Last month, a widespread ransomware attack, known as WannaCry, rapidly affected numerous organizations across over one hundred countries. As cyber threats continue to evolve, we must work together to ensure these criminals can’t access your personal data or accounts. Here are 5 protective measures you can take to avoid becoming a victim.
1. Keep your equipment up to date
Install the most up-to-date antivirus and anti-spyware software on all your devices that connect to the internet. Next, set each device to run regular scans to update your software. This includes updating your operating system and installing the latest security patch. In fact, the WannaCry virus targets computers using unsupported versions of Windows. If you’re running an older operating system, Microsoft recently issued an update in response to WannaCry.
2. Be strategic with passwords and security questions
An analysis in Security magazine earlier this year found that out of 10 million stolen passwords, the most common password was “123456.” A strong password should be at least eight characters long and use a combination of lower-case letters, upper-case letters, numbers, and symbols. Avoid dictionary words and personal information such as your name and address.
You should have a separate password for each account, and change passwords frequently. Consider using a password manager, a program that generates strong, unique passwords that you control through a single master password. Also, configure your online accounts with two-factor authentication whenever available. It may take a few seconds, but it can save you a good amount of money and time in the long-run.
3. Think before you click
One of the most common ways cybercriminals steal your personal information is by pretending to be a trustworthy source, such as your financial institution, and sending you an email that instructs you to click on a link to take action (e.g., “validate your account” “confirm your identity”). The link may also take you to a website requiring you to enter your personal information. In fact, over 70% of cyberattacks work this way.
To protect yourself, never click on a link in an email before you hover over it to reveal its true destination. Do not download suspicious looking attachments. If an email is questionable, contact the sender directly. Nearly all financial institutions, including our brokers, use secure websites that start with https, not http. Also, don’t click on websites you don’t know or on pop-up ads or banners.
4. Safeguard email accounts
Cautiously evaluate the risk versus convenience of transferring your confidential information by email. In other words, do not send sensitive information over email unless the email is encrypted. We offer our clients a secure portal for submitting documents back to us, please take advantage of it. We also send private and sensitive data to you encrypted. Besides encrypting documents with sensitive information, you may also want to create separate email accounts specifically for your financial transactions. Periodically go back and delete all emails that include your financial information.
5. Protect your money
Review your financial statements as soon as they are available. Notify your financial institution immediately if you see suspicious activity. Early notification not only can stop the thief, but may limit your financial liability. Help us protect your information and assets by following our guidelines for identification verification and procedures for transferring funds. As an added layer of protection, we will always obtain verbal confirmation from you before fulfilling any trade requests, money movements or sending statements.
Protect your Social Security Number (SSN). Your SSN is the key to a whole world of personal information. Do not carry your card in your wallet and never provide your number online unless you are on a secure IRS or Social Security Administration website.
Equipped with this information, you’ll be better prepared to defend against the next cyberattack.