When we hear headlines about hackers getting into U.S. government networks, we are reminded that there are many bad actors putting a lot of effort into stealing information. This has proven to be very lucrative for criminals and is one reason why cybercrime will continue to be a threat to ordinary people. Identity theft, cyber extortion, and ransomware are getting more advanced and harder to protect against every year. As it becomes more common, the likelihood that we fall victim increases. Criminals often use public crises such as the COVID-19 pandemic or even political uncertainty to prey on fears with offers of help or “services.” Knowing that the criminals are getting smarter and trying harder means we need to be just as diligent. The most effective way to protect ourselves against these attacks is to stay up-to-date on safe practices and to be aware of how others are falling victim. This year we have put together what we believe are some of the more important things that you should do when it comes to keeping your information safe.
BE SMART WITH PASSWORDS
- Never email your passwords to anyone. There is no reason anyone would need your password emailed to them. Not only could it be a hacker looking to steal your password, but there have been reports of hackers intercepting emails and using the information they find to access accounts.
- Add to the security of your password by selecting two-factor authentication when possible. Some websites and apps allow you to add a second level of authentication to ensure it is you that is logging in. They may do this by sending you an email or text with a code each time to you attempt to log in.
- Think about adopting a passphrase. A passphrase is a group of words that makes a long password. An example would be “Our 1 dog loves to jump!”. Not only is it something easy for you to remember but it makes it very hard for hackers to crack. Our short example is 24 characters long!
- Consider using a different password for all logins. If that is not feasible, at the very least, try not to use the same login for retail sites as you do for your email and financial accounts. If a website gets hacked, you do not want them to also know how to access your email and financial accounts.
- Make sure your router at home is password protected. An easy way to record all the activity you do online is to access your Wi-Fi network at home and spy on you. You can make it harder for them by placing a password on your router so that only people with authorized access are able to use your home network.
EMAILS TEND TO BE A WEAK SPOT
- Be skeptical of every email. If an email comes from someone you do not know, do not open any link or attachment. Hackers are even using very generic email addresses that trick people into thinking it is someone you know. Be aware that links and attachments can be dangerous so double check the address and be confident you know who it is from before opening anything.
- Try using the Northstar Portal instead of emails when providing documents with sensitive information. One of the many great features of the portal is the ability to post documents. With the portal being password protected, you can feel confident that your sensitive documents will be received securely.
- Try to avoid putting personal information in the body of your emails. Information like birthdates, maiden names, and addresses can be used to guess security questions.
- Never send account numbers in the body of an email. We usually have that information available to us via our secure programs, so a simple description of the account may be all that is necessary for us to proceed. An example would be to say, “our joint account” or “my IRA”.
THE INTERNET IS UNREGULATED
- Much like your home internet, public Wi-Fi without a password can be dangerous to use. When accessing public Wi-Fi try using a network that is password protected. If that is not available, limit your use and do not check your emails or log into financial accounts.
- Make sure you are fully logging out of websites that you log into. The information is behind a password for a reason. Allowing someone to extend your session would be allowing them to have access to that sensitive information.
- Check if the website you are using starts with “https” and not “http”. The “S” informs you that the site is more secure and that it has an SSL certificate.
- When downloading anything from the internet, know where it is coming from. Make sure the site is one you trust and never open .exe file you did not intend to download.
PHONE CALLS ARE STILL BEING USED TO GET INFORMATION
- Be suspicious of any call asking for money or information. These calls often trick people into thinking they are from the government or a trustworthy company. They will ask for credit card information, gift cards, or personal information to help you “fix” an issue they are talking about. The best thing to do is hang up and call a number you know. If it is a real issue you will be able to get in contact with the correct people easily.
- Always have some type of lock on your phone. A pin number is ok but consider using something more secure like your fingerprint, face recognition, or complex pattern design. Also check the duration of idle time before locking the screen. Having it set too long is not safe and allows for easier access by others.
BE CAREFUL WHEN MOVING MONEY
- Review and verbally confirm all disbursement request details thoroughly before providing your approval, especially when sending funds to another country. Never trust wire instructions received via email.
- Please allow several days to process a funds disbursement – especially a wire transfer – and schedule real estate closings accordingly.
- Whenever possible, utilize Schwab MoneyLink to move money from a brokerage account to one of your checking accounts.
- Expect us to call you to confirm email requests to move money, trade, or change account information.
One of our goals at Northstar is to protect your wealth. Giving you the knowledge to prevent becoming a target supports that goal. Hopefully, this information helps in the ever-changing landscape that is cybersecurity.