‘Toto, I've a feeling we're not in Kansas anymore.’
The Wizard Of OZ Tweet
We are in a new digital age. While there are huge positives to a world of connectivity and information, there are also potential risks if we’re not careful. Each year, millions of people fall victim to cybercrime. The good news is that there are simple steps to enhance financial security.
Over the past 3 months I know of two people that have fallen for some cyber scams.
While the following list is not fully comprehensive, we believe it can help reduce your chances of becoming a target. Even if you are not technically inclined, awareness of potential threats is a great place to start.
1. Email Safety
Cybercriminals often use emails that look like they come from trusted sources. These scams attempt to trick you into clicking harmful links or sharing personal details.
Best Practices:
- Avoid clicking on links in emails whenever possible.
- If you receive a clickable link from a company that you do business with, contact the company directly through official channels to verify its legitimacy.
- Create a secret email account just for your financial accounts to be kept private from other institutions and individuals.
2. QR Codes
Similar to dangerous links, are dangerous QR codes. These are convenient codes where you can use your phone’s camera to scan to pull up an app or a website. These can be sent via email or text or could even be stickers that a scammer placed on top of a legitimate code that directs you to a fake website designed to steal your personal information.
Best Practices:
- Avoid scanning unsolicited QR codes whenever possible. There is usually more than one way to get to the source you are trying to get to.
3. Strong Passwords & Password Managers
Weak passwords are one of the easiest ways for cybercriminals to break into accounts. Millions of people still use simple, easy-to-guess passwords like “123456” or “password.”
The other side of that coin is – Creating strong passwords and managing them securely makes it much more difficult for hackers to exploit. One of the best ways to accomplish this is to use a mix of letters, numbers, and symbols for passwords.
Best Practices:
- Mnemonic strategies allow us to create passwords that are unique, easy to remember, and difficult to crack. An example of how to do this is to pick a short phrase, then replace some of the letters with numbers that look similar. Instead of a simple password like CoffeeTable1, you can replace that with: C0f33T@8l3 (Zero replaces ‘O’, 3 replaces ‘E’, @ replaces ‘A’, and 8 replaces ‘B’.
- If manually creating passwords is not to your liking, password managers can store and generate strong, unique passwords for each account. ‘Google chrome’ offers a password manager that does the work for you.
4. Two-Factor Authentication
Two-factor authentication adds an extra layer of security by requiring a second step—such as a text message code or fingerprint—when logging in to your accounts.
Best Practice:
- Enable two-factor authentication on sensitive accounts such as email, banking, and investment accounts to create an extra layer of security.
5. Protecting against Phone Scams
Smartphones contain sensitive information, making them prime targets for nefarious actors. Beyond the physical threat of a stolen or hacked device though, is a new scam where someone may call with an emergency. They fake a scenario to illicit an emotional response, which sometimes can put you in a panic, or disarm logical thinking.
This can manifest in a few different ways. They call pretending to be:
- The police calling about an investigation, asking you to reveal information.
- The IRS calling about a past due tax that you owe.
- A family member in distress (They may say, ‘it’s your granddaughter’ without specifying the name).
- I had a voicemail. It was Google supposedly saying something was wrong with our listing and to call them back.
Best Practices:
- Set up a lock screen (PIN, password, fingerprint, or face recognition).
- Don’t type in your PIN into your phone while a stranger is standing close to you.
- Enable the ‘Locate My Device’ feature to track or wipe it remotely if lost or stolen.
- If someone calls claiming to be the police, request their full name and badge number. If they don’t give it to you, hang up. If they do give it to you, write it down, and tell them you will call them back. Go to your computer and search the name and badge number. If no officer pulls up online by the name provided on the phone, it was likely a scam. If an officer does pull up online, call their precinct, ask if there is a specific case the officer is working on related to the phone call. If there is no case, then report the details to that precinct.
- If someone calls claiming to be the IRS, this is probably not legitimate (They hardly ever call). If it is legitimate, it usually would be preceded by several pieces of physical mail. Still proceed with caution even if you received mail from them ahead of time.
- If someone calls claiming to be a family member in trouble, don’t share anything about your family member, your family, your location, or financial information during this call. Ask them to state their full name. And ask them to provide a piece of info that only your family member they are claiming to be would know. If you are still suspicious that it might not be them, end the call, and try calling the same number back. If a different person answers, ask them if they know anything about the call. (It is likely that the # that showed up on your phone was not the real # that the scammer was calling from).
6. Social Media: Limit What You Share
Sharing too much on social media can expose you to identity theft. Scammers can use details like your birthday, location, and posts you write to impersonate you or guess security questions.
Best Practices:
- Keep personal details private.
- Regularly review privacy settings to track what information others can see.
7. Monitor Financial Transactions
Your bank, credit card, and investment firm should have standard tools and protocols in place to monitor your transaction history and to safeguard against fraud.
Best Practices:
- Regularly check statements for unauthorized activity.
- Set up account alerts for suspicious activity.
- If you notice anything unusual, communicate with the institution through the usual communication channels
- I would highly consider placing a security freeze on your credit. You contact the three main agencies and place a freeze. When you want to unfreeze, you can choose how long the freeze will be removed.
8. ATM Safety: Stay Alert
ATMs have a few potential risks. A relatively new threat is ‘skimmers’ which are devices thieves use to steal card information. They attach them to ATM card readers and can be difficult to spot.
Best Practices:
- Use ATMs located inside banks, ideally during the day, or well-lit areas if at night.
- Bring a family member or friend when dealing with larger amounts.
- If your bank requires your card to open the door, then close the door behind you and don’t hold the door for the next person.
- Avoid ATMs at gas stations, malls, or grocery stores if possible.
- Scan the area for suspicious people before approaching the ATM.
- Check for anything that looks unusual near or on the card reader before inserting your card.
- If making a cash deposit, prepare the cash in an envelope at home. (You don’t want anyone nearby to see how much cash you have on your person).
Form to download checklist for Am I At Risk Of Having My Identity Stolen Or Being A Victim Of Fraud?
Final Thoughts: Taking Control of Your Financial Security
The digital landscape is ever evolving, and new fraudulent manipulation techniques are regularly being attempted.
If you’ve been a victim of fraud or identity theft in the past, we hope that it was relatively minor with an easy resolution. We know that an attack like this can bring a whirlwind of negative thoughts and emotions. We ask that you don’t be too hard on yourself during this difficult time.
We encourage you to take it as a lesson and move forward with the commitment to a higher level of awareness and vigilance to prevent potential future threats from escalating. If you are ever uncertain about a financial decision whether past, present, or future, reach out to your Financial Advisor to seek guidance. They may have experience on the issue you are facing and may have some guidance that can protect you.
- For those of you who are looking for the next levels of security, please see the attached document.
- And there are several sites that attempt to stay up-to-date with modern scams. One of them is : https://www.fdic.gov/consumer-resource-center/2021-10/avoiding-scams-and-scammers
On The Lighter Side
Elliott is having his first test in each of his five classes this week. Hope he does well. He gets stressed around this time, which is understandable.
I attended the Future Proof conference in Huntington Beach, CA. There were many financial advisors, firm owners, and vendors that provide technology to help us help…well…YOU.
I am always trying to see what is out there that can be useful, learning best practices, and getting continuing education.
See some photos below: