Criminals trying to scam people out of money did not materialize with the invention of the internet. Remember the “Nigerian Prince” phishing emails in the early days of Hotmail and AOL? The one where he wanted to transfer millions of dollars to your bank account if you simply provided your banking information? As it turns out, early Internet scammers were not very original, basing more modern scams off the “Spanish Prisoner” con which dates back to the late 18th century. Similar to the prince scenario, businessmen were enticed by someone allegedly trying to smuggle an important person out of prison. And it just so happened this prisoner came from a wealthy family that would pay vast sums of money to help bribe the prison guards!
No, scams are not a new thing. What is new is the ease, sophistication and technology that scammers have at their fingertips to try to trick you into supplying private, personal information (PPI). That is why it is so important to take extra steps and be diligent in keeping our own personal information safe.
Phishing is the most common type of email scam, where an email masquerades as one coming from a reputable company, encouraging individuals to reveal personal information such as passwords and bank account numbers.
When you receive an email that looks odd or feels off, take some time to evaluate it. Is it worded oddly or with poor English? Does the sender’s email address look correct? For example, if it is an email from Amazon.com, does it show that or is it from Amazone.lmnop.uk? Is it asking you to click on a link to verify the shipping of a package that you did not order? Does it appear to be from a person that you know who is asking for a favor which seems unusual or far-fetched? If so, it is worth pausing and evaluating the email thoroughly before responding to any prompt within the email.
Some fraudulent emails are very good replicas of a real email and while it is hard to know the difference, there are several things you can do in those circumstances. Companies are aware criminals are using their names to try and scam customers and many of them will tell you directly on their website how they send official emails or what to look out for in an alleged email from them. For example, PayPal always addresses an email to your first and last name. So any time I see an email to customer, my email address or something other than “To Heidi Goertzen,” I know it’s spam.
Another way to stay safe is to avoid clicking on a link in an email from an unknown and/or unexpected source. If you get an email from Apple saying your account is being closed unless you click on this link to re-activate it, go to your web browser to access your Apple account rather than clicking on the link in the email.
What should you do if you have already clicked on a phishing link?! Do not enter any data. If you have, quickly reset the exposed password to something else. Disconnect from the internet and run a virus scan such as Malwarebytes, Avast or Kapersky, deleting any malware you may find. Change your passwords for any account that uses a variation of the compromised password. If this happens on a work device, notify your IT department immediately.
I once gave a presentation on the importance of secure passwords and joked that if your password was “GoDucks” you needed to go back to your desk and change it. Half the room looked at me in horror as I had just accidentally outed their “secure” password. Other password no-no’s include any version of your spouse, children or pet names, any important dates like births and anniversaries or any references to your address. And hopefully it goes without saying that your password should never be any variation of “password.”
Secure passwords are becoming exceedingly important. They should be long and complex. Use a mix of characters, mix upper- and lower-case letters and include numbers and symbols. One tip to creating a secure password that is long – choose a phrase or a favorite song lyric. For example, “puppiesarecute” with your favorite numbers and symbols, or “AtFirstIWasAfraid.” Phrases and song lyrics are easy to remember (and of course, add in numbers and symbols), but because it is longer than the usual required 6-10 characters, it will not be as easy to crack. Make sure to use your favorite song lyric and not my example of Gloria Gaynor’s I Will Survive!
And please, please, please, do not write down your important passwords on a sticky note near your computer. While scammers’ technology has improved, so has ours to defend against it. Password management software collects, maintains and populates all of your various passwords into their respective websites. There are several password managers on the market, many of which cost little to nothing for individuals. Password management is a necessary survival skill at this point since it seems like every website has different password requirements. The best part is access to the password manager is controlled by only one “master password.”
Some of the most popular password managers include:
Each password manager includes different features with the price, so it is important to review what each offers to select the best option for you and your family.
Another way to protect yourself online, especially regarding financial accounts, is use of two-factor authentication. This is when a website first requires a password and then texts or emails you an additional code to allow access to your information. While it sometimes feels inconvenient to enter both a password and a code, it is an incredibly easy and efficient way to further protect your personal information and we recommend implementing this on any account that offers it.
As we have seen in recent weeks with cyber criminals attacking a major gas pipeline, dozens of government agencies and a major meat producer, it is more important than ever to protect our personal information.
Becker Capital also works diligently to keep your personal information safe and secure. Any time you request our assistance with moving money in your account we will verify with you verbally and never accept an email request alone. To access our client’s information on various software platforms or websites we use two-factor authentication to log on. Perhaps most importantly, we have significant, long term relationships with you, our clients, and know you well. We use knowing our clients to our advantage to deflect criminals from trying to steal data.
Cybersecurity is becoming more important with every day. If you have questions about how to better protect your own data, or questions about how Becker Capital protects your data, please reach out to your Becker Capital Team.