7 Online Security Tips For Musicians

1For artists, having an established online presence is a key to their success, meaning not just social media profiles and promotional tools, but also significantly more payment information. Here we look at seven tips on how musicians can keep themselves secure online.


By Chris Robley of CD Baby from the DIY Musician

We musicians maintain a lot of accounts online, many of which require us to enter personal information as well as credit card numbers or other payment details. Social media profiles, email management tools, promo tools, distribution, PayPal, web hosting, the list goes on and on.

In the wake of the Equifax hack (which compromised the personal info of 140,000,000 people) we thought it’d be a good idea to remind musicians of some basic measures you can take to protect your identity and the security of your financial information. To be clear, CD Baby has not experienced any issues in this regard; we just want to offer some tips while such concerns are at the forefront of everyone’s mind.

1. Update your password often.

0001The longer you stick with the same password, the more time someone else has to compromise it. I mean, you don’t have to change it every week, but if you’re still using the same password you had ten years ago, it’s time for an update! Quarterly password changes are a good goal.

Also, avoid “incrementing” a number on the end of the password. It’s way safer to create a completely new password each time. LastPass provides a random password generator if you need help.

2. Make your password unique for each account.

Don’t use the same password for your CD Baby account as you use for other services. Otherwise if someone breaks into one of your accounts, they could break into all of them.

If remembering dozens of different passwords intimidates you (as it would), you can use a password vault to help store your login information securely.

Check out these options:

3. Be sure your contact info is up to date.

Simple enough: If there are security concerns, make it easy for the appropriate parties to actually contact you.

4. Make sure your email account has a unique password and is updated regularly.

Similarly to the above recommendations, it’s important that your primary email account is secure, as we (and most services) will use your email address to help identify you and to send you password resets.

5. Don’t fall for password and account “phishing” schemes.

1Phishing is when the band members of Phish try to obtain your personal information for malicious purposes. Just kidding. But it is when SOMEONE (probably not a member of Phish) tries to get your info by pretending to be someone or some organization you trust. Phishing is usually conducted via electronic communication such as email, instant message, etc.

It’s easy to say “Don’t fall for it,” but sometimes scammers get pretty tricky. The best rule is to never click links you aren’t absolutely sure are legit and relevant to the larger context of a message you’re also sure has been sent by someone or some entity you have an existing relationship with.

Instead, it’s better to type web addresses directly into your browser than it is to click on links from emails, since emails can easily be forged and direct you to fake websites.

6. Beware of anyone that contacts you by phone looking for personal info.

Normally you have to verify who you are when you call THEM. Not the other way around. If you feel suspicious, good. Hang up and call the official contact number for the organization and see if their phone inquiry was legit.

7. Remember that CD Baby, HostBaby, HearNow, and their representatives will NEVER ask you for your password via chat, email, or phone.

That’s not how we roll.


Share on: