Avoid Cybercrime with These Tips from an FBI Agent

Written By MARK J YATROS

While most of the nation laid low in 2020 to avoid contracting the coronavirus, cybercriminals were very active. The Federal Bureau of Investigation’s 2020 Internet Crime report says that financial losses from cybercrime exceeded $4.1 billion in 2020, a 69% increase over 2019.

Cybercrimes are not going away, and cybercriminals’ schemes are getting more sophisticated. But how can you reduce the odds of becoming a victim of cybercrime? Retired FBI Special Agent Jeff Lanza, a cyber security expert, shared the following suggestions with Allegiant Wealth Strategies:

Computer security tips

  • Don’t download anything to your computer that you weren't expecting to do when you got online.

  • Keep your software current with the latest updates. Both Microsoft and Apple issue updates to their operating systems that control your computer. The updates help you stay safe against the latest threats. To make it easy, go to your settings page and tell your computer to keep you updated automatically.

  • Back up your files so you can recover them if your computer is compromised. For example, ransomware is a widespread problem that affects business and home computers. It encrypts files, so you can’t open them without a key. We’ll go deeper into this issue later in this blog.

  • Consider adding an additional layer of security to your computer. Malwarebytes is a free program that searches for and destroys malware that has evaded your perimeter antivirus program.

  • Use strong passphrases. See below for more details.

Two-factor authentication

  • Two-factor authentication is a security process that cross-verifies a user with two different forms of identification. The process entails using a password and a PIN code (most often sent to your phone) to log in to online accounts.

  • Two-factor authentication is valuable in preventing the hijacking of your accounts. In most cases, you can set this up in your account’s security/settings section.

  • If this sounds cumbersome, don’t worry because you don’t have to use the two steps every time, only if the website wants to make sure it’s you, such as when you log in from a different computer or IP address.

Be password savvy

With the instances of cybercrime rising, now is a great time to increase your security by using passphrases instead of passwords. A passphrase is like a password; only it’s composed of a combination of words strung together. The government now recommends passphrases to protect online accounts because they are easier to create and remember but more difficult to hack.

Here are some tips to make strong passphrases:

  • Use at least 12 characters to help make them uncrackable. The longer, the better.

  • If a website makes you use upper/lowercase and a number and special characters (old standard), you can always add those to the passphrases you created. Not all sites have adapted to the new government standards.

  • Here’s an example passphrase: paranoiawillnotdestroyya. The length is the key to making passphrases strong, and a little paranoia goes a long way to keeping your accounts secure.

  • Use a different passphrase for each online account. Yes, this is a pain, but it limits the damage if a criminal gets access to any of your accounts. Much fraud can be committed when a victim reuses passphrases.

How to respond to computer pop-ups

  • Be cautious of computer notifications and pop-ups. Examples include emails that say you must download something to see a greeting card or a message that says your computer is infected.

  • Don’t click on anything in these pop-ups, including the “X” inside the pop-up itself.

  • Your best bet to remove the pop-up safely is to hold down three keys: CTL+ALT+DEL to exit a pop-up safely on a Windows computer. If you’re on a Mac, use CMD+Option+Escape.

  • Then run your antivirus software to see if there is malware on your computer that caused the pop-up. 

Fake emails

  • Be careful where you click. Don’t click on links or attachments in emails from an unknown sender, a suspicious sender, or in emails that don’t make sense.

  • Remember that a friend’s email account can become compromised and that attackers can “spoof” someone’s email address to appear to be from anyone they choose.

  • Don’t react emotionally to an email because hackers count on this to overcome logic and force us into making bad decisions.

Ransomware

  • Ransomware is a form of malware that restricts access to data by encrypting files or locking computers. Ransomware is unleased onto computers when victims open an email addressed to them and click on an attachment that appears legitimate.

  • The malware encrypts files on a victim’s computer, and they see computer messages advising them of the attack and demand a ransom payment in exchange for a decryption key.

  • Be careful where you click and backup the content on your computer so you can restore your files.

  • Ransomware can infect all hard drives, so disconnect the backup drive when not in use or use cloud backup.

Social media

  • Accept friend requests only from people you know and use the privacy setting to control who has access to your information. Review these settings regularly. Be careful about sharing location and future travel plans.

  • Be wary of online polls or quizzes which may infect your computer with malware. Games may ask for access to your contacts or other information on mobile devices, which you should always deny.

The safe way to log in to online accounts

  • Don’t be tricked into giving up your login credentials. Never go to a login page through a link in an email or a pop-up. Instead, go to the login page directly by typing the site name.

  • Check out the site by making sure there is an “HTTPS” in the address before you enter information and that the address accurately represents the website you want to visit. Once you have verified the site, store it in your browser’s bookmarks or favorites for future access.

Software

  • Make sure your operating system software and antivirus software are updated automatically. This can be configured in the settings/security options.

  • Windows computers must be protected with antivirus software. Popular options are McAfee, Norton, and Windows Defender (free with Windows 10 and downloadable with some previous Windows

  • Keep in mind that these programs provide one layer of perimeter security. If malware evades them, they most likely won’t be able to remove it because they couldn’t stop it in the first place.

  • You might consider a malware removal program that does search and destroy missions. A popular free program that is very effective is called Malwarebytes. You can use the free version, which complements – but does not replace – your perimeter antivirus program.

  • Consider using password manager software to help keep track of all your unique passphrases. Some good options are Keeper, Dashlane, and LastPass.

  • You might try the “Notes” apps on your smartphone to store notes and secure them with a password on your device. No one can open the note and see your passwords without the master password that you create.

Wi-Fi networks

  • Protect your home Wi-Fi network with a strong passphrase and WPA2 encryption.

  • Public Wi-Fi networks are not secure. To access the internet, use a virtual private network (VPN) for a nominal fee, or use your smartphone’s personal hotspot feature, which uses the more secure cellular network.

 Smartphone security

  • Always use a passcode to protect your phone. This keeps the information secure if the phone is lost or stolen. Using biometrics, like Touch ID or facial recognition, is very secure and makes it easier to access the device.

  • Watch out for fake text messages. Don’t call, click, or reply unless you have verified the sender’s authenticity.

  • Since there is no mouse, you can’t hover on a phone or pad device. Press and hold your finger for about 2 seconds to reveal a preview of the website.

  • If you use your mobile device for online banking and other financial accounts, make sure you download the apps from the actual Apple or Google store. To use this technology in the most secure way, protect your device with a password, keep the phone and apps updated, and report a lost or stolen phone to financial institutions immediately.

 

This material has been provided for general informational purposes only and does not constitute either tax or legal advice. Although we go to great lengths to ensure our information is accurate and useful, we recommend you consult a tax preparer, professional tax advisor, or lawyer.

 Allegiant Wealth Strategies offers securities and advisory services through Commonwealth Financial Network, Member FINRA/SIPC. Allegiant Wealth Strategies has offices in Battle Creek and Portage, Michigan, from which we serve Calhoun County and Kalamazoo County as well as Kent County (Grand Rapids). The Allegiant Wealth Strategies team offers no-obligation financial planning consultations; call at 269-218-2100 or contact us here.

MARK J YATROS
Previous

How to Spot a Financial Scam: A Guide for Seniors
Next

You’ve Been Hacked or Spoofed: Now What?