As the technology sector continually crops up in the news, it serves as a reminder of the speed at which technology infuses with our lives, saturating our daily routines with regular video conferencing, constant social media updates and countless emails. As a result, care must be taken to avoid overlooking the gaps that technology creates—breaches that have the potential to give cybercriminals a key to your sensitive personal information, leaving you as a potential victim of fraud.
Here are some things to be aware of in regards to cybercrime prevention:
1. Safeguard Your Retirement Plans
Participants can (and should) take steps to stop fraudulent attempts to access their retirement plans. The most effective way for participants to take advantage of Trust Point’s built-in safeguards is to register their account online. The majority of retirement plan providers, including Trust Point, now offer dual authentication features that dramatically cut down the probability of fraudulent activity. In order for these features to work, the participant must have registered their account online. Participants who are eligible for normal distributions, but do not have access to their account online, are the most susceptible.
2. Verify Non-Profit Campaigns
Charities gained traction all over the world by use of the Internet. Unfortunately, fraudulent charity campaigns prey on the flaws in cybersecurity during difficult times of crises.1 Avoid clicking on campaign links via e-mail in the unfortunate event it is a phishing2 attempt. Perform the due diligence of verifying the charity’s legitimacy through resources such as Charity Navigator and the BBB’s Give.org.
3. Avoid Sharing Confidential Information in Virtual Meetings
As a result of the increase in video conferences and work from home, video hijacking, or “Zoom-bombing,” is something to be aware of. Across video-conferencing services, maintain privacy when sharing credentials to avoid any unwanted visitors by sending these credentials directly to your meeting participants. In other words, do not under any circumstance share such sensitive information on any public or social media platforms.
4. Ask Questions if Something Looks Suspicious
There are disappointing statistics related to cybercrime against the average American so it is imperative that you take specific prevention steps to protect your identity and assets.
As technology continues to evolve, so does the creativity and sophistication of cybercriminals. Never overestimate cybersecurity protocols and limit the use of delivering your sensitive information in an e-mail or phone call unless necessary and follow appropriate security protocols. The number of security steps companies like Trust Point require clients to perform that confirm legitimacy is essential to avoid wire fraud and money laundering. According to data from the Federal Trade Commission, mortgage wire fraud attempts rose 1,100 percent between 2015 and 2017.4
Suppose your Trust Point advisory team needs account information from you to process a request. We will never request for you to provide this through standard email. There are many instances when cybercriminals break into an e-mail address and spend time reviewing these interactions between their target and external parties; this is known as a spoofing5 attack. As a result, cybercriminals have requested funds using information found within these everyday interactions. If you ever have a question about the legitimacy of a request, it is preferable to call your Relationship Manager.
5. Be Cautious of the word “Free”
Do not be fooled: “FREE” is not always a good thing, and the free service you might be getting could be granting hackers the freedom to steal your information or worse. It’s best to leave these common conveniences alone.
Upon plugging in your low-battery phone into a public charging station, you run the risk of being a victim of fraud. According to NBC news, “The practice, known as ‘juice jacking,’ occurs when people plug in to “juice” up their phones and hackers use malware in the charging station or USB cable to “jack” their information, such as phone numbers and passwords.”
Additionally, exposing your mobile device to unprotected Wi-Fi networks in public areas like hotels and coffee shops can leak sensitive information contained on your devices. Dates of birth and the last four digits of social security numbers are now common answers to security questions or two-step authentication services. As the rise in data breaches continues, it is easier for cybercriminals to obtain this information and use it to reset your passwords and transfer funds fraudulently.
Thankfully, resources such as password managers, identity protection services and virtual private networks are increasingly coming to the forefront to assist the average American in the constant fight against fraud. Managing passwords for online accounts has become a much more daunting task, especially if you have to generate long, encrypted passwords on your own.
Password managers like Enpass and LastPass, to name a few, can assist you in maintaining different and complicated passwords to streamline your online life. In fact, many smartphones and other devices have such useful tools already built-in to their operating systems, such as Apple’s Keychain.*
Remember to maintain your vigilance in cybercrime prevention.
* Trust Point doesn’t endorse any particular password manager and only provides this information as reference. You must still complete your own due diligence on any system that you select.
2 Phishing: the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers. (Definitions from Oxford Languages)
3 https://computer.howstuffworks.com/zoom-bombing.htm
4https://www.rocketmortgage.com/learn/mortgage-wire-fraud
5Spoofing definition: Spoofing is the act of disguising a communication from an unknown source as being from a known, trusted source. Spoofing can apply to emails, phone calls, and websites, or can be more technical, such as a computer spoofing an IP address, Address Resolution Protocol (ARP), or Domain Name System (DNS) server. (https://www.forcepoint.com/cyber-edu/spoofing)
