Cybercrimes and What You Can Do to Protect Yourself, Your Data, and Your Clients

by Julie Mendel | Jun 19, 2018
Don't Skip Your Vacation

It is inevitable that you will one day cross paths with a cybercriminal. When this happens, will you be prepared to defend against their cyber-attacks?

Some of the more common cybercrimes you may encounter include: 

  1. Botnets are software robots that create an army of infected computers which are ultimately under the control of the originator of the robots. The two most common forms of botnet are:
    • The drive-by download - this involves the criminal redirecting you from a website they have infected to one they control. This allows that criminal access to your computer.
    • An email attack - involves sending out mass emails with infected files attached.
  2. Malware is used to infiltrate your computers and gather private information. Common malware includes worms, trojans, and spyware.
  3. Pharming occurs when a legitimate website has been spoofed to look nearly identical to the actual website. If you mistakenly visit one of these pharming sites and enter your username and password, you are providing that personal information to a criminal.
  4. Phishing typically appears in an email from a trusted entity. The email asks you to click on a link to update your account information or change your password. Once the criminal has this information, they can literally clear out your account or help themselves to a shopping spree on your credit line.
  5. Spear phishing emails come from social media sites. In a spear phishing email, personal information such as your name, company, and other personal information are included.

There are some precautions you can begin to practice immediately, regardless of whether you have an IT team or you are managing your cybersecurity on your own.

  • Pay attention. Cybersecurity is real and you should be reading security blogs such as US Cert and bug track and evaluating the risks of not taking cybersecurity measures.
  • Patch early, patch often, and patch everything. Most cybersecurity incidents stem from unpatched systems.
  • Security awareness. Be aware of threats and how they impact a business. Make sure you take security measures with your computer, smart device, network printers, paper on desks, soft phones, and smart devices.
  • Passwords. Although sometimes painful to use, long and more complex passwords are more effective because algorithms have a harder time breaking them.
  • Multifactor authentication. A single piece of information or weak combinations such as user name and password aren’t good enough anymore. An example is the way banks will text a one-time use code. Use multifactor authentication whenever possible.

The best advice is to be diligent. Resist the urge to open every email as quickly as possible. Instead take a minute to look for signs of trouble. If something looks or feels off, it probably is.  Pay attention to breaking news on new threats and attacks that have recently occurred. You may recognize these efforts in something you have encountered or will encounter.

For firm element training on cybersecurity view the WebCE® Firm Element course catalog at https://www.webce.com/firmelement/catalog/courses

 

Julie Mendel is the Senior Product Manager of Firm Element Services at WebCE. She has been in the securities training and compliance industry for 19 years, is a frequent speaker at industry conferences, and author of many continuing education courses geared toward registered representatives, investment advisers, and other financial services professionals.