With the Equifax breach still making headlines, it can feel like no personal or financial information is completely safe and secure. If big corporations can get hacked, is there any hope for the rest of us in our private lives?
The answer is “yes” says Kimani Dinga, Vice President, Information Security at Boston Private. But you must be vigilant — and avoid situations where you may be vulnerable to people who will take advantage of any information you leave unprotected and available.
As the techniques used by hackers, cyber thieves, and online con artists continue to evolve and become more sophisticated, you need to be on alert and careful. “There are so many different ways that we’re being attacked now versus 15 years ago when you only connected to the internet either from your laptop or your desktop computer,” says Dinga. “Now, everything connects to the internet and most of these devices are not tested for vulnerabilities or safety concerns prior to being released.” Another way to look at this, he says, is to ask yourself: “How would you feel if cars were manufactured and sold without going through rigorous safety tests?”
In fact, recent research found a 16% increase in identity fraud and theft cases in 2016 from the previous year. In that study, digitally connected consumers who frequently shopped online and shared activity on social networks were 30% more likely to be fraud victims.
So, wherever you are — at home or at work, on the golf course or in the coffee shop — and whatever device you’re using — your TV, cell phone, tablet, thermostat, even your refrigerator — “if you connect to the internet, you’re a target. That’s the bottom line,” he cautions.
What is it about being online that makes us such vulnerable targets? One factor is the speed and ease with which we receive and process information in today’s world.
“Often we’re so busy and we’re consuming information so quickly, that we don’t stop to think about where it might have come from,” says Dinga. “That’s where cyber criminals can take advantage of you because they know you may not be paying close attention and you’re just going to click the link. And all it takes is one click, sometimes, to compromise your information.&rdquo
His suggestion: “Slow down a little bit, stop, and think. The information is not going anywhere.” To avoid the tendency to quickly click on a questionable link if you recognize the sender, he recommends:
Adding to our tendency to consume information quickly is the increasing focus by many application and game developers on ways to continuously engage us, getting us so hooked on a new app or game that we can’t bear to put our phones down, and we feel compelled to read every message. “Better to be discriminating about what items you respond to than to put your information in jeopardy,” says Dinga.
Another behavior that can put your personal information in jeopardy is the natural tendency to trust other people with whom we feel a connection. “This is where social engineering plays a huge role,” says Dinga. He defines social engineering as an opportunity for people to extract information from you to use against you. “They tap into your instincts to be friendly and socialize, then collect information they can use to engineer an attack,” he explains.
According to Dinga, “Social engineering can happen anywhere. You can be at a golf course or at a supermarket. In the past, you might have had innocent conversations. But now, because information is so valuable, people will use social engineering to target you and your data.”
“For example, let’s say you’re in a public place while talking with your colleagues about a new investment. Your adversaries may pick up non-public information that they can use for their own profit. Or you could be chatting with someone and mention that you are taking a vacation in two weeks. If you also mention where you live, they can come back and burglarize your residence.&rdquo
The solution? “Be very careful what you say wherever you are. Not just on social media,” he says.
Whether it’s in a business or a personal setting, be on the lookout for people who may using your good intentions and generosity against you. Trust your gut instincts. “Always remember that information is an extremely valuable asset, but in the wrong hands it can have a devastating impact,” cautions Dinga.
Sadly, once an identity thief or fraudster obtains your personal information, such as your Social Security number, your account numbers, your age, and your address, you may no longer be recognized as the legitimate owner of that information. As a result, you may be unable to gain access to your accounts and property, you could have medical services unexpectedly denied, and you could lose significant amounts of time, money, and opportunities due to damage control. Depending on the sensitivity of the information, you may also leave yourself open to coercion or blackmail.
Dinga offers six overall cautions—as well as specific steps—to protect your information so only authorized parties have access to it.
1. When interacting with others, be on guard for “social engineering.”
2. Be careful when using “smart” devices.
3. Protect data on portable devices and drives.
4. Exercise caution when using Cloud storage.
5. Handle personal documents with care.
6. Slow down when responding to your email and online messages.
If an email seems suspicious, delete it without opening any attachments or links within it.
Avoid clicking on standalone links even if they appear to be from a friend. (“Most friends and coworkers will not send a bare link without some explanation around it,” says Dinga.)
As for the Equifax breach, Dinga recommends freezing your accounts at the three main credit reporting agencies so no one gets access to your personal or financial information unless you know about it. “Just be sure you don’t a have a major loan in the works where the information may be needed,” says Dinga. Of course, you can always unfreeze your accounts in the future for a particular financial transaction.
For more information, check out the Federal Trade Commission (FTC) FAQ page on initiating a credit freeze.
1 - Source: 2017 Identity Fraud Study, Javelin Strategy & Research. https://www.javelinstrategy.com/sites/default/files/17-1001J-2017-LL-Identity-Fraud-Hits-Record-Highs-Javelin.pdf
The opinions expressed and information contained in this article are given in good faith, may be subject to change without notice, and are as of the date issued. The accuracy and completeness of this information is not guaranteed. Since each client’s situation is unique, please review your specific investment objectives, risk tolerance and liquidity needs with your advisor before a suitable investment strategy can be selected.
You are leaving the Boston Private website. By clicking "Continue" below, you will enter a website created, operated, and maintained by a private business or organization. Boston Private provides this link as a service to our website visitors. We are not responsible for the content, views, or privacy policies of this site. We take no responsibility for any products or services offered by this site, nor do we endorse or sponsor the information it contains.