It happened again!
The recent breach at Equifax is the third major cybersecurity disaster of 2017. WannaCry and Petya round out the “big three” that have gained widespread media attention. On top of that, earlier this month we found out that the Yahoo breach from 2013 was far worse than the company thought – 3 BILLION users had their accounts compromised!
Over the summer I wrote a blog about how these kinds of hacks and scams are becoming more common, and way more sophisticated. But luckily people are doing a better job of educating themselves about cybersecurity threats as well.
At Keen Wealth, we try to do our part to keep our clients and listeners informed about the latest online threats. On today’s show we discuss how the Equifax breach happened, and offer some simple but effective cybersecurity tips that will help protect your info, and your money.
Listen to the Episode
Simply “click” or “tap” on the “play” icon in the image below to listen to the episode. If you’d like to subscribe to the podcast using an Apple product (iPhone, iPad, iPod touch) click here to learn how. If you use an Android phone, we recommend using the Podcast Addict App, which can be downloaded here.
Insights from Today’s Podcast on Cybersecurity
Consumers don’t sign up for Equifax or have online accounts they can log in to, so the 143 million compromised didn’t do anything wrong. But the fallout from this and other 2017 breaches still offers some basic cybersecurity lessons you can put into action as soon as you’re done listening to this podcast:
1. Think before you click.
Compounding Equifax’s embarrassment after the breach was, of all things, a typo. Equifax set up a site for consumers to get information, but then accidentally tweeted out a link to a fake site made by a hacker who wanted to show how badly Equifax was handling things.
Luckily the hacker wasn’t malicious and was just trying to make a point – no additional info was stolen. But a lot of internet scams use a similar strategy: try to get users to click on a link that LOOKS safe, but isn’t. So if you get a suspicious email from a company you do business with, take a look at the links it’s asking you to click. Any odd misspellings? Does the hyperlink end in something you’re used to seeing, like .com, .org, or does it end with something unfamiliar? Is your web browser warning you to turn back? Or is the email randomly instructing you to download an attached file?
When in doubt, send that email to your spam folder and call the company’s customer service hotline to check on your account.
2. Lock down your accounts and devices.
Passwords and lock screens can be annoying. But the hassle you might have to go through with your bank, service providers, and maybe even the federal government, will be a lot worse.
If your online accounts offer two-factor identification, which require access to your email account or cell phone to change passwords, then enable it. Keep your computer’s antivirus software updated. Set up your phone’s lock screen – password, number code, pattern, whatever is most convenient for you to use. Just make sure your passwords feature a strong mix of upper and lowercase letters, numbers, and symbols – it won’t take hackers long to crack 12345 or your name.
Also remember to diversify your passwords – don’t use the same password for logging into different sites. If you do a lot of shopping, banking, or working online, you may want to consider using a password manager to help you remember which passwords to use for each site. A password manager locks down all of your login info behind one master password. Some of these services even prompt you to change your passwords every few months, which is a big boost to your cybersecurity. To see a list of password manager providers, Click Here.
3. Check all of your monthly account statements.
Autopay and electronic statements can make managing your money a whole lot easier. But there’s a right and wrong way to use these services. What happens if a hacker cracks your credit card and makes a purchase, and you don’t check your bill before a scheduled autopayment? What if you don’t keep an eye on your checking account balances, and a hacker triggers overdraft protection that makes your savings vulnerable too?
Like it or not, being responsible about your cybersecurity is now an unavoidable part of internet use. And one of the most effective ways to protect yourself from high-tech threats is very low-tech: check your statements.
4. Your advisor’s business IS your business.
After the Equifax breach some of our clients at Keen Wealth called in asking about how we protect their info. I’m happy to let clients know that, in addition to the cybersecurity best practices mentioned above, we use automated prompting to change our passwords regularly. We also receive notifications of any client-initiated requests on deposits or withdrawals, and have federally mandated procedures in place that were created expressly to protect funds in all client accounts.
But maybe our most important cybersecurity measure is, again, an old-fashioned practice: we don’t do anything with our clients’ money without a phone call. If someone were to hack into your email account and ask us to move your money, rest assured that our procedures include calling and talking with you first to confirm.
Don’t ever be afraid to ask the people managing your money these kinds of questions, or anything else pertaining to your service agreement. You have every right to know how your financial future is being managed and protected. But the most effective cybersecurity measures start at home, on your phone, and in your email inbox.
Bill Keen on Cybersecurity …
“Don’t ever be afraid to ask the people managing your money about the cybersecurity measures protecting your money.”
Please share this page and the podcast with your friends and colleagues via Linkedin, Twitter and Facebook. You can use the share buttons. Thanks!
Got a question or comment? Email it to me and we’ll get back to you or call our office at (913) 624-1841.
Bill Keen is a CHARTERED RETIREMENT PLANNING COUNSELOR℠ and independent financial advisor with more than 24 years of industry experience. As the founder and CEO of Keen Wealth Advisors, a registered investment advisory firm, he specializes in providing personalized retirement planning designed to help people thrive before and during their retirement years. With a passion for educating others, Bill regularly blogs about retirement planning, hosts the podcast Keen on Retirement, and has contributed to U.S. News and World Report, Reuters, Wall Street Journal’s Market Watch, Yahoo Finance, and other publications. Based in Overland Park, Kansas, Bill and his team work with clients throughout the greater Kansas City area and across the nation. To learn more, connect with him on LinkedIn or visit www.keenwealthadvisors.com.
Keen Wealth Advisors is a Registered Investment Adviser. Nothing within this commentary constitutes investment advice, performance data or any recommendation that any particular security, portfolio of securities, transaction or investment strategy is suitable for any specific person. Any mention of a particular security and related performance data is not a recommendation to buy or sell that security. Keen Wealth Advisors manages its clients’ accounts using a variety of investment techniques and strategies, which are not necessarily discussed here. Investments in securities involve the risk of loss. Past performance is no guarantee of future results.