Cybersecurity Tips for 2021

January 15, 2021

Estimated Reading Time: 6 minutes

Cybersecurity Tips for 2021

2020 brought us deeper into the immersion of technology into our everyday lives. With the COVID pandemic increasing our everyday reliance on technology, it is more important than ever to take smart, secure approaches to protecting our digital information.

We’ve put together a guide of practical advice you can use to secure your digital life - financial and otherwise. Below you will find advice on best practices for cybersecurity, tips for staying safe online, and how to recognize and avoid phishing attempts.

Best Practices for Cybersecurity

Be skeptical. If you receive a phone call, text message, or email from someone you do not know, ask yourself how much information you are willing to give to this stranger.

Be cautious. Never send money or disclosure sensitive personal information (like social security or credit card numbers) to someone you do not already trust.

Be discerning. Some websites will ask for information like your mother’s maiden name, your birth town, or your phone number. While these bits of data cannot be used to directly access your accounts, they can be used in password recovery schemes.

Be proactive. Regularly checking your bank accounts and your email can quickly bring to your attention a charge or login you were not expecting. Many banks offer fraud protection, and many services will send you a notification email informing you of a new login.

Be safe. Public areas like grocery stores, coffee shops, or public transportation are not good areas to disclose sensitive information out loud.

Be aware. If you receive a call asking you for payment via gift cards, prepaid debit cards, or bitcoin, recognize these are not legitimate requests.

Be Careful of Public Networks

Many public spaces like coffee shops or boutique shops now offer WiFi to their patrons. These WiFi networks are generally unsecured - think twice before connecting to them. If your wireless plan includes setting up a hotspot, consider using the hotspot instead. A hotspot is basically a WiFi network from your phone and includes a secure password.

If you are connected to a public network, do not install any software updates. Hackers often disguise their bugs as “software updates” or other seemingly-benign updates that can, once installed, cause trouble on your device.

Use Secure Login Credentials and Passwords

When creating your usernames and passwords, do not use personal information like your social security number, birthday, or home address. This information is often the easiest to guess, and much of it can likely be found publicly online (aside from your SSN).

Consider using passwords that use a combination of lowercase letters, uppercase letters, numbers, and symbols. As passwords get longer, they become more difficult to guess. A password with more than eight characters is considered a secure password, but the longer the better.

If the service you are using (Google, Amazon, etc.) offers two-step (or two-factor) authentication, enabling it creates a much more secure defense against any unauthorized user trying to access your account. The two-step authentication process ensures that it is actually you (or someone you recognize) who is trying to access the account.

If you are like most of us, remembering usernames and passwords for your accounts is both troublesome and exhausting. To avoid becoming overly-familiar with the process of resetting your passwords, you can use a password manager like LastPass which both generates secure passwords and automatically stores them in a secure place, which can be used to autofill usernames and passwords.

Best Practices for Using Websites Safely

Although many websites automatically show a secure lock next to the website address (URL), some sites do not have this type of security. Be careful of entering any information into websites that do not have a closed lock next to the URL bar.

Another common scheme to obtain users’ information is sending them to a webpage they were not expecting through an advertisement, popup, or banner. If you find yourself on a website you do not recognize or do not know, exit out of the webpage and do not enter any sensitive information.

Beware of Phishing Attempts

Phishing is the fraudulent practice of sending emails or texts appearing to be from reputable companies (Chase, Apple, etc.) with the intention of getting users to reveal their passwords, account numbers, or credit card numbers.

Phishing attempts usually come with an extreme sense of urgency (URGENT: Your Chase Account) and have attachments or links that look like legitimate links, but can be harmful if clicked on.

If you suspect an email may be a phishing attempt, do not click on anything inside the message and call the company directly if you suspect they are trying to reach you. The company will be able to verify that they did or did not contact you with a legitimate request.

When calling the company, use the phone number listed on the back of your card or the number on their website - do not use any phone numbers listed inside the phishing email itself (it is likely a fraudulent number).

A Final Word

As we become more and more dependent on technology, the frequency and sophistication of cybersecurity attacks will only increase. It is always important to have a trusted friend, family member, or associate you trust in case you are presented with a situation you are unsure of.

At Chicago Partners, we take the security of our clients seriously, and if you ever have any questions or suspicious activity appear on your account, we will be ready to help.


Important Disclosure Information

Past performance may not be indicative of future results. Different types of investments involve varying degrees of risk, and there can be no assurance that the future performance of any specific investment, investment strategy, or product (including the investments and/or investment strategies recommended or undertaken by Chicago Partners Investment Group LLC (“CP”), or any non-investment related content, made reference to directly or indirectly in this commentary will be profitable, equal any corresponding indicated historical performance level(s), be suitable for your portfolio or individual situation, or prove successful. Due to various factors, including changing market conditions and/or applicable laws, the content may no longer be reflective of current opinions or positions. Moreover, you should not assume that any discussion or information contained in this commentary serves as the receipt of, or as a substitute for, personalized investment advice from CP. Please remember to contact CP, in writing, if there are any changes in your personal/financial situation or investment objectives for the purpose of reviewing/evaluating/revising our previous recommendations and/or services, or if you would like to impose, add, or to modify any reasonable restrictions to our investment advisory services. CP is neither a law firm nor a certified public accounting firm and no portion of the commentary content should be construed as legal or accounting advice. A copy of the CP’s current written disclosure Brochure discussing our advisory services and fees continues to remain available upon request.

January 15, 2021

Estimated Reading Time: 6 minutes

Cybersecurity Tips for 2021

2020 brought us deeper into the immersion of technology into our everyday lives. With the COVID pandemic increasing our everyday reliance on technology, it is more important than ever to take smart, secure approaches to protecting our digital information.

We’ve put together a guide of practical advice you can use to secure your digital life - financial and otherwise. Below you will find advice on best practices for cybersecurity, tips for staying safe online, and how to recognize and avoid phishing attempts.

Best Practices for Cybersecurity

Be skeptical. If you receive a phone call, text message, or email from someone you do not know, ask yourself how much information you are willing to give to this stranger.

Be cautious. Never send money or disclosure sensitive personal information (like social security or credit card numbers) to someone you do not already trust.

Be discerning. Some websites will ask for information like your mother’s maiden name, your birth town, or your phone number. While these bits of data cannot be used to directly access your accounts, they can be used in password recovery schemes.

Be proactive. Regularly checking your bank accounts and your email can quickly bring to your attention a charge or login you were not expecting. Many banks offer fraud protection, and many services will send you a notification email informing you of a new login.

Be safe. Public areas like grocery stores, coffee shops, or public transportation are not good areas to disclose sensitive information out loud.

Be aware. If you receive a call asking you for payment via gift cards, prepaid debit cards, or bitcoin, recognize these are not legitimate requests.

Be Careful of Public Networks

Many public spaces like coffee shops or boutique shops now offer WiFi to their patrons. These WiFi networks are generally unsecured - think twice before connecting to them. If your wireless plan includes setting up a hotspot, consider using the hotspot instead. A hotspot is basically a WiFi network from your phone and includes a secure password.

If you are connected to a public network, do not install any software updates. Hackers often disguise their bugs as “software updates” or other seemingly-benign updates that can, once installed, cause trouble on your device.

Use Secure Login Credentials and Passwords

When creating your usernames and passwords, do not use personal information like your social security number, birthday, or home address. This information is often the easiest to guess, and much of it can likely be found publicly online (aside from your SSN).

Consider using passwords that use a combination of lowercase letters, uppercase letters, numbers, and symbols. As passwords get longer, they become more difficult to guess. A password with more than eight characters is considered a secure password, but the longer the better.

If the service you are using (Google, Amazon, etc.) offers two-step (or two-factor) authentication, enabling it creates a much more secure defense against any unauthorized user trying to access your account. The two-step authentication process ensures that it is actually you (or someone you recognize) who is trying to access the account.

If you are like most of us, remembering usernames and passwords for your accounts is both troublesome and exhausting. To avoid becoming overly-familiar with the process of resetting your passwords, you can use a password manager like LastPass which both generates secure passwords and automatically stores them in a secure place, which can be used to autofill usernames and passwords.

Best Practices for Using Websites Safely

Although many websites automatically show a secure lock next to the website address (URL), some sites do not have this type of security. Be careful of entering any information into websites that do not have a closed lock next to the URL bar.

Another common scheme to obtain users’ information is sending them to a webpage they were not expecting through an advertisement, popup, or banner. If you find yourself on a website you do not recognize or do not know, exit out of the webpage and do not enter any sensitive information.

Beware of Phishing Attempts

Phishing is the fraudulent practice of sending emails or texts appearing to be from reputable companies (Chase, Apple, etc.) with the intention of getting users to reveal their passwords, account numbers, or credit card numbers.

Phishing attempts usually come with an extreme sense of urgency (URGENT: Your Chase Account) and have attachments or links that look like legitimate links, but can be harmful if clicked on.

If you suspect an email may be a phishing attempt, do not click on anything inside the message and call the company directly if you suspect they are trying to reach you. The company will be able to verify that they did or did not contact you with a legitimate request.

When calling the company, use the phone number listed on the back of your card or the number on their website - do not use any phone numbers listed inside the phishing email itself (it is likely a fraudulent number).

A Final Word

As we become more and more dependent on technology, the frequency and sophistication of cybersecurity attacks will only increase. It is always important to have a trusted friend, family member, or associate you trust in case you are presented with a situation you are unsure of.

At Chicago Partners, we take the security of our clients seriously, and if you ever have any questions or suspicious activity appear on your account, we will be ready to help.


Important Disclosure Information

Past performance may not be indicative of future results. Different types of investments involve varying degrees of risk, and there can be no assurance that the future performance of any specific investment, investment strategy, or product (including the investments and/or investment strategies recommended or undertaken by Chicago Partners Investment Group LLC (“CP”), or any non-investment related content, made reference to directly or indirectly in this commentary will be profitable, equal any corresponding indicated historical performance level(s), be suitable for your portfolio or individual situation, or prove successful. Due to various factors, including changing market conditions and/or applicable laws, the content may no longer be reflective of current opinions or positions. Moreover, you should not assume that any discussion or information contained in this commentary serves as the receipt of, or as a substitute for, personalized investment advice from CP. Please remember to contact CP, in writing, if there are any changes in your personal/financial situation or investment objectives for the purpose of reviewing/evaluating/revising our previous recommendations and/or services, or if you would like to impose, add, or to modify any reasonable restrictions to our investment advisory services. CP is neither a law firm nor a certified public accounting firm and no portion of the commentary content should be construed as legal or accounting advice. A copy of the CP’s current written disclosure Brochure discussing our advisory services and fees continues to remain available upon request.