.S. Postal Service and request a vacation hold.
  • Be aware of your surroundings when making purchases or using the ATM. Thieves have been known to copy credit card information or take pictures of cards on their cell phones.

Practice safe web browsing

  • Only allow pop-ups from sites that you authorize.
  • Only make online purchases using secure sites that encrypt your information. Instead of following links, go directly to the store’s Web site and navigate to find the special sale items. To help ensure that your information is protected when shopping or banking online, look for an unbroken key, or padlock at the bottom of your Web browser or within the address bar. When you are asked to provide payment information, the beginning of the Web site’s URL address should change from http to https, indicating that the purchase is encrypted or secured.
  • Never access a website from a link in a suspicious email.
  • Access online financial sites by typing the address directly into the browser’s address bar instead of clicking the link. It is recommended that once you’ve typed the address into your browser that you bookmark the site. By doing this you can reference the bookmark the next time you need to login to the site without retyping the address into your browser.
  • Think before you click. Be cautious about clicking on links, especially in emails, and be sure they link to a trusted website. Get in the habit of hovering over links to see the underlying Web address. If you’re unsure about a link, you can go to the firm’s website by typing the correct address in your Web browser.

When buying online, look for online merchants who are members of a seal-of-approval program that sets voluntary guidelines for privacy-related practices, such as TRUSTe, Verisign, or BBBonline.

  • Be extremely cautious when using public computers to access financial and other sensitive personal information online. If possible, instead use only known devices, such as your own personal computer which you know has the necessary protections and security features installed.
  • Do not save private information onto public computers. If you’re accessing a private account at the library or another public place, be sure to sign out completely from your accounts and don’t auto save sign-in information like your username or password.
  • Be wireless-wise. Don’t use public Wi-Fi to access websites with sensitive information such as financial records, banking transactions, business-related documents, or other personal information. When setting up your home network, follow the manufacturer’s security recommendations to be sure your wireless signal is properly encrypted.
  • Be cautious of clickable advertisements, pop-up windows, or fake dialogue boxes with urgent messages. These are often tactics that fraudsters use to try and access and steal your personal information.
  • Do not give out personal information to blogs, forums, and other social networking sites.
  • Beware phishing attempts and unsolicited requests; these don’t just happen via email. They can also arrive via social media. Be suspicious of messages or promotions you did not sign up to receive.
  • Be careful about what you post personally and professionally – too much information can help scammers reach their goals.
  • Always make sure to log out of the website before you close the window. Online fraud can happen when you move from one website to another without logging out of the previous one. When you are logging into a secure website, do so in a new browser window.

Create a strong password

  • The strongest passwords are long and employ a mix of numbers, upper and lower case letters, and special characters. Passphrases are typically longer than passwords for added security, and contain multiple words that create a phrase.
  • Your password shouldn’t contain any personal or easily attainable information, such as your name, your birthday, Social Security number, or wedding anniversary. In addition, don’t use a component of your username in your password.
  • Make sure you use different and unique passwords for all of your online accounts. Reusing a single password for multiple websites is never a good idea. If a hacker obtains your password, the first thing he or she is going to do is check whether or not that password works for other websites. It’s also a good idea to periodically change your passwords.
  • Do not give out your passwords to anyone, including family members.
  • Remembering a multitude of unique passwords is difficult, and writing them down on paper isn’t secure. Consider installing a password manager. A password manager is a software application that helps a user store and organize passwords. The password manager stores the passwords encrypted, requiring the user to create a master password, a single, ideally very strong password which grants the user access to their entire password database.

Stay informed on the latest fraud threats

  • Phishing is a cyber-threat by which individuals send messages to lure personal information (credit card numbers, bank account information, Social Security numbers, passwords, or other sensitive information) from unsuspecting victims. Phishing may occur through fraudulent emails, fake websites, text messages, or direct phone calls claiming to be a financial institution, or another company you have a customer relationship with, asking you for your personal information.
  • SMiShing is the cell phone version of “Phishing”. Using fake company e-mails, scammers send text messages that appear to be from well-known companies but contain links to counterfeit Web pages that have been made to look nearly identical to legitimate companies’ sites. The text messages suggest that there is an urgent need for you to take action to update personal information to avoid an unwanted service charge or another potential threat to your account. The Web sites then ask you to enter financial and personal information – like user IDs, Social Security numbers, bank or credit card account numbers.
  • Malware, short for “malicious software,” includes viruses and spyware. These are small software applications which can be installed on your computer, phone, or mobile device without your consent. Malware is used to steal your personal information, send spam, and commit fraud. Without your consent it can download itself during a transaction via your online session and attempt to steal your sensitive data.
  • Many legitimate charities use telemarketing, direct mail, e-mail, and online ads to ask for contributions. However, following major disasters, scammers send e-mail purporting to be from a charitable organization, urging consumers to follow a link and donate or even send cash. E-mail may also come from individuals claiming to be a victim asking for a donation.

Criminals are using new schemes that incorporate old techniques to try to trick people to provide personal information or account details. These social engineering attempts include use of sophisticated email and text messages appearing to be from legitimate sources and phone calls appearing to be from authentic individuals or service providers, etc. Carefully scrutinize any requests to divulge personal or account details. Understand your surroundings and be wary of those watching and listening. If you can’t verify a request or confirm that it is authentic, take the utmost caution in releasing any information.

About Identity Theft

Identity theft involves the impersonation of an individual through the fraudulent use of his or her personal and account information – e.g., driver’s license, Social Security number, bank account and other numbers, as well as usernames and passwords.

Identity thieves obtain information in a number of ways:

  • From the trash
  • By stealing mail, purses and other personal items
  • By copying credit card or other information during a transaction
  • Through phishing attacks
  • By submitting false address changes

Avoid being a victim of a social engineer or scam artist by being an educated and aware online consumer. Learn more by visiting OnGuard Online, a service of the U.S. Federal Trade Commission and other federal agencies. OnGuard Online provides information about avoiding scams, understanding mobile apps and Wi-Fi networks, securing your home computer, and protecting family members.

If you are a victim of an Internet crime, report it to IC3, a service of the U.S. Federal Bureau of Investigation and the National White Collar Crime Center. You should also report attempted identity theft to the local authorities as well as to the Federal Trade Commission’s Complaint Assistant Application.

Identity theft prevention & protecting your personal information

While there is no way to completely eliminate the risks of fraud or identity theft, there are things that you can do to help protect yourself and minimize the risk.

  • Protect your Social Security number. Remove your Social Security number printed on anything – such as checks. Keep your Social Security card not in your wallet, but in a secure place within your home.
  • Don’t give out personal information to unknown callers. If an unknown caller asks for your personal or financial information, tell them you will call them back to confirm the inquiry, and then either verify that the company is legitimate, or if it’s a bank or credit card company, call them back using a number from your bill or your card.
  • Regularly review bills and account statements. Make sure you recognize and authorized all charges, checks, and/or withdrawals. If a regular bill doesn’t arrive, call the company to find out why – it could mean that a thief has redirected your mail to another address.
  • Protect important documents at home. Keep your personal information and important documents in a secure place in your home, like a locked file cabinet or a safe.
  • Shred documents containing personal information. Once you’ve paid your bills and reconciled your accounts, shred old account statements, bills, receipts, pre-approved credit offers, and other documents that contain personal information before you throw them away.
  • Protect your mail from theft. Don’t leave outgoing mail (like bill payments) in an unsecured mailbox. Use a locking mailbox or take it to a post box or your local post office. If you are planning to be away from home, call or go online to contact the U.S. Postal Service and request a vacation hold.
  • Streamline your wallet. Carry only the credit and/or debit cards, checks and/or cash that you need for the day.
  • Be aware of your surroundings. Be conscious of people standing nearby when you are making purchases or using an ATM. Thieves have been known to copy credit card information or take pictures of cards with the camera of their mobile phone.
  • Check your credit report regularly (at least once each year). Make sure the information about you is accurate and that it includes only those accounts and activities you’ve authorized.

Safeguarding your information and online transactions strong technologies and technical controls

We use the following methods to help keep your online transactions and personal information safe and secure.

Username and password requirements

To help prevent unauthorized access, we prompt you to create a unique username and password when you first access your account. A password is a string of characters used to access information or a computer. Passwords help prevent unauthorized people from accessing files, programs, and other resources. When you create a password you should make it strong, which means it should be difficult to guess or crack. See below for hints in creating a password that would be difficult to crack.

A Strong Password

  • Minimum of eight characters long
  • Includes numbers, symbols, upper-case and lower-case letters
  • Does not contain your username, real name or company name
  • Does not contain a dictionary word
  • Is significantly different from the previous passwords

Image verification during login

Before you enter your online password, we ask that you verify your personalized security image. This image would be one that you selected during the creation of your web account. Once the image you have selected is displayed, you can be confident that you are accessing our website, as opposed to a fake site that may be attempting to “phish” for your personal information. If you ever log in and do not see the image you’ve selected or the image is incorrect, STOP, do not input your password. Please immediately report this to your plan’s customer service team.

Note that for some sites where there exists a partner relationship, some users may seamlessly sign into their financial institution’s website without seeing a security image. This occurs because of an industry standard technology called federated authentication which exists between your financial institution and us. When you securely log into your financial institution’s site and wish to then view your 529 plan account, you will seamlessly and securely be transitioned to the Plan’s website. Users should familiarize themselves with their financial institution’s security and login process to be more able to effectively identify when the process behaves differently than expected.

Security Questions

If you forget your password, answering the security questions you selected when creating your account will allow you to reset your password online. The security questions are designed to be personal to you. The answers should also be easy for you to remember but hard for others to guess. We highly recommend that you do not use questions that may be answered by someone viewing your social media profiles or other information that may be publically available.

Customer verification

Whether you visit us online, or by phone, we always verify your identity before granting access to your accounts.

Strong encryption

Transport Layer Security (TLS) technology is used to establish an encrypted connection between your browser and our Web applications. TLS websites start with “https://” instead of “http://” and signify that you are in a secure online session with us. For your protection, we require a modern version of TLS and industry standard encryption strength – these are supported by current versions of all modern browsers.

Systems surveillance

We’re on the lookout for suspicious irregularities across our network and infrastructure every day, all day.

Firewalls

Firewalls are protective barriers that defend our networks and computer systems from hackers and cyber-attackers trying to gain access into our systems. We use some of the strongest firewalls available in the industry to guard the information housed in our servers.

Logging

System activity is logged in order to preserve the information necessary to validate the transmission of data or the completion of a transaction.

Fraud detection

We monitor transactions for suspicious and unusual behavior to help verify that they are authentic and legitimate.

Restricted access to data

We limit access to systems containing customer data to only those employees who need it to conduct business or support key business functions. Access is continually monitored and only granted to new associates as their role may require.

Employee education

We make sure that our employees know and adhere to our security policies. We require all associates to participate in ongoing security training, including how to handle sensitive data and to be aware of security risks.

Regularly refine and update security features

We review industry security standards and perform system testing on an ongoing basis to help identify and implement the most up-to-date techniques and technologies, and verify that our systems are performing as expected.

  • About
    • About College Countdown
    • Parent Advisory Council
    • Our Contributors
  • Articles
    • Affording College
    • Using Your 529
    • College Admissions
    • Student Life
    • Academic Success
    • Parenting
    • COVID-19
  • Timeline
    • College Prep Timeline
    • For Junior Parents
    • For Senior Parents
  • Videos