By Shane Cummings, CFP®, AIF®, Wealth Advisor & Director of Technology/Cybersecurity
Key Cybersecurity Threats and How to Stay Protected
Cyber threats are rapidly evolving – and cybersecurity is a critical concern both for individuals and organizations. As cyber threats continue to grow in sophistication and frequency, it’s essential for you to stay informed and proactive in safeguarding your information and assets.
New AI-based tools will make it more challenging to spot emails and messages from bad actors, as they won’t contain the telltale signs of the past, such as spelling errors, poor grammar, or sloppy editing. We may even have to contend with AI cloning voices or images to impersonate people and gain access to their accounts.
While threats are changing constantly, here are some current areas that people and businesses should be particularly focused on to help protect themselves against cyber threats.
Email as a Cyber Threat
Email remains a primary vector for cyber attacks. This includes phishing, malware distribution, and business email compromise. Learning to recognize phishing emails and avoiding common traps is key for today’s investors. Hackers are becoming very adept at designing emails that LOOK like they’re coming from a bank or financial institution you work with, and attempting to have you input your login credentials so they can harvest those and get access to your accounts.
Utilizing the email filtering tools at your disposal, such as those provided by Apple or Google (among others), is important to help remove potential threats from your inbox. But spam filters are imperfect. You should carefully scrutinize and think through before responding to any email that’s requesting something from you, even if “only” an “innocent” click.
Password Security Best Practices
Strong passwords are a fundamental aspect of cybersecurity. It’s important to discipline yourself to create long, unique passwords, using password managers to keep track of them. Best practices include avoiding common passwords, regularly updating your passwords, and enabling two-factor authentication (MFA).
A strong password manager can help you create strong passwords and store them for you, so they can be accessed across different mobile devices and computers. Many password managers also offer dark web scanning, to let you know if a stored credential may potentially have been leaked by a hacked website or database.
Fraud in Money Movement and Fund Disbursement
Fraud related to money movement and fund disbursement is a growing concern. We are seeing more brazen attempts by hackers to break into client accounts and withdraw funds before being detected. Hackers will take advantage of poor account security (such as using a Social Security number as a username, a breached password, or an un-configured MFA) to log into a client’s financial institution, link a bank account, and begin draining funds from the account before being detected.
Protecting Senior and Vulnerable Investors from Cyber Threats
Vulnerable investors are often targeted by fraudsters. Cyber criminals are targeting seniors more and more, for example, because they are often less well-versed and comfortable with technology and may be less likely to detect bad actors. If critical circumstances arise, investors should establish trusted contacts who can help advise them – or work with a trusted third party to prevent hacking attempts. For those of you concerned about vulnerable family members or friends, this is especially critical. One thing to consider would be having a power of attorney created to allow a trusted family member to act on financial matters if the account owner is unable to.
Proactive Cybersecurity Measures
Proactive cybersecurity involves anticipating and mitigating threats before they occur. One key imperative is applying security patches or updates released by your device manufacturers. In addition, Apple, Google and many other software producers frequently release software updates to squash vulnerabilities. As mundane as these may seem, they are vital to your security.
Likewise, you should perform periodic audits of your smart device’s privacy settings. This is becoming increasingly important to prevent unwanted tracking or leaking of personal data from your apps. By default, most devices and social media sites will sell and share your personal information unless you change the settings to disallow this.
Register for HH’s Cybersecurity Webinar on March 27
We strongly urge you to deepen your knowledge of cybersecurity best practices by joining our webinar on March 27. We’re hosting industry experts to discuss these topics in depth. Please consider taking this proactive step in an effort to help safeguard your family’s assets and personal information. The webinar will be an interactive event, with time included for questions.
For more information and to register, please visit this link or contact us directly at HHTeam@hhga.com.
We look forward to seeing you there!
Disclosure:
Halbert Hargrove Global Advisors, LLC (“HH”) is an SEC registered investment adviser located in Long Beach, California. Registration does not imply a certain level of skill or training. Additional information about HH, including our registration status, fees, and services can be found at www.halberthargrove.com. This blog is provided for informational purposes only and should not be construed as personalized investment advice. It should not be construed as a solicitation to offer personal securities transactions or provide personalized investment advice. The information provided does not constitute any legal, tax or accounting advice. We recommend that you seek the advice of a qualified attorney and accountant. All opinions or views reflect the judgment of the author as of the publication date and are subject to change without notice. All information presented herein is considered to be accurate at the time of writing, but no warranty of accuracy is given and no liability in respect of any error or omission is accepted.
