Just for Women – Follow Up – Cybersecurity

The recent outbreak of the “WannaCry” ransomware confirms the responsibility each of us has to protect our personal information. In today’s world we use technology for photos, communication, transactions, and learning. Unfortunately, criminals are getting more sophisticated in their efforts to defraud us.

Stephen Olsen, FBI Special Agent, warned us to be vigilant in the use of electronic devices and gave us many tips to follow:

• Back up your data regularly on another drive. Then unplug the drive. If your backup drive is plugged in then it will be compromised along with your computer.

• Opening an email should be safe. However, links and attachments may not be. Its links may lead you to a nefarious site. Instead of clicking the link, go directly to the correct company website in your internet browser.

• If you were not expecting an email from a friend or associate, contact the sender to verify before opening any links or attachments. This may seem like overkill, but criminals are very adept at enticing unsuspecting victims to open links and attachments. One click could give them access to all your personal information. When in doubt, delete the email.

• Be diligent in creating and changing your passwords. They should be a minimum of eight characters. Use combinations of upper and lower case letters, numbers, and symbols. Use different passwords for your accounts. If you store the passwords on your computer, consider using a password management program instead.

• If you become the victim of a ransomware attack, do not pay the ransom. Criminals often don’t release your computer files after they receive your money and there is little recourse to get your money back.

Protect your personal information by keeping your computer software, including security software, current. Apply updates, upgrades, and patches when they are made available by the software vendor. Please call us with any questions.

Passwords, Hacked!

Nearly every website you visit wants you to create a login and password. Unfortunately, passwords are the only type of security that most sites are using to verify your identity. So if you want to protect your personal information then you need to make a habit of creating extremely strong passwords.

Some sites want the password to include letters and numbers. Others add the option of special characters. A good password is longer than 12 characters, and includes a combination of letters, numbers, and special characters. It should also be updated or changed every 3 months.

An example of a secure password could be: Xvot$Put=qi3. If that sounds complicated, then we’re on the right track. The more complicated, the harder it will be to crack.

password_security

That sounds great, but how do you keep track of all these logins and passwords AND still keep them secure? There are several ways to do this and it all depends on your personal preference. Some of these suggestions are more secure than others. You can:

Memorize them all.

Write them all down in a notepad that you keep somewhere secure.

Use a phrase you can remember, but would be hard for others to guess.

Have your Internet browser remember them all.

Use a third party installed software on your computer that remembers them all for you.

Install an App on your smartphone that generates/remembers passwords for you.

Do NOT use the same password with multiple logins. If one of your logins is compromised, the hacker could try it on any of your other logins with success. Take the time to make good passwords and change them every three months to try to avoid getting hacked. If you have any questions or concerns, please feel free to contact us.

Fraud Alert: Email Scam

Hopefully everyone knows not to reply to an email sent by a “Nigerian prince.” However, criminals are becoming more sophisticated in their tactics. We recently learned of a new email scam during a national conference we attended. The reality of this scam was driven home when one of our own clients was hacked.

One day as I was sitting at my desk, I received an email from a client with whom I had spoken recently. The email said, “Are you in office?” As I was on the phone at the time, I replied I would call as soon as I was done with a call.

The response came, “We are currently out of town, we are here in Mexico and our cell phone is not working here , kindly email available accounts balances as of today.” (Hopefully, you noticed some of the grammar and punctuation mistakes as I did.)

What we had learned in our conference is that the new scam starts by hacking into an email by figuring out the password. Then the crook patiently finds out as much personal information as he can, including names, dates of birth, financial information, etc. Next, the crook will pose as the individual and try to make connections with the individual’s contacts (in this case, me). With so much information about the individual sometimes access is gained to a bank, credit card, or other financial account.

Dollar Sinking In The Sea

Our policy is to never send personal information via email, which inherently is unsecure. For that same reason we won’t accept trade requests via email.

When the email seemed to be fishy, I left a message for the client and waited until she contacted me. The client was indeed on vacation . . . , but not in Mexico. It is likely that the criminal knew she would be on vacation and waited for that moment to make a move.

Thankfully, none of the client’s financial accounts were compromised. However, the episode cost the clients an enormous amount of time and worry.

What lessons can be learned from this?

1. Use strong passwords and change them frequently.

2. Protect your computer. Make sure you have antivirus protection and that you have updated it recently.

3. Encrypt your wireless router by using a WPA key, or password, that will impede hackers using network sniffers.

4. Don’t give your passwords to others. (No one should ever ask.) If you aren’t sure you can trust the emailer/caller, don’t give them any personal information. Find the contact information through an independent source and contact the company that way.

5. Don’t be fooled by emails. Many scammers will send you an email that looks legitimate, but when you click on the link it will download a virus to your computer. Don’t click on any links if you haven’t subscribed to a service from that provider.

6. Limit online purchases and remember that even brick and mortar retailers can have their customer information breached.

If you do make purchases online use credit cards, which typically have fraud protection. If you are compromised the credit card company will usually write-off all of those charges. Debit cards allow thieves to take your money.

In this digital age, cybersecurity is increasingly important. Take a step towards protecting your personal and financial information by first protecting your email.