6 Cybersecurity Tips for Investors in 2020
By Matthew Fischer, CFA
June 30, 2020
Estimated Reading Time: 4 minutes
6 Cybersecurity Tips for Investors in 2020
2020 marks the start of an exciting new decade, one that may bring us closer to the vision of flying cars and robot helpers. While we continue to adapt more and more technology into our everyday lives, it’s just as important that we take the right actions to keep our data and personal information safe online.
We’ve put together six tips for investors to help them better secure their data, personal information, and digital identity in 2020.
1. Use a Password Manager
After graduation, many young adults receive their first paycheck in their entry level positions. For most, this is the largest paycheck they’ve ever received, and many will splurge on new clothing, expensive nights out, and maybe even a few vacations. It’s the first time in our lives we don’t have to stretch $50 over the course of a month and we can afford to spend some money on ourselves. What many of these young adults don’t realize is how essential it is to start saving for retirement. You may ask yourself, “Retirement is almost 40 years away, why start now?” or say to yourself “I’ll start in a few years – I just want to enjoy myself now”.
This is where Mischel’s study becomes relevant. We can spend all of our money now and receive instant gratification. When it’s time to retire, however, will we look back and wish we hadn’t eaten that first marshmallow? If not the whole thing, maybe even saved a small portion?
2. Use Good Passwords
By now, we all have so many passwords to the different accounts we use online that it can be nearly impossible to keep them organized, or worse; we reuse the same password everywhere. Most of us have become part-time professionals at clicking the “reset password” button - a testament to how difficult it can be to keep our digital lives untangled.
Using a password manager (LastPass, Enpass, Keeper, 1Password, etc..) can go a long way in both organizing your data and protecting your online accounts. Password generators are like storage lockers for your passwords - you can enter your username and password into the password manager, which is secured by one master password, and log in to access your account information at any time.
Password protectors can also generate strong passwords for you and keep them securely stored, so any ill-intentioned parties will have a really hard time breaking into one of your accounts.
3. Be Cautious Responding to People Claiming to be an Authority
A friend of mine told a scary story about her grandparents. A scammer called her grandparents and told them that their grandson was in jail and needed money fast. Emotionally jarred, these caring folks were a click away from wiring $700 to a complete stranger, who had impersonated a police officer over the phone. Luckily, they called their grandson’s parents, who assured them that the grandson was safe at home and did not need bail money.
Scammers will often take on the disguise of authority figures or people in distress to emotionally jar the victim into a state of panic before instructing them to send money somewhere. If you receive a call from the police, IRS, or other authority figure from an institution, simply tell them you will call them back regarding the issue. If they are legit, they should have no problem with this.
4. Use a VPN
A Virtual Private Network (or VPN) is a software that securely connects you to a computer in a remote location. If you are using public WiFi in Starbucks, consider using a VPN to connect in order to shield your personal information from prying eyes.
A VPN will create a secure tunnel around your internet data, preventing snoopers from seeing your internet activity or accessing files on your computer.
VPN’s are low-cost tools that can go a long way in protecting your personal data. For a list of VPN’s, please check out the link below:
5. Use 2-Factor Authentication Where Possible
2-Factor Authentication is the practice of using your phone or email as a verification that it is, indeed, actually you trying to log in to your account.
With 2-Factor Authentication, the first factor is your password, the second is typically a four to six digit passcode that you would receive on a device, phone number, or email that had previously been verified as yours. The passcode that is generated is unique, so only you know what it is. When you correctly enter the passcode, you will be securely logged into your account.
It is important that you keep the passcode you receive to yourself. Many scammers will ask you for the verification code over the phone because they are trying to log into your account on their side. If you receive a phone call, and the person asks you for the code, simply hang up and call the company back on their main line. Again, if they are legit, they will have no problem with this.
6. Use Common Sense
Over 80% of scams are successful because they use social engineering to trick the user. This is the case in email scams, text message scams, phone call scams, and real-world scams. By hijacking norms and habits, scammers can trick an otherwise-intelligent person into giving up sensitive information that could leave them exposed to a cyber-attack.
You can use a couple of common sense tests to reduce the effectiveness of these social engineering attacks:
- Do I know this person/number/email address?
- Does this person really need to know my account number/SSN/2-Factor Authentication code?
- Am I absolutely confident that this person is a legitimate representative?
- By giving out this information, am I granting this person access to any of my sensitive information or personal data?
Running through questions like these before taking action can stop a scam or cyber-attack before it starts.
Matthew Fischer, CFA is a Wealth Advisor at Chicago Partners. Matt specializes in creating robust investment portfolios for his clients and helping answer any questions about investments, financial plans, or wealth planning in general.
Important Disclosure Information
Past performance may not be indicative of future results. Different types of investments involve varying degrees of risk, and there can be no assurance that the future performance of any specific investment, investment strategy, or product (including the investments and/or investment strategies recommended or undertaken by Chicago Partners Investment Group LLC (“CP”), or any non-investment related content, made reference to directly or indirectly in this commentary will be profitable, equal any corresponding indicated historical performance level(s), be suitable for your portfolio or individual situation, or prove successful. Due to various factors, including changing market conditions and/or applicable laws, the content may no longer be reflective of current opinions or positions. Moreover, you should not assume that any discussion or information contained in this commentary serves as the receipt of, or as a substitute for, personalized investment advice from CP. Please remember to contact CP, in writing, if there are any changes in your personal/financial situation or investment objectives for the purpose of reviewing/evaluating/revising our previous recommendations and/or services, or if you would like to impose, add, or to modify any reasonable restrictions to our investment advisory services. CP is neither a law firm nor a certified public accounting firm and no portion of the commentary content should be construed as legal or accounting advice. A copy of the CP’s current written disclosure Brochure discussing our advisory services and fees continues to remain available upon request.
June 30, 2020
Estimated Reading Time: 4 minutes
6 Cybersecurity Tips for Investors in 2020
2020 marks the start of an exciting new decade, one that may bring us closer to the vision of flying cars and robot helpers. While we continue to adapt more and more technology into our everyday lives, it’s just as important that we take the right actions to keep our data and personal information safe online.
We’ve put together six tips for investors to help them better secure their data, personal information, and digital identity in 2020.
1. Use a Password Manager
After graduation, many young adults receive their first paycheck in their entry level positions. For most, this is the largest paycheck they’ve ever received, and many will splurge on new clothing, expensive nights out, and maybe even a few vacations. It’s the first time in our lives we don’t have to stretch $50 over the course of a month and we can afford to spend some money on ourselves. What many of these young adults don’t realize is how essential it is to start saving for retirement. You may ask yourself, “Retirement is almost 40 years away, why start now?” or say to yourself “I’ll start in a few years – I just want to enjoy myself now”.
This is where Mischel’s study becomes relevant. We can spend all of our money now and receive instant gratification. When it’s time to retire, however, will we look back and wish we hadn’t eaten that first marshmallow? If not the whole thing, maybe even saved a small portion?
2. Use Good Passwords
By now, we all have so many passwords to the different accounts we use online that it can be nearly impossible to keep them organized, or worse; we reuse the same password everywhere. Most of us have become part-time professionals at clicking the “reset password” button - a testament to how difficult it can be to keep our digital lives untangled.
Using a password manager (LastPass, Enpass, Keeper, 1Password, etc..) can go a long way in both organizing your data and protecting your online accounts. Password generators are like storage lockers for your passwords - you can enter your username and password into the password manager, which is secured by one master password, and log in to access your account information at any time.
Password protectors can also generate strong passwords for you and keep them securely stored, so any ill-intentioned parties will have a really hard time breaking into one of your accounts.
3. Be Cautious Responding to People Claiming to be an Authority
A friend of mine told a scary story about her grandparents. A scammer called her grandparents and told them that their grandson was in jail and needed money fast. Emotionally jarred, these caring folks were a click away from wiring $700 to a complete stranger, who had impersonated a police officer over the phone. Luckily, they called their grandson’s parents, who assured them that the grandson was safe at home and did not need bail money.
Scammers will often take on the disguise of authority figures or people in distress to emotionally jar the victim into a state of panic before instructing them to send money somewhere. If you receive a call from the police, IRS, or other authority figure from an institution, simply tell them you will call them back regarding the issue. If they are legit, they should have no problem with this.
4. Use a VPN
A Virtual Private Network (or VPN) is a software that securely connects you to a computer in a remote location. If you are using public WiFi in Starbucks, consider using a VPN to connect in order to shield your personal information from prying eyes.
A VPN will create a secure tunnel around your internet data, preventing snoopers from seeing your internet activity or accessing files on your computer.
VPN’s are low-cost tools that can go a long way in protecting your personal data. For a list of VPN’s, please check out the link below:
5. Use 2-Factor Authentication Where Possible
2-Factor Authentication is the practice of using your phone or email as a verification that it is, indeed, actually you trying to log in to your account.
With 2-Factor Authentication, the first factor is your password, the second is typically a four to six digit passcode that you would receive on a device, phone number, or email that had previously been verified as yours. The passcode that is generated is unique, so only you know what it is. When you correctly enter the passcode, you will be securely logged into your account.
It is important that you keep the passcode you receive to yourself. Many scammers will ask you for the verification code over the phone because they are trying to log into your account on their side. If you receive a phone call, and the person asks you for the code, simply hang up and call the company back on their main line. Again, if they are legit, they will have no problem with this.
6. Use Common Sense
Over 80% of scams are successful because they use social engineering to trick the user. This is the case in email scams, text message scams, phone call scams, and real-world scams. By hijacking norms and habits, scammers can trick an otherwise-intelligent person into giving up sensitive information that could leave them exposed to a cyber-attack.
You can use a couple of common sense tests to reduce the effectiveness of these social engineering attacks:
- Do I know this person/number/email address?
- Does this person really need to know my account number/SSN/2-Factor Authentication code?
- Am I absolutely confident that this person is a legitimate representative?
- By giving out this information, am I granting this person access to any of my sensitive information or personal data?
Running through questions like these before taking action can stop a scam or cyber-attack before it starts.
Matthew Fischer, CFA is a Wealth Advisor at Chicago Partners. Matt specializes in creating robust investment portfolios for his clients and helping answer any questions about investments, financial plans, or wealth planning in general.
Important Disclosure Information
Past performance may not be indicative of future results. Different types of investments involve varying degrees of risk, and there can be no assurance that the future performance of any specific investment, investment strategy, or product (including the investments and/or investment strategies recommended or undertaken by Chicago Partners Investment Group LLC (“CP”), or any non-investment related content, made reference to directly or indirectly in this commentary will be profitable, equal any corresponding indicated historical performance level(s), be suitable for your portfolio or individual situation, or prove successful. Due to various factors, including changing market conditions and/or applicable laws, the content may no longer be reflective of current opinions or positions. Moreover, you should not assume that any discussion or information contained in this commentary serves as the receipt of, or as a substitute for, personalized investment advice from CP. Please remember to contact CP, in writing, if there are any changes in your personal/financial situation or investment objectives for the purpose of reviewing/evaluating/revising our previous recommendations and/or services, or if you would like to impose, add, or to modify any reasonable restrictions to our investment advisory services. CP is neither a law firm nor a certified public accounting firm and no portion of the commentary content should be construed as legal or accounting advice. A copy of the CP’s current written disclosure Brochure discussing our advisory services and fees continues to remain available upon request.