Brady Darrington, Senior Operations Manager, discusses cybersecurity and shares some of the best industry practices that may help you feel more comfortable in today’s cyberworld.
Hi. My name is Brady Darrington. I’m the Senior Operations Manager at FSA, and I’ve been with the firm for 13 years. Part of my job is to ensure that FSA is cyber compliant. And I wanted to share with you some of the best industry practices that, hopefully, can help you feel more comfortable in today’s cyberworld.
Tip number one is email security. Treat email like a postcard. If you wouldn’t be comfortable with the world reading it, don’t put it in an email. You should never put account numbers, social security numbers, or other personally identifiable information in an email. If we email you a document with this kind of data in it, we always use a secure encrypted service to send these attachments to you, as well as a link to get it safely back to us. Email is the most important account a cybercriminal will try to gain access to because once they do they’ll have access to all your conversations you’ve had with banks, advisors, real estate professionals, everyone, and they will leverage it to their advantage.
Email is the number one gateway to cybercrime, which brings us to tip number two. Phishing scams. Phishing is when fraudsters send fake emails and texts appearing to be from a trustworthy source, hoping that you will click on a link or an attachment. And the email may state that there’s been suspicious activity on your account and that you need to log in to verify the activity, but by clicking on those links, you can either download a virus or it will take you to a cloned website that looks legit, and if you enter any of your personal data there, you are essentially just handing it over to the bad guys. The best thing to do to check the credibility of such claims is to always go to the website itself. And a website’s encrypted and secure if it has either a lock symbol to the left of the URL address or an HTTPS in front of it. The S in HTTPS stands for secure and it uses encryption, and you should be wary of entering any personal information in any site that doesn’t either have the lock symbol or the S in the address.
Cybercriminals have a sophisticated program that allows them to test usernames and passwords against multiple financial institution websites. If they can scam you out of any passwords, they will test them against all of these sites to see where else that password may work.
So that leads us to the third and final tip of today, passwords. Cybercriminals have the technology to break short passwords in a short amount of time. So even by extending them out just a few more characters prevents them from easily being broken. And they also need to be unique for every site that you visit, but I get it, how do you make a password unique and long enough, and how do you remember it and store it for every website?
The answer is a password manager. Passwords are as annoying as they are necessary, and a good password manager will keep you secure while making it easier to juggle the nebulous amount of passwords that you need to exist on the internet. Password managers create and store unique and long passwords for every site, and you only need to remember one master password to login and gain access to all of them. And in case you’ve never heard of a password manager, you can simply Google it to find out more, or some of the more well-known ones are LastPass or Dashlane, just to name a few. Two-factor authentication or multi-factor authentication should always be enabled when available. What that is is it requires an individual to provide two or more credentials in order to authenticate your identity. We use this whenever we can at the firm to ensure that our employees are the only ones who are able to access client data.
So E-authorization is Schwab’s secure way to kick off the money movement from your account to a third party, and it requires you to sign into your account with your credentials to authorize the transaction. If you have a smartphone to authorize this, it can be set up to require your fingerprint or your face ID to authorize. Lastly, to prevent unauthorized phone access to your accounts, did you know that you can call Schwab and have them add voice recognition? It’s pretty neat. You simply just call up the Schwab Alliance team at 1-800-515-2157 and tell them that you’d like to set up your voice as your password on your accounts.
Cybercriminals and fraudsters are getting more sophisticated in their methods of stealing identities and gathering our secure information. We need to do our part to thwart their methods. I hope you’ve taken one thing from today’s video that will help secure your online access more than it currently might be. We at FSA continually strive to stay at the forefront of cybersecurity to protect our client’s data.
So stay safe out there. Not only do we now need to be wary of physical viruses but also cyber ones. And this has been Technical Tuesday with Brady Darrington. Hope everyone has a safe and happy holiday.