October is National Cybersecurity Awareness Month. We would like to take this opportunity to remind you of the importance of protecting your identity and personal information online. Cyber fraud continues to escalate and is becoming more sophisticated all the time. Some of the more commonly used methods are:
- Malware: Cyber criminals gain access to your computer and gather sensitive personal information such as Social Security numbers, account numbers, passwords and more. They often slip in when an unwary user clicks an unfamiliar link or opens an infected email attachment.
- Phishing: Often masquerading as a bank, credit card company or brokerage, cyber criminals lure victims into opening email links or attachments. Doing so may direct victims to provide sensitive information on a fake website, or may automatically install malware to capture login and account information.
- Credential Stuffing: Attacks occur when cyber criminals obtain the password for one compromised account and then try to use it to log in to other accounts. The more the same password is reused, the more chances there are for that password to be compromised or stolen.
Keeping your information secure from criminals is a top priority for our firm. To better protect you and your accounts from cybersecurity threats, we continuously review security procedures to ensure we are following best practices recommended by the industry experts with whom we work.
While we feel we are taking clear and actionable steps in our own firm’s security measures, we also encourage you to take action to help protect your identity and mitigate potential security risks. The list on the following page outlines some best practices for protecting your passwords, surfing the web safely, managing your devices and safeguarding your email and financial accounts. Please carefully review this list with all members of your household.
Lastly, all clients have access to our secure online portal to aggregate/view accounts and also to store/share sensitive documents through a secure online vault. If you do not have access to this and would like it, please contact us.
Please do not hesitate to contact us with questions or concerns about how we protect your accounts or the steps you and your family can take to better protect yourselves and mitigate risk. If you suspect that your email or Fidelity account has been compromised, please call us immediately.
Suggested Best Practices to Protect Personal Data and Prevent Identity Theft
Manage Your Devices
• Access sensitive data only through a trusted device and secure internet connections; avoid public internet connections.
• Keep operating systems and software up to date. Many updates offer protection from recently identified security risks.
• Install the most up-to-date antivirus and antispyware programs on all devices and maintain software updates.
• Frequently back up your data in case of ransomware attacks. Automatic data back up can often be initiated.
Protect Your Email Accounts
• Delete any email that include financial information beyond the time it’s needed and continuously assess whether you need to store any personal and financial information in an email account.
• Use secure data storage programs to archive critical data and documents.
• Review unsolicited emails carefully. Never click links in unsolicited emails or in pop-up ads, especially those warning that your computer is infected with a virus requesting that you take immediate action.
• Choose a unique password and utilize multi-factor authentication when available.
• Review all emails carefully before clicking on links or attachments.
Protect Your Passwords
• Avoid storing passwords in email folders or un-encrypted files on your computer. Also, consider using a password manager program instead. These programs help generate and manage complicated passwords.
• Never use your Social Security number in any part of your login activity.
• Regularly reset passwords and avoid using a single password across multiple sites.
• Utilize multi-factor authentication, especially for financial and email accounts.
Safeguard Your Financial Accounts
• Consider contacting the three major credit bureaus to add a “security freeze” and prevent new accounts being opened in your name. Contact numbers are: Equifax®: 800-685-1111 Experian®: 888-397-3742 Transunion®: 888-909-8872
• Consider locking down personal credit reports with Experian®, TransUnion®, and Equifax®. Consider proactively enrolling in an identity theft protection service to protect personal data.
• Review all your credit card and financial statements as soon as they arrive or become available online. If any transaction looks suspicious, immediately contact the financial institution where the account is held.
• Never send account information or personally identifiable information over email, chat, or any other unsecured channel.
• ALWAYS USE AN ENCRYPTED ATTACHMENT if you opt to send any personal or sensitive financial information by email.
• Suspiciously review any unsolicited email requesting personal information and never respond to an information request by clicking a link in an email. If you wish to respond to an unsolicited email, type the website’s URL into the browser yourself.
• Avoid developing any online patterns of money movement, such as wires, that cyber criminals could replicate to make money movement patterns appear more legitimate.
Surf the Web Safely
Exercise caution when connecting to the internet via unsecured or unknown wireless networks, such as those in public locations. These networks may lack virus protection, are highly susceptible to attacks, and should never be used to access confidential personal data directly, without the proper protection of a secure VPN connection.