May, 2021
Our job is to protect your assets and investments, but with most communications and transactions occurring online, we want to be sure you know how to protect your data and devices from cyber attacks and scams.
Cyber attacks are malicious attempts to access or damage a computer or network system. They can lead to loss of money, theft of personal, financial and medical information and harm your reputation and safety.
Cyber security involves preventing, detecting and responding to cyber attacks.
Types of cyber attacks
1. Hacking: compromising digital devices
2. Phishing: attempting to obtain sensitive information such as usernames, passwords and credit card details by impersonating oneself as a trustworthy entity in a digital communication
If you receive an email that says “click here to update your account” or something similar, check who sent it. If it is not from the source it claims to be, or in any way seems suspicious, DO NOT CLICK and delete the email.
Malware: software designed to cause damage to a computer, server, client, or computer network.
The cyber security tips that follow apply to any device connected to the internet, including desktop and laptop computers, mobile phones and tablets, and connected devices, such as smart watches, home appliances and smart devices, security systems, music systems, and smart speakers.
Passwords
• Don’t use the same password twice
• Use passwords with a minimum of 12 characters (with at least one uppercase and one lowercase letter, one number and symbols)
• Use easy to remember passwords
• Change passwords at least once a year
• Consider a password management tool
• Don’t store passwords on a device with the word “password” in the file
Use Two-Factor or Multi-Factor Authentication
This adds additional layers of security to logging in with just a user name and password
• Two factor: one additional authentication method
• Multi-factor: more than two additional authentication methods
According to NIST (National Institute of Standards and Technology – nist.gov), texts should not be used during two-factor authentication because malware can be used to attack mobile phone networks and can compromise data during the process.
Be suspicious of emails and unknown phone calls
• Don’t open email from people you don’t know
• Malicious links can come from friends who have been infected too. So if an email looks suspicious, don’t click and alert your friend that their account may have been hacked.
Protect Your Sensitive Personal Identifiable Information (PII)
PII is information that can be used by a cybercriminal to identify or locate an individual, including name, address, phone numbers, date of birth, SSN, IP address, location details, or any other physical or digital identity data. Your credit card information should be protected by companies if they follow the PCI DSS standards.
Be very cautious about the information you include online. Review privacy settings in your social media accounts. Adding your home address, birthdate, or any other PII information will increase your risk of a security breach. Hackers use this information to their advantage. Don’t provide information about travelling on social media.
Use Mobile Devices Securely
• Create a Difficult Mobile Passcode – Not Your Birthdate or Bank PIN
• Install Apps from Trusted Sources
• Keep Your Device Software Updated
• Avoid sending sensitive information over text message or email
• Update your mobile devices regularly
Backup Your Data Regularly
Consider keeping copies online (cloud storage) and offline (external hard drive). If you become a victim of ransomware or malware, you can get your data from one of your recently saved sources.
Beware Public Wi-Fi
Only use a public Wi-Fi if you have a Virtual Private Network (VPN).
The VPN encrypts the data, between your device and the wi-fi network.
Review Your Online Accounts & Credit Reports Regularly for Changes
If you see any suspicious activity on your credit cards, alert the provider immediately and ask for a credit freeze. This allows you to lock your credit and use a PIN number to access the account.