Aug 12, 2022 Cybersecurity 101 – 2022 Update
Cybercrime has been on the rise. According to the Identity Theft Resource Center 2021 Annual Report, “The overall number of data compromises (1,862) is up 68 percent over 2020; the new record number of data compromises is 23 percent over the previous all-time high (1,506)”. The risk of identity theft or your personal data being compromised continues to be a real threat, and it’s important for you to be prepared.
We are extremely committed to protecting your personal and financial data. We have robust software security systems in place and test them regularly. In addition, we have specific policies and procedures to protect your personal information from getting into the wrong hands.
However, you also play a very important role in keeping your financial information safe. Many criminals are moving away from corporations to the end consumer because that is often where the biggest vulnerabilities can be found. Here are some simple things you can do to protect your information.
Keep Your Computer and Phone Secure
- Install antivirus, antispyware software and a firewall on your computer(s). Make sure that they are enabled and that they update automatically.
- Keep the operating system and apps on all your devices up to date.
- Enable pop-up blockers on your browser. You can get them on your phone as well.
- Use a password manager to generate and store strong passwords. It is strongly encouraged to not write your passwords down. Programs like LastPass, Dashlane and 1Password help create unique, complex, and randomly generated passwords and store these passwords in a single encrypted location accessible with a master password.
- Use strong passwords (12 characters minimum, 16 or more for financial accounts). Some complexity (a mix of upper/lowercase, some digits, some special characters) is good, but longer is stronger.
- Do not reuse passwords across accounts. A data breach of one service will expose the password you are using across other services.
- Make sure your phone has a password. It limits access to your device and encrypts your data.
- Use two-factor authentication wherever possible.
- When disposing of a mobile device, follow instructions from your service provider on how to transfer then delete information, then shred your old SIM card using scissors, damaging the bronze foil area of the chip, where the data is stored, as much as possible.
- Use a wipe utility program to overwrite hard drives before disposing of computers.
Most attacks start with phishing emails
Targeted phishing attacks are the result of extensive research and reconnaissance. The emails will look very plausible and convincing because the potential prize is very large. Malicious links and attachments can collect your login credentials or install malware or ransomware.
- Avoid phishing emails, texts or calls that appear to be from companies you know and trust, go directly to their websites instead.
- Don’t open attachments in emails unless you know who sent it and what it is, even if the email looks like it’s coming from someone you know. If you’re not expecting the communication, consider reaching out directly to the sender.
- Do not accept wire instructions via email. Call the financial institution directly for instructions. (We will never send withdrawal or wire instructions via e-mail and we will confirm all withdrawals and deposits via phone or in person).
- Download and install software only from websites you know and trust
- Hover on links to see where they’re pointing to before you click.
- Educate family members about the risks of phishing attacks.
Protect access to your email accounts
Your email address is used everywhere as part of your login to various accounts. It is very valuable to attackers. With access to your email account, attackers can spy on you, take control of other accounts or phish your contacts.
- Use a strong, unique password on each of your email accounts.
- Use two-factor authentication.
- Use separate email accounts for different purposes.
Protect your privacy and personal data
Personal data can be used to impersonate you convincingly to financial institutions, service providers or mobile network providers to gain access to your accounts. Personal data can also be used to impersonate you fraudulently to would-be business partners, as your identity is used to exploit your reputation.
- Email is not secure so avoid sending sensitive information over email (i.e. financial statements, tax documents, etc).
- Monitor your credit by taking advantage or your free annual credit report from each of the national credit bureaus: Equifax, Experian and TransUnion. Visit annualcreditreport.com to order your free report. https://www.annualcreditreport.com/index.action
- Keep old tax returns and tax records under lock and key or encrypted if electronic.
- Shred receipts, credit offers, credit applications, insurance forms, physician statements, checks, financial statements, expired credit cards and similar documents.
- Do not overshare personal information on social media. Information about past addresses, a new car, a new home and your children help identity thieves pose as you.
- Don’t routinely carry your or any dependents’ Social Security card or documents with SSN.
- Also, never give your SSN or other personal information to strangers that contact you by phone, email or postal mail.
- Request a credit freeze (from U.S. credit agencies) to prevent access to your personal and credit-related data. Put a credit freeze on family members. Securely store the PIN you’ll need to unlock the credit freeze.
- Don’t use public Wi-Fi (hotels, restaurants/cafes, clubs, etc.). Instead, use the cellular data network or use a virtual private network (VPN) app to connect to a Wi-Fi network. It’s very easy to eavesdrop on Wi-Fi data traffic and collect account login credentials, webpage URLs, searches and other personal information.
- Delete apps you don’t use. They are only collecting your data.
- Pay attention to apps and their permissions. They are “free” for a reason… you’re paying with your privacy.
- Turn off your services and connections on your phone when you are not using them.
- Give personal information only over encrypted websites – look for “https” addresses. (Email is not encrypted).
- Back up important data regularly to recover from ransomware attacks.
- Keep the operating system and apps on all your devices up to date.
- Check your credit report annually; check your bank and credit card statements often.
- Review your Social Security Administration records annually: Sign up for My Social Security at www.ssa.gov.
Leonard Rickey Investment Advisors, PLLC (“LRIA”), is an SEC registered investment adviser located in the State of Washington. Registration does not imply a certain level of skill or training. For information pertaining to the registration status of LRIA, please contact LRIA or refer to the Investment Adviser Public Disclosure website (www.adviserinfo.sec.gov).
This is provided for general information only and contains information that is not suitable for everyone. As such, nothing herein should be construed as the provision of specific investment advice or recommendations for any individual. To determine which investments may be appropriate for you, consult your financial advisor prior to investing. There is no guarantee that the views and opinions expressed herein will come to pass. This newsletter contains information derived from third party sources. Although we believe these third-party sources to be reliable, we make no representations as to the accuracy or completeness of any information prepared by any unaffiliated third party incorporated herein and take no responsibility therefore.
Any projections, forecasts and estimates, including without limitation any statement using “expect” or “believe” or any variation of either term or a similar term, contained here are forward-looking statements and are based upon certain current assumptions, beliefs and expectations that LRIA considers reasonable or that the applicable third parties have identified as such. Forward-looking statements are necessarily speculative in nature, and it can be expected that some or all of the assumptions or beliefs underlying the forward-looking statements will not materialize or will vary significantly from actual results or outcomes. Some important factors that could cause actual results or outcomes to differ materially from those in any forward-looking statements include, among others, changes in interest rates and general economic conditions in the U.S. and globally, changes in the liquidity available in the market, change and volatility in the value of the U.S. dollar, market volatility and distressed credit markets, and other market, financial or legal uncertainties. Consequently, the inclusion of forward-looking statements herein should not be regarded as a representation by LRIA or any other person or entity of the outcomes or results that will be achieved by following any recommendations contained herein. While the forward-looking statements here reflect estimates, expectations and beliefs, they are not guarantees of future performance or outcomes. LRIA has no obligation to update or otherwise revise any forward-looking statements, including any revisions to reflect changes in economic conditions or other circumstances arising after the date hereof or to reflect the occurrence of events (whether anticipated or unanticipated), even if the underlying assumptions do not come to fruition. Opinions expressed herein are subject to change without notice and do not necessarily take into account the particular investment objectives, financial situations, or particular needs of all investors.
For additional information about LRIA, including fees and services, please contact us for our Form ADV disclosure brochure using our contact information herein. Please read the disclosure brochure carefully before you invest or send money.