By Steve Pisano, AIF®
Whether it’s a data breach at Equifax or Yahoo or your elderly neighbor falling prey to a phishing scam, it’s hard to feel safe in the virtual world that we have created for ourselves. From centuries of experience we learned to lock our doors at night and stay aware when walking through the woods alone, but cybersecurity is new to many of us. Our parents and grandparents ingrained in us that we are not to talk to strangers as children, but there is no age-old wisdom being passed down regarding the internet.
This is new, uncharted territory, so even though the risks are starting to become well known, many people are still unsure of what to do about it. How do you protect yourself, your personal information, and your family online? Today I’d like to give you some tips and tricks that will help you be and feel safer in our cyber world.
Passwords: Your First Line Of Defense
Your first line of defense online is passwords. Your passwords are the gates between criminals and things like your financial accounts, so you want them to be as strong as possible. For passwords, strength comes from complexity. Aim to use a mix of upper- and lowercase letters, special characters, and numbers. To make them easier to remember, choose a phrase or acronym that you created yourself.
In addition to strong passwords, you want to make sure you have separate passwords. Don’t use the same one, or a simple variation of the same one, for multiple accounts. Also, avoid using your name, government ID numbers, address, or other personal information that can be easily found, such as the names of your children or pets.
Even if you have a strong password, it is good practice to change it 3-4 times a year. Don’t store your passwords somewhere they can easily be found (like a sticky note on your computer!), and, by all means, don’t disclose them to anyone! When offered, add a second barrier to entry in addition to your password with two-factor authentication.
Public Wi-Fi: Convenient But Dangerous
A public Wi-Fi network is inherently less secure than your personal, private one because you don't know who set it up or who else is connecting to it. Because of this, you should avoid using public Wi-Fi for banking and shopping transactions or to send private information. If you are away from home and need to access secure information, it is better to use your smartphone as a hotspot instead.
Home Router: Keep It Private
Your home internet connection is more secure than public Wi-Fi because it is private, so you need to keep it that way. You should password protect your home router so that only approved people can access it. Make sure to practice good password habits like those mentioned above when doing so.
You should change the router’s default settings, including the password and name or SSID. As an extra precaution, you should also stop your router from publically broadcasting its name or SSID.
Software: Keep It Current
No software is perfect when it is originally created, which is why you constantly receive software update notifications. While you may be tempted to select the “update later” button, software updates are very important. Software is updated as security weaknesses are discovered. Failure to update your software leaves you vulnerable to those weaknesses.
Cybercriminals frequently use known exploits, or flaws, in your software to gain access to your system. Regularly updating your software can prevent this from happening. This is especially important with your operating systems and internet security software. Installing security and anti-virus updates can make it less likely that you’ll become a cybercrime target.
You: Be Wise
They say that a chain is only as strong as its weakest link. The best password and the most secure technology are useless if you give your information away unwittingly. Now, no one would do this on purpose, but many people fall victim to phishing and social engineering every day.
Criminals will search the news and social media for information about you that they can use to trick you, your family, and your friends. Phishing attempts can take many forms, but be wary of attachments you didn’t ask for or don’t expect, directives to change your password, or payment instructions. If you unexpectedly receive an email with a link or attachment, even from someone you know, contact the sender to verify its authenticity before opening the attachment or clicking on the link. Never give out passwords over the phone and always confirm the identity of unknown callers. A simple guideline to follow, if you are not expecting an email and there is a call to action (e.g. click this link or download this attachment) more likely than not you are being phished.
Pay attention to URLs. Malicious websites are designed to look like real ones, but the URL may use a spelling variation or different domain (e.g., .net when it should say .com). Also, learn to recognize the warning signs of fraudulent email. Watch for poor grammar, misspelled words, overuse of capital letters, urgent or threatening language, and sender names or addresses that are vague and incorrect.
Finally, when in doubt, ask. The world of cybersecurity is new to all of us, so you don’t have to feel embarrassed if you are unsure of something. As they say, it’s better to be safe than sorry. If you receive an email or phone call regarding one of your bank or investment accounts or your taxes, feel free to double-check with us before you respond. It is Massey Quick Simon’s mission to protect and grow your family’s financial future and that doesn’t stop at our office door. If you have questions about the security of your online accounts or how we can help you with your family’s finances, call us at 973-525-1000 or email Info@mqsadvisors.com.
Steve Pisano is a director and principal at Massey Quick Simon with more than 13 years of industry experience. Mr. Pisano has been a career long Compliance professional is passionate about protecting the cyber information of the firm and our clients. Steve regularly attends industry seminars to stay up to date with industry best practices. He also works with the firm’s outside experts in information technology and cybersecurity to ensure our collective data stays safe. Learn more about Steve by connecting with him on LinkedIn.