As we consider important New Year’s resolutions for 2018, one idea rises to the top among personal priorities: resolving to better protect ourselves against cybercrime.
The significance of this resolution becomes clear when considering the prevalence of cyberattacks in recent years. In the first half of 2017 alone, 918 data breaches were recorded that compromised 1.9 billion data records, according to digital security provider Gemalto.1 While the magnitude of those numbers may seem unsettling, it’s even more sobering when we recognize that breaches are only expected to increase as we move more aspects of our lives online.
The term “cyberattack” refers to deliberate exploitation of computer systems or other technology-dependent systems, as defined by the website Techopedia.2 The consequences can be as singular as theft of one person’s identity or as widespread as a data breach of a government agency, large company or national organization. Most of us have experienced at least an attempted cybercrime — from the receipt of a simple “phishing” email to having our personal information exposed via a large-scale computer hack.
Although we cannot control the computer security practices of the many companies with which most of us interact (banks, grocery stores, department stores, gas stations, etc.), we CAN control our own personal “cyber hygiene.” Unfortunately, many technology users fail to follow best practices and new innovations for protecting ourselves, said Vince Skinner, Information Security Manager for D.A. Davidson Companies. Skinner emphasizes that simply using the latest anti-virus application for your computer is not enough: “The only way to protect ourselves is to be hyper-vigilant whenever we are using technology.”
How can you protect yourself? These practices can help:
Manage your devices.
- Install the most up-to-date anti-virus and anti-spyware programs on all devices and use them to scan regularly. Update these programs when updates become available.
- Access sensitive data only through a secure location or device. Never access personal data via a public computer such as in a hotel or cybercafe.
- Set up a separate computer for children to use for online activities. Monitor their online actions.
- Use a personalized identifier for financial accounts to access online. Never use your Social Security number in any part of your login activity.
- Avoid using common passwords. Use long phrases and complicated combinations of letters, numbers and symbols.
- Avoid storing passwords in email folders or leaving them on desktops. Consider using a password manager program and two-step authentication.
Surf the web safely.
- Don’t connect to the Internet via unsecured or unknown wireless networks, such as those in public places; these networks may lack virus protection and can be susceptible to attacks.
- Ad and script blockers can be a helpful tool.
- Always monitor children’s use of the web.
Protect information on social networks.
- Limit the amount of personal information you post on networking sites. Never post even parts of your Social Security number or your birth date, address or phone number.
- Consider also limiting announcements about births, children’s birthdays or loss of loved ones. Sharing too much information can make you susceptible to fraudsters, allowing them to pass tests related to the authentication of your personal information. Never underestimate the public sources that someone might use to learn critical facts about you.
Protect your email accounts.
- Delete emails that include financial information beyond the time that it’s needed. Continuously assess whether you need to store any personal or financial information in an email account.
- Use secure data storage programs to archive critical data and documents.
- Review unsolicited emails carefully. When in doubt, delete. Never click links in unsolicited emails or in pop-up ads, especially those that warn that your computer is infected with a virus and request that you take immediate action. This caution should extend even to links to “unsubscribe.”
- Establish separate email accounts for personal correspondence in financial transactions.
Safeguard your financial accounts.
- Review all credit card and financial statements as soon as they arrive or become available online. If any transaction looks suspicious, immediately contact the financial institution where the account is held.
- Never send account information or personally identifiable information over email, chat or any other unsecure channel.
- Suspiciously review any unsolicited email requesting personal information. Never respond to an information request by clicking a link in an email. Instead, type the website’s URL into the browser yourself.
- Avoid developing any online patterns of money movement, such as wires, that cyber criminals could replicate to make money movement appear legitimate.
It is important to continue staying abreast of changes in best practices and to understand how new technologies can help you to protect yourself and your family. Discuss best practices as a family. Read articles about how to avoid being a victim.
Besides the steps you can take to personally secure your information, D.A. Davidson Companies and its subsidiaries are committed to protecting your privacy and personal information. Details about how we safeguard you information can be found here on the D.A. Davidson website.
Information contained herein has been obtained by sources we consider reliable, but is not guaranteed, and we are not soliciting any action based upon it. Any opinions expressed are those of the author and based on interpretation of data available at the time of original publication of this article. These opinions are subject to change at any time without notice. Investors should consult their financial and/or tax advisor before implementing any investment plan.