Investments
How it works
Performance
Education
About
Investments
How it works
Performance
Education
About
Help center
Help center
About Yieldstreet

Account security best practices for Yieldstreet investors

January 19, 20226 min read
Account security best practices for Yieldstreet investors
Share on facebookShare on TwitterShare on Linkedin

Yieldstreet cares very deeply about the security of your account and data. In an era where website hacks, data compromises, and commerce on the dark web are a matter of daily news, a security breach in one place can render your accounts at other unrelated places vulnerable, and open to compromise.

At Yieldstreet, we take stringent measures and go the extra mile where security is concerned. From securing our infrastructure, to encrypting sensitive data whether at rest or in transit, and using advanced AI and pattern recognition to detect unusual behavior, we follow industry best practices on every front. While the list of technologies we use to ensure your data is protected is extensive, there is a lot that you, as an investor, can do to safeguard your account information. 

There are some simple steps you can take to improve the security of your digital footprint. These recommendations are highly relevant to your Yieldstreet account. Ideally, you should consider using these tips across the board to prevent anyone from taking over accounts containing sensitive information. Below we summarize key steps you can take to protect yourself and secure your personal data: 

Take precautions with your logins and passwords

Keep passwords long and random. Passwords should be at least 16 characters or the full length of the website’s login form. We realize that this is easier said than done, but actually the best way is for you to not know what any of your online passwords are. We recommend using random password generators. Many browsers will generate these for you on signup forms but you can also generate them online at sites such as passwordsgenerator.net, dashlane.com/features/password-generator and the pwgen utility for those who like working off bash shells. 

Using a password management tool like BitdefenderDashlane or 1Password makes this process easier because then you are only required to remember the password to your password management tool. We recommend 1Password—we use it ourselves at Yieldstreet. 

Do not write passwords down in text files or notepads and keep rotating them every 3-6 months. Most importantly, never reuse passwords across sites as this is one of the most common causes of account takeovers. When one site is compromised, every other site you have used the same password becomes automatically vulnerable, no matter how secure it is. 

Use Multi-Factor Authentication (MFA) when possible

Multi-factor authentication is a way to provide an added layer of security to your online account. MFA acts like a series of doors that must be unlocked before entering an online property. The ‘front gate’ is typically protected by a username and password. This is the most obvious barrier and can be compromised by a hack. With MFA, the second door also needs to have a key, one that no one other than you possess, making your online accounts more secure. 

We recommend enabling MFA on every online account and inquiring with the service provider if it’s not a readily available option. In the case of Yieldstreet, we provide two factor authentication via Authy

The most secure form of MFA is a hardware option like a Yubikey. The safest non-hardware option is an authenticator app like Authy or Google Authenticator. The least secure mechanism is SMS or text messaging because it is not tied to a physical device you own (like your phone) but rather the SIM card in it. This leaves it open to compromise through hacking techniques like SIM swapping. anchor-link to mobile safety below

Exercise browsing safety

Websites you visit range from highly secure and responsible, to careless to downright malicious. Be careful while browsing. Most modern browsers do this for you, alerting you to vulnerabilities in the sites you visit. At the simplest level, don’t ignore these warnings.

Secure data transit. Be sure that the websites you log into and share information with have a valid HTTPS certificate. This certificate signifies that the data being transmitted between you is encrypted in-transit to prevent external parties from snooping in on your interactions. Modern browsers make this visible to you by putting a little lock icon on the right of the website’s address.

Use an ad-blocker. Attackers are buying up advertising space to inject ads with malware that can do harm to your computer and your data. Ad-blocker extensions like uBlock , AdBlock Plus or AdGuard maintain lists that block ads that are known to be malicious. 

Here’s an easy checklist for ensuring website security.

Prioritize email safety

Email is often vulnerable to attackers who try to take your information by either sending you malicious attachments or impersonating someone else (also known as Phishing). 

To prevent being the victim of phishing, adopt the following habits:

  1. Do not open an attachment unless you know who it is from and are expecting it.
  2. Hover your mouse over links before you click on them to see if the URL is legitimate.
  3. Enable filters on your email programs and report spam when something seems wrong. 

Practice mobile phone safety

Phones are essentially portable mini-computers and are susceptible to the same kind of risks. They also have an added category of risk due to their functionality as telephones.  

Here are a few things to be aware of with your smartphone: 

Theft or loss of a phone isn’t just a financial hit, you might also lose personal information like photos and videos unless you back up regularly. More importantly, however, losing your phone can be a security liability if the lost device falls into the wrong hands. Here are a few preventative measures you can take: 

  1. Set up access gates. This means setting up PIN codes, biometrics such as Touch or Face ID, patterns, and anything else your phone provides as a security measure. You should make sure that they are needed for every access attempt. 
  2. Enable remote device management. This allows you to remotely locate and, more importantly, remotely wipe your device if necessary. Services like Prey make this easy and affordable. Apple and Google provide their own ways of doing this as well.
  3. Secure backups. Make sure your device is backed up daily. Apple iCloud backups and Google backups make this easy.
  4. Anti-virus protection. Smartphones are fairly resilient to viruses, but they are not immune. This is particularly true for Android devices if you install apps outside of Google Play. Installing a malware scanning/anti-virus app can provide peace of mind on both iPhone  and Android.
  5. Prevent SIM swapping. This is perhaps the biggest security risk you face with a mobile phone. In the event that a SIM swap has taken place with your phone number, you end up in a situation where you may still have your phone, but your phone number no longer belongs to you. The FTC has a fairly detailed advisory on this and recommends the following:
  • Do not reply to calls, emails, or text messages that request personal information.
  • Limit the personal information you share online
  • Set up a PIN or password with your service provider. (This is critical as it prevents someone from calling your provider and pretending to be you.)

Protect your online identity 

There are many ways that attackers might try to steal your identity. A compromised identity is possibly the most dangerous aspect of a lapse in your online security. It can lead to a whole host of issues that are difficult and time-consuming to resolve.

Use an identity monitoring service like Lifelock. Take immediate action when this service sends you an alert, even if it is simply to check and dismiss a false positive. 

Keep your credit information on major providers such as Equifax, Experian, and Transunion frozen at all time and only unfreeze it for specific purposes, like applying for a loan, credit card, or mortgage. 

With banking and financial practices increasingly becoming available online, it is important for investors to take responsibility for their digital footprint. With YieldStreet’s robust security measures and your own vigilance as a user, many of the easily preventable issues that surround account security can be avoided. 

Related Content

Meet Ted Yarbrough, Yieldstreet’s new Chief Investment Officer
About Yieldstreet

Meet Ted Yarbrough, Yieldstreet’s new Chief Investment Officer

We sat down with Ted to get his take on the current market environment, timely opportunities for investors, and more. 

13 days ago
Meet Jay Nayak, Director of Fund Investments at Yieldstreet
About Yieldstreet

Meet Jay Nayak, Director of Fund Investments at Yieldstreet

Get to know the team members of Yieldstreet! Jay Nayak leads the sourcing, vetting and management of our Institutionally Managed Funds program.

3 months ago
$10K in gifts donated on behalf of investors
About Yieldstreet

$10K in gifts donated on behalf of investors

Beginning Thanksgiving day, Yieldstreet will donate a gift to a child in need through Boys and Girls Clubs of America for every investment you make on our platform.

6 months ago
Active investment monitoring at Yieldstreet
About Yieldstreet

Active investment monitoring at Yieldstreet

Explore what happens behind the scenes for each of our active investments.

7 months ago

Investors

Originators

Resources

Company

App StorePlay Store

Check out our podcast!

The Yield

1 Past performance is no guarantee of future results. Any historical returns, expected returns, or probability projections may not reflect actual future performance. All securities involve risk and may result in significant losses.

3 "Annual interest," "Annualized Return" or "Target Returns" represents a projected annual target rate of interest or annualized target return, and not returns or interest actually obtained by fund investors. “Term" represents the estimated term of the investment; the term of the fund is generally at the discretion of the fund’s manager, and may exceed the estimated term by a significant amount of time. Unless otherwise specified on the fund's offering page, target interest or returns are based on an analysis performed by Yieldstreet of the potential inflows and outflows related to the transactions in which the strategy or fund has engaged and/or is anticipated to engage in over the estimated term of the fund. There is no guarantee that targeted interest or returns will be realized or achieved or that an investment will be successful. Actual performance may deviate from these expectations materially, including due to market or economic factors, portfolio management decisions, modelling error, or other reasons.

4 Reflects the annualized distribution rate that is calculated by taking the most recent quarterly distribution approved by the Fund's Board of Directors and dividing it by prior quarter-end NAV and annualizing it. The Fund’s distribution may exceed its earnings. Therefore, a portion of the Fund’s distribution may be a return of the money you originally invested and represent a return of capital to you for tax purposes.

5 Represents the sum of the interest accrued in the statement period plus the interest paid in the statement period.

6 The internal rate of return ("IRR") represents an average net realized IRR with respect to all matured investments, excluding our Short Term Notes program, weighted by the investment size of each individual investment, made by private investment vehicles managed by YieldStreet Management, LLC from July 1, 2015 through and including July 18th, 2022, after deduction of management fees and all other expenses charged to investments.

7 Investors should carefully consider the investment objectives, risks, charges and expenses of the Yieldstreet Prism Fund before investing. The prospectus for the Yieldstreet Prism Fund contains this and other information about the Fund and can be obtained by emailing [email protected] or by referring to www.yieldstreetprismfund.com. The prospectus should be read carefully before investing in the Fund. Investments in the Fund are not bank deposits (and thus not insured by the FDIC or by any other federal governmental agency) and are not guaranteed by Yieldstreet or any other party.

8 This tool is for informational purposes only. You should not construe any information provided here as investment advice or a recommendation, endorsement or solicitation to buy any securities offered on Yieldstreet. Yieldstreet is not a fiduciary by virtue of any person's use of or access to this tool. The information provided here is of a general nature and does not address the circumstances of any particular individual or entity. You alone assume the sole responsibility of evaluating the merits and risks associated with the use of this information before making any decisions based on such information.

300 Park Avenue 15th Floor, New York, NY 10022

844-943-5378

No communication by YieldStreet Inc. or any of its affiliates (collectively, “Yieldstreet™”), through this website or any other medium, should be construed or is intended to be a recommendation to purchase, sell or hold any security or otherwise to be investment, tax, financial, accounting, legal, regulatory or compliance advice, except for specific investment advice that may be provided by YieldStreet Management, LLC pursuant to a written advisory agreement between such entity and the recipient. Nothing on this website is intended as an offer to extend credit, an offer to purchase or sell securities or a solicitation of any securities transaction.

Any financial projections or returns shown on the website are estimated predictions of performance only, are hypothetical, are not based on actual investment results and are not guarantees of future results. Estimated projections do not represent or guarantee the actual results of any transaction, and no representation is made that any transaction will, or is likely to, achieve results or profits similar to those shown. In addition, other financial metrics and calculations shown on the website (including amounts of principal and interest repaid) have not been independently verified or audited and may differ from the actual financial metrics and calculations for any investment, which are contained in the investors’ portfolios. Any investment information contained herein has been secured from sources that Yieldstreet believes are reliable, but we make no representations or warranties as to the accuracy of such information and accept no liability therefore.

Private placement investments are NOT bank deposits (and thus NOT insured by the FDIC or by any other federal governmental agency), are NOT guaranteed by Yieldstreet or any other party, and MAY lose value. Neither the Securities and Exchange Commission nor any federal or state securities commission or regulatory authority has recommended or approved any investment or the accuracy or completeness of any of the information or materials provided by or through the website. Investors must be able to afford the loss of their entire investment.

Investments in private placements are speculative and involve a high degree of risk and those investors who cannot afford to lose their entire investment should not invest. Additionally, investors may receive illiquid and/or restricted securities that may be subject to holding period requirements and/or liquidity concerns. Investments in private placements are highly illiquid and those investors who cannot hold an investment for the long term (at least 5-7 years) should not invest.

Alternative investments should only be part of your overall investment portfolio. Further, the alternative investment portion of your portfolio should include a balanced portfolio of different alternative investments.

Articles or information from third-party media outside of this domain may discuss Yieldstreet or relate to information contained herein, but Yieldstreet does not approve and is not responsible for such content. Hyperlinks to third-party sites, or reproduction of third-party articles, do not constitute an approval or endorsement by Yieldstreet of the linked or reproduced content.

Investing in securities (the "Securities") listed on Yieldstreet™ pose risks, including but not limited to credit risk, interest rate risk, and the risk of losing some or all of the money you invest. Before investing you should: (1) conduct your own investigation and analysis; (2) carefully consider the investment and all related charges, expenses, uncertainties and risks, including all uncertainties and risks described in offering materials; and (3) consult with your own investment, tax, financial and legal advisors. Such Securities are only suitable for accredited investors who understand and are willing and able to accept the high risks associated with private investments.

Investing in private placements requires long-term commitments, the ability to afford to lose the entire investment, and low liquidity needs. This website provides preliminary and general information about the Securities and is intended for initial reference purposes only. It does not summarize or compile all the applicable information. This website does not constitute an offer to sell or buy any securities. No offer or sale of any Securities will occur without the delivery of confidential offering materials and related documents. This information contained herein is qualified by and subject to more detailed information in the applicable offering materials. Yieldstreet™ is not registered as a broker-dealer. Yieldstreet™ does not make any representation or warranty to any prospective investor regarding the legality of an investment in any Yieldstreet Securities.

Banking services are provided by Evolve Bank & Trust, Member FDIC.

Investment advisory services are only provided to clients of YieldStreet Management, LLC, an investment advisor registered with the Securities and Exchange Commission, pursuant to a written advisory agreement.

Our site uses a third party service to match browser cookies to your mailing address. We then use another company to send special offers through the mail on our behalf. Our company never receives or stores any of this information and our third parties do not provide or sell this information to any other company or service.

Read full disclosure
Copyright © 2023 YieldStreet, Inc.
Privacy PolicyData Security

Website Data Collection Preferences

AccessibilityTerms of UseForm ADV Disclosure BrochureForm CRS