
Cyberfraud is a serious threat, and constant vigilance is key. While we play an important role in helping protect your assets, you can also take action to protect yourself and help secure your information. This checklist summarizes common cyberfraud tactics, along with tips and best practices. Many suggestions may be things you’re doing now, while others may be new. Below, we also cover actions to take if you suspect that your personal information has been compromised. If you have questions, we’re here to help.
Cyber criminals exploit our increasing reliance on technology. Methods used to compromise a victim’s identity or login credentials – such as malware, phishing, and social engineering – are increasingly sophisticated and difficult to spot. A fraudster’s goal is to obtain information to access your account and assets or sell your information for this purpose. Fortunately, criminals often take the path of least resistance. Following best practices and applying caution when sharing information or executing transactions makes a big difference.
How we can work together to protect your information and assets
Adhere to safe practices when communicating with our firm:
- Keep us informed regarding changes to your personal information.
- Expect us to call you to confirm transfers to third parties.
- Share sensitive documents with each other using encryption via Citrix ShareFile.
Follow general best practices:
- Be suspicious of unexpected or unsolicited phone calls, emails, and texts asking you to send money or disclose personal information. If you receive a suspicious call, do not accept it. Instead, hang up and call back using a known contact number.
- Be cautious when sharing sensitive information and conducting personal or confidential business via email, since it can be compromised and used to facilitate identity theft.
- Do not disclose personal or sensitive information on social media sites, such as your birthdate, contact information, and mother’s maiden name.
- Be cautious when receiving money movement instructions via email. Call the sender at their known number (not a number provided in the email) to validate all instruction details verbally before following instructions or providing your approval.
- Protect yourself from phishing attempts and malicious links.
- Check your email and account statements regularly for suspicious activity.
- Do not verbally disclose or enter confidential information on a laptop or mobile device in public areas where someone could potentially see, hear, or access your information.
- Verify payment requests you receive by phone or email. Requests asking you to make payments using prepaid debit cards, gift cards, or digital currency are frequently associated with fraud or scams.
Keep your technology up to date:
- Keep your web browser and operating system up to date, and be sure you’re using appropriate security settings. Old software, operating systems, and browsers can be susceptible to attack.
- Install anti-virus software on all computers and mobile devices.
- Do not use free or found USB thumb drives—they could be infected with viruses or malware.
- Turn off Bluetooth when it’s not needed to protect against individuals gaining access to your devices using Bluetooth connections.
- Safely and securely dispose of old hardware.
Be cautious with public networks:
- Avoid using public computers. If you must use one, go to the browser settings and clear the browser history (cache) and cookies when you’re finished. Do not conduct financial transactions or visit bank or credit card websites on a public computer.
- Only use wireless networks you trust or that are protected with a secure password.
- Use your cell phone’s Wi-Fi hotspot feature instead of public Wi-Fi. If you are connected to public Wi-Fi, do not accept software updates.
Be strategic with your login credentials and passwords:
- Do not use personal information such as your Social Security number or birthday as part of your login ID.
- Create a unique password for each financial institution you do business. Each password should be a minimum of eight characters long and contain a combination of characters, numbers, and symbols.
- Do not share your passwords.
- Use two-step verification whenever possible.
Be sure you’re on a secure website:
- Check the URL to see if it’s a secure connection. Secure sites begin with https (usually with a lock symbol in front of it) rather than http, and are generally considered safer.
- Download apps only from the Google Play™ Store or the Apple App Store®.
- Do not visit websites you don’t know—for example, websites advertised on pop-up ads and banners.
- Log out completely to terminate access when you’ve completed a secure session, such as with online banking or a credit card payment.
Beware of phishing:
- Do not click on links or attachments in emails and text messages if you question the validity of the sender. Instead, type the real web address in your browser.
- Hover over questionable links to reveal the site’s full URL and see where the link really goes. Do not click on links that don’t match the sender or don’t match what you expect to see.
- Be suspicious of emails that have grayed-out Cc: and To: lines—they may have been sent to a mass distribution list.
- Check the sender’s domain name in the email address (john.doe@westmount.com) to see if it matches what you would expect to see.
- Activate the spam filters in your email settings tab. This will help prevent unsolicited emails from coming to your inbox.
What to do if you suspect a breach
If you have questions about an email from either Westmount or your custodian, contact an advisor or email us at info@westmount.com.
More Quarter Notes
Market Insights: It’s All About the Earnings
Year-End Planning Amid Tax Law Uncertainty: What Should You Do Now?
Westmount is a Top Independent Financial Advisor for 2021
Jim Berliner Named a Leader of Influence for 2021
Adding New Talent to Our Team