Cybersecurity is something all financial advisors need to master in order to maintain a successful, compliant, and secure business. Some financial advisors just buy antivirus and firewall software and then forget about it.
So, would you be surprised if I told you that the most powerful protections require no technical skills and don’t cost a penny?
This week, Wikileaks released a mountain of documents allegedly stolen from the CIA exposing not just the CIA’s cyberespionage power, but also key vulnerabilities in internet-connected devices from smartphones to cars to TVs. Now, many are asking questions about ethical and public policy impacts, but the question our tech team keeps hearing is “How can I protect myself from cyberthreats?”
To many, the word cybersecurity conjures images of genius coders spending barrels of money, speaking fancy jargon, and using mystical systems to ward off “hacks” from other genius coders. Some people just buy antivirus and firewall software and then forget about it. So, would you be surprised if I told you that the most powerful protections require no technical skills and don’t cost a penny?
It’s true! Yes, having up-to-date antivirus and firewall software is important (and necessary!), but all these programs do is build a moat around you. Real moats do no good if you leave the draw-bridge to the castle open for anyone to walk in. Likewise, even the most high-end security software is powerless if you let hackers walk right into your systems. So, here’s three things you can do today to protect yourself:
1. Pick Up the Phone!
Emails can be intercepted. So, an easy first step is to stop writing sensitive info like social security numbers or full account numbers in online messages. If you need to communicate this information, just pick up the phone!
2. Use Good Passwords
If you use weak passwords like Fido1234 or Knicks1, then anyone who learns a few things about you from small talk or social media can guess your logins. Speaking of social media, did you know hackers will pay a premium for your stolen social media passwords? That’s because many people use the same password for everything, so once I know your LinkedIn password, I can login to your American Express, PayPal and Venmo accounts. Use different passwords for different logins, and don’t share them with anyone. (On that note, no legitimate tech support agent will ever ask for your password.)
3. Don't Believe Everything You Read
Remember when Russia hacked the DNC? That all started when a staffer fell victim to a fraudulent email pretending to be from Google. When he clicked the link in the email, he was taken to a fake website pretending to be Google, and by typing his Google password into that website, the Russian hackers were able to use it to leak troves of private conversations to the media. Everything from risotto recipes to confidential strategies were leaked simply because one person fell for one trick. That’s all it takes! So, if you get an email from Google or your bank, don’t click the link; go instead to their website and login as usual to see if there’s anything that needs your attention. These scams happens all the time in our industry, as do another email scam called “social engineering,” where criminals use real information about real clients to impersonate those clients to ask for wire transfers or for more personal information. So, when it comes to email, don’t believe everything you read.