Print Friendly and PDF

Cybersecurity 2: Checklist and Tips

Cybercrime and fraud are serious threats and constant vigilance is key.  While Brouwer & Janachowski plays an important role in helping protect your assets, you can also take action to protect yourself and help secure your information.  The checklist below summarizes common cyberfraud tactics, along with tips and best practices to stay cybersafe.  Many suggestions may be things you are doing now, while others may be new.  We also cover actions to take if you suspect that your personal information has been compromised. If you have questions, we’re here to help.  Cyber criminals exploit our increasing reliance on technology.  Methods used to compromise a victim’s identity or login credentials–such as malware, phishing, and social engineering–are increasingly sophisticated and difficult to spot.  A fraudster’s goal is to obtain information to access to your account and assets or sell your information for this purpose. Fortunately, criminals often take the path of least resistance. Following best practices and applying caution when sharing information or executing transactions makes a big difference.

How we can work together to protect your information and assets

Safe practices for communicating with our firm

  • Keep us informed regarding changes to your personal information.
  • Expect us to call you to confirm email requests to move money, trade, or change account information.


What you can do

☐ Be aware of suspicious phone calls, emails and texts asking you to send money or disclose personal information (such as login credentials).  If a service rep calls you, hang up and call back using a known phone number.

☐ The Internal Revenue Service (IRS) doesn’t call, text or email seeking payment of back taxes, fines or penalties—any such communication is fraudulent and should be reported to appropriate authorities.

☐ Never share sensitive information or conduct business via email, as accounts are often compromised.

☐ Beware of phishing and malicious links. Urgent-sounding, legitimate-looking emails are intended to tempt
you to accidentally disclose personal information or install malware.

☐ Financial institutions such as banks or brokerages won’t email you asking for your login credentials—user id’s and passwords—any emails asking for this information should be ignored and deleted.

☐ Don’t open links or attachments from unknown sources. Enter the web address in your browser.

☐ Check your email and account statements regularly for suspicious activity.

☐ Never enter confidential information in public areas.  Assume someone is always watching.
 

Exercise caution when moving money

☐ Money movements are prime opportunities for fraudsters, particularly if you’re conducting a real estate transaction and wiring money to escrow accounts at title companies or elsewhere for down payments or payment of fees.

☐ Review and verbally confirm all disbursement request details thoroughly before providing your approval, especially when sending funds to another country. Never trust wire instructions received via email.
 

Adhere to strong password principles

☐ Don’t use personal information as part of your login ID or password and don’t share login credentials

☐ Create a unique, complex password for each website.  Change it every six months.  Consider using a password manager to simplify this process.

Maintain updated technology

☐ Keep your web browser, operating system, antivirus, and anti-spyware updated, and activate the firewall.

☐ Do not use free/found USB devices. They may be infected with malware.

☐ Check security settings on your applications and web browser. Make sure they’re strong.

☐ Turn off Bluetooth when it’s not needed.

☐ Dispose of old hardware safely by performing a factory reset or removing and destroying all storage data devices.
 

Use caution on websites and social media

☐ Avoid websites that you don’t know (e.g., advertised on pop-up ads and banners)—fraudsters infect them with viruses.

☐ Log out completely to terminate access when exiting all websites.

☐ Don’t use public computers or free Wi-Fi. Use a personal Wi-Fi hotspot or a Virtual Private Network (VPN).

☐ Hover over questionable links to reveal the URL before clicking. Secure websites start with “https,” not “http.”

☐ Be cautious when accepting “friend” requests on social media, liking posts, or following links.

☐ Limit sharing information on social media sites. Assume fraudsters can see everything, even if you have safeguards.

☐ Password protect any attachments you fill out containing medical information, financial information, etc., and send by email.

☐ Consider what you’re disclosing before sharing or posting your résumé.

What to do if you suspect a breach

☐ Advise our office if you suspect your email account has been taken over so we can be alert for any bogus emails that appear to be from your account.  Call our office so we can collaborate with you on other steps to take.

☐ Request our “How to Respond to a Data Breach” flyer for more information.
 

Learn more

Visit these sites for more information and best practices:

  • StaySafeOnline.org: Review the STOP. THINK. CONNECT™ cybersecurity educational campaign.
     
  • OnGuardOnline.gov: Focused on online security for kids, it includes a blog on current cyber trends.
     
  • FDIC Consumer Assistance & Information, https://www.fdic.gov/consumers/assistance/index.html
     
  • FBI Scams and Safety provides additional tips, https://www.fbi.gov/scams-and-safety.