Cybercrime is a multi-billion-dollar industry, and it is growing exponentially. Despite new safeguards and public awareness, the criminals always seem to be one step ahead. Their methods are constantly refined to improve their odds of success. Their goals, however, remain the same: gain access to your information, take over your accounts, and move your money.
The ‘Do’s and Don’ts’ for personal and client cyber security is a very big topic. We probably are all familiar with the essentials. However, career cyber security professionals point out important issues and precautions we may have overlooked.
Our goal is to look at six topics with particular advice that may not be familiar to the reader. The list and comments do not pretend to be complete, but hopefully eye-opening.
- Multiple-factor authentication
Multi-factor authentication is important and easy to employ. Most all financial institutions require multiple-factor authentication today. Many popular online retailers like Amazon use it as well. Dual or multiple-factor authentication is becoming the norm. However, it is not always a user requirement. There is one simple rule to follow: wherever possible, whenever available, be sure to subscribe this feature and use it!
- Multiple Passwords & Password Managers
Unique usernames and passwords for ALL accounts – financial and otherwise – are essential. But how do we remember all that information? It is recommended you NEVER store them in a file on your PC or other device. In addition, do not store them in your web browser (i.e., Chrome, Safari, Firefox, MS Edge), as they are susceptible to malware attacks. Many advise use of a secure password manager. This can be a solution but be certain your password manager is secure and has dual authentication. A safe and free solution is storing them on a separate piece of paper. However, be sure your paper record is kept in a secure place; and don’t lose it or forget where it is!
- Emails
Probably, all of us know not to click on links from unknown email senders. However, cyber criminals are getting more sophisticated in their methods and have learned how to spoof addresses – as well as logos – so they appear to be the real thing. The best rule is don’t take any chances. For all emails, open a separate browser and go to the company’s actual web site, or telephone them directly.
- Mobile Devices
You likely protect your PC with security software, but don’t forget about your mobile devices and tablets. They should all have security software installed. AND be sure you have automatic updates turned on, so you are never without the latest, up-to-date protection. In addition, most mobile carriers offer multi-factor authentication, so be sure you have that enabled for your online carrier account. Similarly, be sure to have a passphrase or PIN registered to prevent criminals from swapping their SIM card for yours or porting your number.
- Social Media
Have you ever considered the amount of personal data that can be gleaned from your – and your family’s – online activity with Facebook, Instagram, Twitter, and social media platforms? Then there are LinkedIn and business networking sites, professional biographies on corporate websites, and even ancestry/genealogy sites. The amount of personal information we openly share is astounding, and cyber criminals are experts at extracting what they need to build a picture of who you are and take the next steps to compromise your security – online and off. Make sure you know what’s out there and protect it!
- Third-Party Personal Data Protection
Some believe personal data protection services are a good addition. Others prefer to keep those with access to their information as limited as possible, and this is another entity that would have such access. If you choose this route, do your research before subscribing. There are many services out there, and we cannot recommend any one provider. With any provider, be certain you are set up with multi-factor authentication, and don’t forget to activate your account alerts.
Cyber criminals are always one step ahead of the game. Their schemes to get your information and gain entry into your digital world, and, ultimately, your financial accounts get more sophisticated every day. They are formidable adversaries, and they do not give up. If they can’t get your ‘stuff’, they will just move onto the next victim, hoping to grab the ‘low-lying fruit’ on the cyber tree. Your goal is to make sure that your fruit is as high as possible and, hopefully, unreachable. Reviewing how you address the six topics we covered can help prevent catastrophes. However, the best security advice remains constant: stay informed, remain alert, and be prepared.
