Security Tips for the Holiday Season
As you prepare for the holidays, it is important to keep in mind that cybercriminals will be doing the same. Protecting data during this busy time is important for both corporations and consumers. In this article, I explain why attacks increase during the holidays and how you can defend against the attacks, so that you may enjoy your holiday season!
Why we need to be more careful during the holidays
You might be wondering why you should be on high alert during the holidays, compared to any other day. The reason is rather simple. More money flows during the holidays, therefore attackers have more motivation, thus increasing attacks. According to Forbes, $6.2 billion was spent shopping on Black Friday alone in 2018.1 Adobe Analytics projects that number increasing to $7.5 billion in 2019.2 Historically, attacks towards companies during the holiday season have continuously been increasing since 2017.3 This is likely true for attacks towards consumers, as well.
Common sense is the best defense
Attacks nowadays seem to be getting sophisticated. However, attackers still often rely on simple methods to get the data they need. Email phishing remains a very popular technique for attackers to gather information. In phishing, you receive a fraudulent email that looks like it is from a reputable company. These emails will often entice a user to click on a link, which might lead to a website or form asking for personal information. There may also be offers that seem too good to be true. Here is where common sense should come into play. If it seems too good to be true, it probably is. Also, it is wise to use a pop-up blocker on your browser to avoid malicious pop-ups that might seem genuine while browsing the web. With the combination of common sense and some simple technology (pop-up blocker), we can help prevent our data from being compromised by popular attacks.
Passwords: Change them regularly
Creating a strong password is another step towards protecting your data, along with regularly changing your password. While you may not be prompted to change your password on a regular basis (30, 60, or 90 day periods are common), it is still wise to change your password when you become aware of a data breach. If you find that changing your password often is too cumbersome, you may consider using a password manager, such as Bitwarden (free and supported on multiple devices) or Lastpass (free and supported on multiple devices). Password managers can make your life easier by storing your passwords safely and can auto-generate strong passwords for you.
Social Media
You might be familiar with email phishing, but a new trend, termed social media phishing, is becoming popular. The concept is the same where you are sent a message that appears to be legitimate, but is in fact a ploy to obtain your sensitive information. The only difference is that the message is delivered via social media instead of email. A message on social media may seem more personal than an email; therefore, you might be more likely to click on embedded links sent through social media. Also, be cautious of shortened links sent to you through social media because they can be used to imitate legitimate links and re-direct you to illicit websites. An example of a shortened link would be “https://example.com/assets/category_B/subcategory_C/Foo/” shortened
to "https://bit.ly/2RoZca8."
Monitor financial accounts and statements
To avoid being a victim of a cyber-attack, we recommend taking an active approach towards protecting yourself by monitoring your financial account statements. This monitoring extends to bank accounts, custodian accounts, and other places that involve monetary exchanges (e.g., online shopping websites such as Amazon). Monitoring your statements is a great way to check for suspicious activity. The more often you monitor, the sooner you can catch any unauthorized transactions. West Financial Services makes it easy for you to monitor your transactions via the Client Portal and the new Mobile applications for both Apple and Android devices. Be sure to contact your financial institutions if you suspect you may be a victim of a cyber-attack.
Physical Security
Physical security in this context means protecting your devices from getting in the hands of an attacker. Many of the topics mentioned earlier in this article rely on an attacker getting access to your system remotely. However, protecting your devices physically is just as important. Some actions you may take to improve physical security include storing your devices in a secure location, shredding sensitive documents when discarding them, and ensuring your devices are password protected if left visible. West Financial Services can assist you in your effort to improve physical security by shredding any documents that contain personal information. Feel free to contact your relationship manager and set up a time to drop off sensitive documents for secure disposal.West Financial Services is here to assist you in staying protected. In our February 2017 Financial Planning Focus newsletter, Dana Tomisek wrote an article on How to Protect Your Data at Home. Click here to read the article. Also, earlier this year, we held a seminar on cyber security presented by Gary Rossi of Fidelity Security Services. If you have any questions or would like a copy of our handout from the seminar, please contact our office or your relationship manager at 703-847-2500.
Meet Kunal Thakur, Assistant Information Systems Administrator.
1 https://www.forbes.com/sites/daveywinder/2019/11/11/black-friday-2019-security-threat-us-government-advises-consumers-to-stay-vigilant/#5d7c29ab130a
2 https://www.businessinsider.com/when-is-black-friday-2019-details-2019-10
3 https://www.carbonblack.com/2018-holiday-threat-report/