It is inevitable that you will one day cross paths with a cybercriminal.
When this happens, will you be prepared to defend against their
cyber-attacks?
Some of the more common cybercrimes you may encounter include:
-
Botnets are software robots that create an army of
infected computers which are ultimately under the control of the
originator of the robots. The two most common forms of botnet are:
- The drive-by download - this involves the criminal
redirecting you from a website they have infected to one they control.
This allows that criminal access to your computer.
- An email attack - involves sending out mass emails with
infected files attached.
- Malware is used to infiltrate your computers and
gather private information. Common malware includes worms, trojans, and
spyware.
- Pharming occurs when a legitimate website has been
spoofed to look nearly identical to the actual website. If you mistakenly
visit one of these pharming sites and enter your username and password, you
are providing that personal information to a criminal.
- Phishing typically appears in an email from a trusted
entity. The email asks you to click on a link to update your account
information or change your password. Once the criminal has this
information, they can literally clear out your account or help themselves
to a shopping spree on your credit line.
- Spear phishing emails come from social media sites. In
a spear phishing email, personal information such as your name, company,
and other personal information are included.
There are some precautions you can begin to practice immediately,
regardless of whether you have an IT team or you are managing your
cybersecurity on your own.
- Pay attention. Cybersecurity is real and you should be
reading security blogs such as US Cert and bug track and evaluating the
risks of not taking cybersecurity measures.
- Patch early, patch often, and patch everything. Most
cybersecurity incidents stem from unpatched systems.
- Security awareness. Be aware of threats and how they
impact a business. Make sure you take security measures with your computer,
smart device, network printers, paper on desks, soft phones, and smart
devices.
- Passwords. Although sometimes painful to use, long and
more complex passwords are more effective because algorithms have a harder
time breaking them.
- Multifactor authentication. A single piece of
information or weak combinations such as user name and password aren’t good
enough anymore. An example is the way banks will text a one-time use code.
Use multifactor authentication whenever possible.
The best advice is to be diligent. Resist the urge to open every email as
quickly as possible. Instead take a minute to look for signs of trouble. If
something looks or feels off, it probably is. Pay attention to breaking news
on new threats and attacks that have recently occurred. You may recognize
these efforts in something you have encountered or will encounter.
For firm element training on cybersecurity view the WebCE® Firm
Element course catalog at https://www.webce.com/products/securities/catalog/courses
View Courses
Julie Mendel is the Senior Product Manager of Firm Element Services at
WebCE. She has been in the securities training and compliance industry for 19
years, is a frequent speaker at industry conferences, and author of many
continuing education courses geared toward registered representatives,
investment advisers, and other financial services professionals.