Return to Insights

How to guard against financial fraud

01.28.19
  • SHARE

Even if you don’t hear about it on a daily basis, cybercrime is on the rise and affects millions of individuals every year. Individuals with a high net worth are prime targets for financial fraud, especially if they’re not careful to create additional levels of security for their personal financial information.

While affluent individuals have more to lose financially, they are also much more interconnected — with access to many financial accounts from multiple financial organizations. Trust accounts and investment accounts are incredibly attractive to hackers, as the network of support staff required to manage an individual’s wealth makes them more vulnerable to phishing and social engineering attacks. Additionally, individuals with access to this level of wealth are less likely to report a crime due to the potential reputation damage involved, which increases their attractiveness as a target for criminals. For all these reasons and many more, it is critically important that you maintain a proactive security posture when it comes to protecting your financial information.

Damages from Identity Theft

Identity fraud cost Americans $16 billion in 2016 alone, a cost which impacted 15.4 million individuals. This doesn’t include damages to corporations or the soft costs of identity theft such as loss of reputation or ongoing sales. While using online banking is much safer than traditional banking, the ongoing dependence on digital platforms for the storage of sensitive financial data is a contributing factor to the continued growth of this type of cybercrime. Thieves often attempt to gain your user ID and password information for financial accounts or via malware that’s been injected into your computer. The good news is there are ways that you can protect yourself from this type of loss. These tips start with changing your password and go far beyond the basics to provide you with actionable recommendations that will enhance your personal financial security.

Passwords

You may have heard that creating a secure password is one of the easiest ways to reduce the possibility of online theft, and it’s true. However, a truly secure set of passwords can be difficult to maintain as experts recommend that you never use the same password twice; that all passwords should include letters, numbers and symbols; and that you don’t duplicate PIN numbers for quick access to funds.

Here are a few tips for creating secure passwords:

DO:
  • Pick a password that you can remember so you don’t have to write it down.
  • Change your password at least every three months.
  • Use special characters or numbers in place of letters.
  • Use creative abbreviations.
DON’T:
  • Keep your passwords on a piece of paper.
  • Use your email, username or name as part of your password.
  • Use your child’s name, birth date, anniversary, spouse’s name or vehicle.
  • Use sequential numbers (456789) or letters (ghijkl) in your password.
  • Use obvious dictionary words and combinations of dictionary words. Any word on its own is bad. Any combination of a few words, especially if they're obvious, is also bad. For example, "house" is a terrible password. "Red house" is also very bad. A digital password storage tool, such as LastPass or Keeper, is an effective option for managing all your passwords. All you need to do is remember one master password and the tool remembers all the rest of them.

Email

There are recent horror stories of employees receiving an email from their CFO and wiring funds overseas – directly into the hands of the cybercriminal who sent the phishing email. Phishing is the attempt to acquire sensitive information such as usernames, passwords and financial information (and sometimes, indirectly, money) by masquerading as a trustworthy entity – oftentimes in an email. The cybercriminal is using “bait” to try and catch a “fish.” Phishing emails are becoming much more discrete and savvy than they have been in the past. Hackers are able to mask their email addresses, alias URLs and generally hide their attacks behind a veil of legitimacy. Here are some best practices for protecting yourself against phishing emails:

  • Look for obvious misspellings, poor grammar, and urgent or threatening language.
  • On a desktop or laptop, hover over the link before clicking to be sure the link goes where you expect it to go.
  • Never click a link in an email and enter personal information on the landing page.
  • Note that financial institutions will not ask you to submit personal financial information via email.
  • Do not open email attachments from senders you don’t know.
  • If in doubt, don't click.

Browsing the Internet

While the internet is filled with helpful information, it also exposes you to risky websites. Clicking a link in a Google or Bing ad may take you somewhere other than where you were expecting to go. When you log into a website, always check for the “Secure” icon that shows your browsing is being protected. You can easily tell whether a site is secure by looking for “https” instead of “http” in the address bar. Using a personal firewall and strong anti-virus software are also important safeguards when you’re surfing the web. Many computers come with a program now, but if you don’t have one yet, check out some of the more secure personal anti-virus software providers: McAfee Total Protection, Symantec Norton Deluxe, Kapersky Internet Security and Trend Micro Maximum Security. Also keep pop-ups and ads blocked and never respond to pop-ups

Using Public WiFi

Sure, your favorite restaurant offers free WiFi, but does that mean you should be using it to log in to your online banking account? Probably not, as this unsecured access to the internet can easily be monitored by others. Never use public WiFi for banking, shopping transactions or accessing sensitive information. Public hotspots reduce their overall security to make it easier for a broad range of consumers to access the internet using their technology. While this improves the overall customer experience, it does greatly reduce the overall security of the connection to dangerous levels. Be sure you always fully disconnect from public WiFi before logging in to your financial accounts.

Home Wireless Networks

Your home wireless network is a fantastic convenience, allowing you quick and easy access to a secure internet connection at any time and in any room. While many people set up a wireless router and then forget about it, it’s important that this access device has appropriate security settings to protect your family’s personal information. Simple steps such as changing the default name of your WiFi router and setting a strong and unique password go a long way towards preventing others from attacking your network.

Mobile Security

Protecting your mobile device may not be as simple and straightforward as you think. Even your mobile carrier’s data connections may not offer the level of security that you need to access financial information. Follow these tips to protect yourself:

  • Keep your device fully password protected and locked. Use any and all biological options for locking your device, such as facial or fingerprint recognition.
  • Disable the automatic connection to public WiFi.
  • Only download trusted apps from iTunes or Google Play.
  • Do not enable password saving when logging into websites.
  • If your phone doesn’t already have one preinstalled, install an anti-virus program from a trusted source. Oftentimes your mobile phone company has one.

Malware

Malware is a broad term that refers to a variety of different nasties that can infect your digital workspaces, including worms, spyware, viruses, keystroke loggers and more. If you notice lots of pop-ups on your computer or have issues with a slow-running system, malware may be to blame. Other indicators that malware may be present include toolbars or icons that you haven’t seen before, websites that take you to an unexpected location or sudden changes to the homepage of your computer. Here are a few malware removal and protection options that can be trusted, according to PC Mag:

  • McAfee LiveSafe
  • Kapersky Internet Security
  • Webroot SecureAnywhere AntiVirus
  • Bitdefender Antivirus Plus

Social Engineering

Social engineering involves someone trying to psychologically manipulate you into providing personal information so they can steal it or get access to your computer. It can occur in email, texts, websites, downloads or phone calls. A recent common scam is an email that looks to be from a relative or friend who needs help and asks you to send money. Other scams are masquerading as a charity looking for donations. So what can you do to protect yourself?

  • Don’t be fooled by messages with a sense of urgency. If a family member truly needed your help in an emergency, they wouldn’t email you. If you’re not sure whether something is real or fake, reach out to the company that the message is “from” and ask if they sent you the message.
  • Delete any messages asking for financial information or passwords. Legitimate companies will not ask for this information.
  • Limit personal information shared because the wrong person could be watching your behavior and whereabouts.

Going Paperless

Using online banking to access your financial information is more secure than relying on paper sent through the mail. Unless you’re incredibly careful, every day you’re tossing out a wealth of personal financial information in the form of bills or statements with your personal history or account numbers and more. Choose online statements, and invest in a personal cross-cut shredder for direct mail you receive at home.

Client Impersonation

Apart from phishing attacks and social engineering, criminals can earn a great deal about a potential affluent target online through a series of simple web searches. These personal details may be used to send asset transfer requests, friend requests or to spoof others into believing that the sender is you. Stay ever vigilant of the particulars of your life that are published online.

Ransomware

Ransomware attacks have grown dramatically in recent years, with cyber criminals using malware to gain access to your computer and lock you out. An attacker takes over your computer and then contacts you, often through email, saying you must pay a sum of money to unlock your computer. Paying the money doesn’t guarantee you’ll get your access and/or data back. In some cases, it may even open you up to future attacks. Stay safe by following these tips:

  • Have a regularly scheduled backup of your personal and professional data to an external drive (that doesn’t show up as a drive on your computer) or backup service. Many computers come with a backup program installed so check your computer.
  • Do not download unknown files with an “.exe” extension. That extension indicates a program is going to run if you download the file.
  • In your computer settings, select “automatic updates” for your programs as many of them are delivering security patches and you don’t want to miss out on them. Protecting your personal financial information online is a challenge, and one that isn’t going to go away in the near future. By using these tips, you can reduce the possibility of an attack, but no one is ever completely safe from zealous cyber criminals. Every step that you take towards a more secure digital posture provides you with an added layer of safety for your important financial assets. More layers make it more difficult for the criminals to get to their target … YOU!