Cyber Savvy: A Continuing Education
Cyberattacks are one of the fastest-growing crimes in the U.S. Throughout the past few years, companies have experienced significant data breaches as fraudsters seek to gain the world’s most valuable currency: data. The network monitoring firm SolarWinds recently underwent a high-profile breach. The attack affected as many as nine government agencies and 100 private companies, scoring access to millions of customer records, credit card and Social Security numbers.1
When it comes to cybersecurity, we must never stop learning — because hackers don’t. They continue to evolve in both technological sophistication and solicitation techniques that prey on common human weakness. The same can be said for grifters trying to swindle your money. When choosing a financial professional or insurance agent, be sure to vet both their credentials and reputation. We treasure client relationships that can last for decades, as trust builds throughout time and we work to strengthen that bond. If you would like recommendations for advice outside our scope, we may be able to provide you with referrals from our professional network.
While cybersecurity is a nationwide issue, it’s up to each of us to be personally vigilant in our interactions both online and offline. Remember that fraudsters often find their way into our lives by impersonating service technicians, salespeople and even law enforcement officers. Always exercise precaution and consider whether you requested their service, ask to see credentials and discern if their questions are appropriate and relevant to their purpose.2
The following are some of the more common or recent examples of cybersecurity risks.
Ransomware — the No. 1 type of cyberattack and a growing concern.3 This type of malware encrypts a victim’s files, so he is unable to access them, then demands ransom money to restore access to his hard drive.
Social Engineering — a term describing manipulation or deception that leads people to divulge confidential information.
Phishing — a common form of social engineering that uses fraudulent messages to trick customers into clicking a link or opening attachments that infect their computers with malware or exposes personal information such as their username and password. Phishing attempts can be in the form of e-mails, text messages and pop-up messages.
Vishing — the voice version of phishing. A fraudster makes telephone calls or leaves voice mail messages saying they are from an organization such as the IRS, your credit card company or financial institution.
Pretexting — the caller asks the victim questions for “verification” purpose to gain access to Social Security numbers, account numbers or other personal information.
Scareware — tricks electronic device users into buying fake antivirus protection or other potentially dangerous software by claiming they are at immediate risk of being hacked.
A 2021 Verizon Data Breach Investigations Report found that 61% of U.S. security breaches involved stolen credentials. One way to protect yourself from hackers to is choose multi-factor authentication when offered. In this process, once you’ve logged into a secure website with your credentials, the vendor sends an additional access code to your phone or email to verify you are the person who logged in.4
_________________________________________________________________________________
Advisory services offered through B.O.S.S. Retirement Advisors, an SEC Registered Investment Advisory firm. Insurance products and services offered through B.O.S.S. Retirement Solutions. The information contained in this material is given for informational purposes only, and no statement contained herein shall constitute tax, legal or investment advice. The information is not intended to be used as the sole basis for financial decisions, nor should it be construed as advice designed to meet the particular needs of an individual’s situation. You should seek advice on legal and tax questions from an independent attorney or tax advisor. Our firm is not affiliated with the U.S. government or any governmental agency. Please note that we are unable to accept any trade requests via email, voice message or text.
1 Nicolas Dupont. Forbes. June 3, 2021. “Why America Needs A Comprehensive Data Protection Strategy.” https://www.forbes.com/sites/forbestechcouncil/2021/06/03/why-america-needs-a-comprehensive-data-protection-strategy/?sh=604b6a7e6d4f. Accessed July 23, 2021.
2 T. Rowe Price. Summer 2021. “Protect Yourself from Cyberfraud.” https://www.troweprice.com/content/dam/iinvestor/planning-and-research/Insights/investor-magazine.pdf. Accessed June 23, 2021.
3 Raymond James. 2021. “How Cyber Savvy Are You?” https://www.raymondjames.com/commentary-and-insights/retirement-longevity/2021/05/12/how-cyber-savvy-are-you. Accessed July 23, 2021.
4 Darragh Murphy. Laptop Magazine. May 30, 2021. “PSA: Stop using your phone number for two-factor authentication — here’s why.” https://www.laptopmag.com/features/stop-using-your-phone-number-for-two-factor-authentication. Accessed July 23, 2021.
Ready to Take The Next Step?
For more information about any of the products and services listed here, schedule a meeting today or register to attend a seminar.