According to the FBI, “Cyber intrusions are becoming ever more commonplace, more dangerous, and more sophisticated.” Cybercrime has become a $114 billion organized, underground economy that employs thousands of hackers around the globe. Unfortunately, the cybersecurity industry is having a tough time keeping up with ongoing and new threats that put all of us at risk.
As cybercriminals get more savvy it is vitally important that you work with your investment advisor to protect yourself and your hard-earned assets. Taking the following precautions can keep you a step ahead of identity thieves and fraudsters, helping you to minimize the risk and harm that can result from their illegal activities.
Do the Two-Step
Many companies now offer Two Factor Authentication, or two-step verification, for your online accounts. It offers an extra layer of security that requires not only a username and password, but also something that only the rightful owner knows or has access to. Often, when someone is trying to access a site online from a previously unknown or unapproved computer, a unique code is sent to another device such as a cell phone. The code can also be generated from a physical token or an app. If this code is received by the rightful owner it is then entered along with their user ID and password; if the code is received unexpectedly, it can signal that someone else might be trying to gain unauthorized access, making it much harder for cyber thieves to steal your investments.
Be Wary of Doing Financial Business Via Email
Your advisor should never agree to make any transfers from your investment accounts that you request through email. Instead they should require you to call them so they can confirm you are who you say you are. In addition, your financial advisor may insist on calling you at the phone number that they have on file to verify your transfer request since caller ID information can be falsified. Don’t become impatient if your advisor follows a protocol that may delay your request or that requires additional action on your part. By implementing a multi-step process your advisor is trying to protect you and your assets.
Conversely, if you receive an email from your advisor requesting personal information that you know they already have, i.e. your account numbers or social security number, don’t reply to their email to verify the request, call them directly. Often, phishing emails appear to come from trusted sources but can contain infected attachments or route you to a website link where they attempt to steal your login information. The sites look real and can be very convincing. Take the time to speak directly with your advisor to verify the request before you provide personal information.
Stay Current
Make sure your financial advisor has your current contact information so you can be easily reached if necessary (see above). A good practice is to review and update your contact information with your advisor when you meet for your periodic review.
Your contact information isn’t the only thing you need to keep current. By keeping your computer’s operating system, firewall, and anti-virus software updated you will protect your computer and personal information from being stolen by malware and other cyber attacks.
Your Set of Keys
Having online account access is a convenient way to manage your banking and investment activity. However, it comes with some risks if you don’t protect your accounts with secure passwords. Think of your passwords as the keys to your online financial accounts. Make sure you use different passwords for each account and change them on a regular basis. An easy way to do this is to establish dates in advance to change your passwords. For instance, consider updating them on the first day of each season or on your children’s birthdays. There are several password manager application services available that help keep your passwords safe and prompt you to change them regularly.
In addition to convenience and accessibility, there are other advantages to having password-protected online accounts. The most obvious is avoiding the risk of someone intercepting a paper version of your statements or important documents. Anyone can lift your social security number, birthdate or account numbers by taking your mail or looking through improperly stored or discarded documents. If you still prefer to receive printed copies, lock them up and dispose of them properly by shredding them first. Be sure to ask your advisor how they store and protect your documents and personal information.
The Last Word
Whether you access your statements online or via the mail, make sure you review them closely and contact your financial advisor immediately if you see any suspicious or unauthorized activity. Finally, don’t use public computers or unsecured wireless networks when sending personal information to your financial advisor, or to anyone else for that matter.
Stay vigilant. Be sure both you and your advisor are doing all you can to keep your investments secure.