Hopefully You’ve Had Your Financial Health Checkup – Now It’s Time for Your Cybersecurity Checkup
by Steve Thomas
Unfortunately, some of the concerns we deal with every day as financial advisers are identity theft and cybersecurity issues.
Have you ever wondered why all new computers come with some sort of trial or free anti-virus software already installed when you buy them? Here’s the answer, a recent tech article I read estimated that it takes less than 2 minutes for a computer that is newly connected to the internet to be exposed to a virus unless they are running an anti-virus software.
Like it or not, being aware and prepared for cybersecurity issues is not an option if you are using your computer – or smart phone – for almost anything.
We see headlines almost daily, big firms like Yahoo, Marriott, Equifax, etc. all are falling prey to various hacks and security breaches. These firms are spending millions, and in some cases hundreds of millions, just to keep up with today cyber environment.
Even the wealthiest man in the world, Jeff Bezos, was hacked and intimate photos were leaked to the press.
At SGL we realize that many of our clients have already taken some of the basic steps necessary to keep their computers and private information safe, but numerous times a year we get a message that someone’s account or e-mail has been hacked.
While no one has all the answers to keep you safe from these cyber predators, here are some basic ideas and comments for you to consider implementing for your electronic well-being.
1. Review Your Passwords
Most people use passwords that are child’s play for anyone with good computer skills. If you doubt this, ask someone who’s computer savvy to try to figure out your password.
The basic rule of thumb is that eight characters isn’t enough. Using a combination of upper and lower case letters, numbers, and special characters is recommended.
An even better solution is to use password storage program the requires you to only remember one master password and let the program generate complex passwords for other programs. I personally use one called LastPass.
2. Be Aware of RFID (Radio Frequency Identification) Protection
You probably know or have heard of someone who’s had their credit card information stolen while the card was in their possession.
This theft is done electronically by readily available “scanners” that detect the information stored on the chip on your credit cards.
There are a number of companies that have developed travel bags, wallets and credit card holders with RFID protection. A quick internet search will give you several ID shield options.
3. Beware of Email Scams
I have had a Yahoo personal e-mail account for over 15 years and despite all my attempts to install various filters and scam prevention settings, I still receive at least one – usually more – phishing or other scam e-mails a day.
Unfortunately, these e-mail scams are so commonplace because they have a track record of succeeding. Most people – and certainly all of our clients! – are nice people, but that sometimes makes them gullible.
If you receive an e-mail from an unknown sender, review it carefully before opening, and remember, virtually no reputable institution (bank, credit card, IRS, etc.) will ask for your non-public personal information via an e-mail.
So, if anyone is asking for your Social Security number, driver’s license number, date of birth, etc. via an e-mail it’s a good chance it’s a scam.
4. Lock and Install Passwords on All Your Devices
Any device that is left unattended and unlocked is an easy target. I know, I can hear everyone saying, “But I never leave my devices unattended. They are always with me.”
To that I respond, “Do you know anyone that has ever lost their phone?” Installing passwords is one of the easiest steps, but it is also one that is routinely forgotten or ignored.
5. Have You Ever Heard of “Safe Clicking”?
This one piggy backs on #3 above but expands to include internet surfing, etc. Safe clicking is basically a rule of thumb that states if you are not familiar with the sender or an attachment that appears to come from someone you know – don’t open or click on it.
One of the most frequent hacks today is people’s e-mail addresses. Even my son who is an IT professional has had his e-mail account hacked.
One day I received a weird e-mail from him asking me to open the attached file and give him my opinion. I almost opened it but I hadn’t spoken to him for a while, so I gave him a call. He was busy getting an e-mail ready to inform his entire address list that his account had been hacked and to ignore any e-mails from him for now. So even if you know the sender – be careful of suspicious attachments.
6. Physical Devices Safety
Be very cautious about using a flash (thumb) drive that someone gives you. We have clients who didn’t trust the internet, so they had their son send them family pictures on a flash drive. The son did not know that his computer had a virus that was copied onto the flash drive.
When they then inserted the flash drive the virus was installed on the parent’s computer and their banking information was stolen.
Viruses or other malware can be spread through any device your computer connects to. Be careful when using flash drives, external hard drives, and even your phones if you sync them via a cable to your computer.
7. Along with Safe Clicking – Exercise Smart Browsing
Obviously, the more time you spend on the internet, the more potential exposures you have to cybersecurity issues. But that doesn’t mean you should deprive yourself of the awesome experiences and knowledge access that you can have via the internet.
But just like everything else in life, too much of a good thing can be dangerous. One of the best analogies I can use here is that surfing the internet is like traveling down a road.
Now hopefully the road you choose is one that is familiar and well-traveled. Since many people travel this same road, everyone watches out for everyone else and warns about potholes and other problems.
But if you turn off the main road on to a less traveled and possibly sketchy side road – you may be in for trouble. The same can be said about the internet.
Going to sites that are well known and maintained by reputable companies and organizations lessens your chances for problems. If you go “rogue” you may have problems.
8. Maintaining Back-ups
I would encourage you to take advantage of the many cloud (read internet) based storage solutions to backup your files and information. Having a virtual copy of family pictures and other items can be real security in case of a fire or other disaster.
Be sure to check that whatever solution you choose uses encryption to make it very hard for anyone else to access our data.
Having said that, I still believe that for some items, especially some of our financial records, a good old hard copy is still a good solution.
While we offer portals to our clients that can be used to store their financial documents, many of our clients also really appreciate what we call “the 3-ringed version” notebook that contains their financial and retirement planning documents. Many people don’t trust having all their important information stored only online.
9. “Loose Lips Sink Ships”
As I was doing the research for this article I came across a warning about sharing too much information with the wrong people.
When I was a regulator and was teaching other examiners about how to make sure firms and individuals were doing things right, I would always tell them that I found out more about a firm during lunches than I did examining their files.
It was amazing what people would tell me over lunch that I never would have found out in their offices. Now, as the firm’s compliance officer I remind everyone of this old phrase, “Loose Lips Sink Ships”. In other words, be careful who you share various information with.
10. Be Vigilant – Check Your Accounts
At SGL we work with clients to establish their lifelong financial and retirement plans. That of course includes establishing various accounts with different institutions to custody client’s assets.
We also send statements and reports on these accounts, so our clients are up-to-date and aware of what is happening in these accounts.
While we do not deal with credit card and various bank accounts, we encourage every client to utilize one of the many tools and programs that are available for them to “aggregate” all their accounts in one place. This makes it easy to monitor activities in all accounts.
I personally use a program called Mint, feel free to look it over. If you see any activity that you don’t remember, make sure you give the institution a call to verify that someone else has not hacked your account.
At SGL our goal is to provide world-class service to our clients and give you the tools to accomplish your financial and retirement goals. But we realize that money is only a small part of what we call the Richness of Life. Feel free to contact us with any questions you may have about this article or any other matter that you have questions or concerns about.