Cyber security tips

Phishing has increased 6000% (!) since the Covid-19 crisis started. With the current exponential rise in cyber attacks, this may be an opportunity to list some of the cybersecurity suggestions we’ve found particularly useful. These are from several sources, including a continuing education course by a cybersecurity expert, John Silio of the Silio Group, at the (virtual) May NAPFA meeting of CFP’s. We are not cybersecurity experts and the following list is not complete, but we hope some of the ideas may be useful:

• “Social Engineering“: Protection against ransomware, malicious downloads, and phishing attempts relies on email recipients (you!) not clicking on anything that doesn’t quite look right. Check the source before downloading or giving private information. Hover your mouse over any link, and the linked URL will appear. The text of a link in a document may look legitimate, but it can always be a spoof, and the only way to know what you are linking to is with the hover technique.
• Password protection:
• Use multi-factor authentication.Yes, this can be inconvenient, but it’s a small price to pay for protecting sensitive information, such as access to cloud vaults, banks, and financial accounts and arguably more important than having a strong password.  If the password is compromised, someone must have access to the second authentication method to get into the account.
• Use a password manager. This stores your passwords and fills in password fields with strong passwords when logging into websites. The program is accessed with only one very strong master password you create. For example, use a statement describing some personal event only you know, with added special characters. Password manager programs are well worth it, and not expensive (e.g. the basic version of LastPass is free).
• Using a combination of special characters, caps, numbers, and lower case letters has become essential. Code-breaking computing is now so powerful that passwords without them are much less safe.
• Protect your computer with a good anti-malware program, such as Malwarebytes.
• Use automatic updates for your software.
• Use a strong Password to protect your Wi-Fi.
• Back up regularly. Regular back ups can ensure that you have a history of clean copies of files in case you need to restore your device after exposure to malware.
• Texting is more secure than email.
• Use a virtual private network (VPN). A VPN encrypts your data, making it unreadable to third parties like your ISP or hackers, and masks your IP address by routing your connection through a remote server.

On a personal note, we want to emphasize that you will never receive an invitation from us to send sensitive information via email. If it looks like us, it’s not. We never ask for sensitive information to be communicated by email. We have one of the most secure cloud vaults for that purpose, Citrix ShareFile, approved for use by both HIPPA and eCommerce banks. From time to time we send a Newsletter that contains only non-sensitive information and does not share your names or email addresses with others. Soon we will be sending a mid-year 2020 briefing, but it is just that, a news brief with timely information we think may be useful, not sensitive or private information.  

We hope these suggestions are helpful, especially now!

Jack and Lisa