7 Cybersecurity Spring Cleaning Tips
As a fiduciary, we have always taken extensive steps to protect our clients’ financial security, cybersecurity, and privacy. Now, all of this is even more important due to the coronavirus pandemic.
The combination of public health panic, volatile markets, and uncertainty about the future creates the perfect environment for scammers who prey on our insecurities and desire for answers. And with coronavirus news everywhere you turn, it is challenging to figure out what is really accurate.
Educating yourself is one of the best ways to combat these threats. According to a study by the Better Business Bureau, those who heard about a scam before they were targeted were significantly less likely to lose money, as were those who talked about it with someone else.
You can always reach out to us at Halpern Financial if you come across something fishy (or phishy), but here are a few ways to arm yourself with knowledge!
If You Won’t Shake Someone’s Hand…Don’t Click That Link!
1. Be aware of common scams.
On top of the coronavirus, this year is a census year and an election year—all things a scammer could try to exploit. AARP has a recently updated list of scams to be aware of.
- Phishing: Phishing is when a scammer sends you an email that appears to be from a real company—but actually is trying to get you to download a virus or provide personal information (bank information, passwords). These emails can look quite real, but make sure to look at the email address very carefully. If something doesn’t look quite right, do not click links, do not open attachments and especially never provide a password or security code.
- Robocalls: Robocalls themselves are not illegal (as annoying as they are) but often they are used fraudulently. Fraudulent robocalls use high-pressure tactics, threatening legal action unless you call a number where you will be asked for private information. Another common robocall scam is impersonating one of your family members and pretending to need financial help.
- Spoofing: Spoofing is when a criminal disguises their phone number to make it appear similar to your own phone number on caller ID, or even like a company you have done business with in the past. In a particularly concerning example, they can even impersonate Apple, making the call look like it comes from Apple support after you buy a new iPhone!
- Two-Factor Authentication Scam: Two-factor authentication (sending a one-time code to your mobile phone in order to log in to online accounts) is highly recommended in order to put another barrier in the way of cyber attack…but clever scammers have found a way to get around it. Never, ever send a one-time security code to someone else—they can use it to hack into your email account, and then reset the passwords of your social media, bank accounts, etc.
2. Never provide personal information to someone who contacts you unsolicited.
Instead, end the call (or ignore the email), Google the company’s contact information (do not use the contact info provided to you by the person who reached out to you) and reach out to the company on your own to confirm the request is legitimate.
3. Never click on email links or open attachments unless you've verified the sender.
This is how hackers download viruses, keystroke loggers and other malware onto your computer.
4. Never say the word “Yes” when answering an unfamiliar phone number.
Scammers can record this and use it to claim you agreed to something you did not. Just hang up if you answer a suspicious call.
5. Watch out for strange voicemails or emails that look like they are from people you know.
Using technology, it is possible to replicate someone’s phone number, email, and even their voice. When in doubt, always confirm with the person using a different communication channel.
6. If you find yourself working from home, be extra cautious about your cybersecurity habits.
Use your company’s portal and follow the security guidance from your IT department. Do not use unsecured wi-fi networks, and make sure your communication channels are not accessible to unauthorized people.
7. Use best practices for video chat—we do!
Avoid being a victim of “zoom-bombing,” or when a stranger intrudes on your call, and broadcasts offensive content. Ramp up your security settings—for example, by setting a password for meetings and not publicly sharing links to video conference calls.
And of course, the best overall cybersecurity advice is to be cautious and use common sense…if something seems too good to be true, it probably is.
Helpful Cybersecurity Resources: