Thoughts on Cyber Security

Equifax, one of three credit reporting agencies, has been hacked and according to the Federal Trade Commission, "if you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach."  

You can check to see if you've been affected by going to the special Equifax website and following the instructions under Potential Impact. If you have been impacted, Equifax will offer to enroll you in free credit monitoring for one year, but you have other options outside of Equifax (see below) and doing so may forfeit some of your legal rights. Also, be aware that this may not be the first time your data has been breached. At the website, you can use your email to reference databases of previous breaches to tell you if and what may have been taken in the past. The process is safe, informative, and may motivate you to change the Yahoo password you've had since 2006. 

The Equifax breach is scarier because of the broad spectrum of data that was taken and the large number of people affected. Any data that is stolen can ultimately be used for two things - fraudulent credit applications and more complicated cyber hacking - and each requires different types of protections.

Credit Fraud

Criminals can use your personal information to illegally apply for credit, which can range from a JCPenney credit card to a large business line of credit. There are several layers of protection that you can take. At the end of the day, you aren't on the hook for much money if this happens but it can be a nightmare to clean things up, so preventing or catching it quickly is quite helpful. A few recommendations:

Cyber Threats

These techniques - phishing, malware, ransomware, etc. - can be a bit scarier because they generally involve human error and the consequences can be damaging. Here are a few steps to raise your level of protection.

  • First, change any passwords that may have been acquired as part of a breach; not just for the site that was hacked but anywhere that password might have been used.
  • Use strong passwords going forward, especially for personal email. If your old passwords are not strong, this is an opportunity to change them all. A password manager (RoboForm, LastPass, Dashlane) can make managing passwords easier and secure.
  • Use best practices for all your online activity: keep computer systems updated; use Anti-virus software; don't click on suspect links or documents; use dual factor authentication whenever possible; don't log in to your bank website on Starbucks' Wi-Fi.

The end game for cyber hacking is to get access to your money, either by hacking your bank account or convincing you to send funds to your new friend, the prince in Nigeria. This is absolutely something we all want to avoid - a fraudulent transfer is a worst case scenario. The good news is that banks and investments firms are highly aware of these fraudulent attempts and there are a lot of checks and balances in place regarding who we process transactions and where your money can go. For that reason, it is very common to require some form of verbal or signature authorization for most transfers. It helps to know your advisor is looking at your accounts every day and keeping an eye out for red flags. 


Share |