Protect Yourself and Your Loved Ones Against Fraud

June is Elder Abuse Awareness Month. During the pandemic, scammers have targeted vulnerable populations with cyber and financial crimes at an alarming rate. According to the Federal Trade Commission: Older Americans reported fraud losses totaling $388 million through the third quarter of 2020.(1)

The key to protecting yourself and your loved ones from fraud is constant vigilance. This checklist summarizes common cyber fraud tactics, along with tips and best practices. Many suggestions may be things you’re doing now, while others may be new. We also cover actions to take if you suspect that your personal information has been compromised. If you have questions, we’re here to help.

Cyber criminals exploit our increasing reliance on technology. Methods used to compromise a victim’s identity or login credentials – such as malware, phishing, and social engineering – are increasingly sophisticated and difficult to spot. A fraudster’s goal is to obtain information to access to your account and assets or sell your information for this purpose. Fortunately, criminals often take the path of least resistance. Following best practices and applying caution when sharing information or executing transactions makes a big difference.

Safe practices for communicating with our firm

  • Keep us informed regarding changes to your personal information.
  • Expect us to call you to confirm email requests to move money, trade, or change account information.

Follow general best practices

  • Be suspicious of unexpected or unsolicited phone calls, emails, and texts asking you to send money or disclose personal information. If you receive a suspicious call, do not accept it, hang up, and call back using a known contact number.
  • Be cautious when sharing sensitive information and conducting personal or confidential business via email, since it can be compromised and used to facilitate identity theft.
  • Do not disclose personal or sensitive information on social media sites, such as your birthdate, contact information, and mother’s maiden name.
  • Be cautious when receiving money movement instructions via email. Call the sender at their known number (not a number provided in the email) to validate all instruction details verbally before following instructions or providing your approval.
  • Protect yourself from phishing attempts and malicious links (see glossary for additional information).
  • Check your email and account statements regularly for suspicious activity.
  • Do not verbally disclose or enter confidential information on a laptop or mobile device in public areas where someone could potentially see, hear, or access your information.
  • Verify payment requests you receive by phone or email. Requests for you to make payments using prepaid debit cards, gift cards, or digital currency are frequently associated with fraud or scams.

Keep your technology up to date

  • Keep your web browser and operating system up to date, and be sure you’re using appropriate security settings. Old software, operating systems, and browsers can be susceptible to attack.
  • Install anti-virus and anti-spyware software on all computers and mobile devices.
  • Enable the security settings on your applications and web browser.
  • Do not use free or found USB thumb drives—they could be infected with viruses or malware.
  • Turn off Bluetooth when it’s not needed, to protect against individuals gaining access to your devices using Bluetooth connections.
  • Safely and securely dispose of old hardware.

Be cautious with public networks

  • Avoid using public computers. If you must use one, go to the browser settings and clear the browser history (cache) and cookies when you’re finished.
  • Only use wireless networks you trust or that are protected with a secure password.
  • Use your personal Wi-Fi hotspot instead of public Wi-Fi.
  • Do not accept software updates if you are connected to public Wi-Fi.

Be strategic with your login credentials and passwords

  • Do not use personal information such as your Social Security number or birthday as part of your login ID.
  • Create a unique password for each financial institution you do business that are long and contain a combination of characters, numbers, and symbols. Consider using a password manager to create, manage, and store passwords that are unique and secure.
  • Do not share your passwords.
  • Use two-step verification whenever possible.

Be sure you’re on a secure website

  • Check the URL to see if it’s a secure connection. Secure sites begin with https rather than http, and are generally considered safer.
  • Check the address bar for site validity indicators whenever you log in to a website. Some browsers use green text or security symbols to indicate a secure and verified site.
  • Download apps only from the Google Play Store or the Apple App Store®.
  • Do not visit websites you don’t know—for example, websites advertised on pop-up ads and banners.
  • Log out completely to terminate access when you’ve completed a secure session, such as with online banking or a credit card payment.

Beware of phishing

  • Do not click on links or attachments in emails and text messages if you question the validity of the sender. Instead, type the real web address in your browser.
  • Hover over questionable links to reveal the site’s full URL and see where the link really goes. Do not click on links that don’t match the sender or don’t match what you expect to see.
  • Be suspicious of emails that have grayed-out Cc: and To: lines—they may have been sent to a mass distribution list.
  • Check the sender’s domain name in the email address (john.doe@email.com) to see if it matches what you would expect to see.
  • Activate the spam filters in your email settings tab. This will help prevent unsolicited emails from coming to your inbox.

Glossary

Two-step verification (aka multi-factor authentication)

A method of confirming your identity using a second step to verify who you are. For example, the first step might be to enter your username and password, and the second step might be to enter a randomly generated number sent to you via email, text, phone call, or token.

Phishing

The fraudulent practice of sending emails or text messages appearing to be from reputable companies or trusted individuals in an attempt to get individuals to reveal personal information such as passwords and credit card numbers. Phishing attempts are usually urgent-sounding, legitimate looking emails or texts designed to trick you into disclosing personal information or installing a virus on your device. These scams can be sent as attachments or links that, when opened or clicked, may trigger malicious activity or take you to fake sites that resemble the real business websites.

Password manager

An encrypted online or cloud-based program that generates, retrieves, and keeps track of random passwords across countless accounts and also protects information such as passwords, PINs, credit card numbers and their three-digit CVV codes, and answers to security questions.

Domain name

As it relates to an email address, this is the information that comes after the @ symbol—for example, email.com in jane.doe@email.com.

Spam filter

A program that detects unsolicited and unwanted emails and prevents them from reaching your email inbox. Usually these types of emails are instead sent to a spam folder.

Malware

Software that is intended to damage or disable computers and computer systems.

Learn more

(1) https://www.ftc.gov/system/files/documents/reports/protecting-older-consumers-2019-2020-report-federal-trade-commission/p144400_protecting_older_adults_report_2020.pdf

IMPORTANT DISCLOSURE INFORMATION

Please remember that past performance may not be indicative of future results.  Different types of investments involve varying degrees of risk, and there can be no assurance that the  future  performance  of  any  specific  investment,  investment  strategy,  or  product (including  the  investments  and/or  investment  strategies  recommended  or  undertaken by Private Ocean,  LLC [“Private  Ocean”]),  or  any  non-investment  related  content,  made reference to directly or indirectly in this blog will be profitable, equal any corresponding indicated  historical  performance  level(s),  be  suitable  for  your  portfolio  or  individual situation,  or  prove  successful.    Due  to  various  factors,  including  changing  market conditions  and/or  applicable  laws,  the  content  may  no  longer  be  reflective  of  current opinions  or  positions.    Moreover,  you  should  not  assume  that  any  discussion  or information  contained  in  this  blog  serves  as  the  receipt  of,  or  as  a  substitute  for, personalized investment advice from Private Ocean.  Please remember that if you are a Private Ocean client, it remains your responsibility to advise Private Ocean, in writing, if there are any changes in your personal/financial situation or investment objectives for the purpose of reviewing/ evaluating/ revising our previous recommendations and/or services, or  if  you  would  like  to  impose,  add,  or  to  modify  any  reasonable  restrictions  to  our investment advisory services. To the extent that a reader has any questions regarding the applicability of any  specific issue discussed above to his/her individual situation, he/she is encouraged to consult with the professional advisor of his/her choosing. Private Ocean is  neither  a  law  firm  nor  a  certified  public  accounting  firm  and  no  portion  of  the blog content should be construed as legal or accounting advice. A copy of the Private Ocean’s current written disclosure Brochure discussing our advisory services and fees is available for  review  upon  requestor  at www.privateocean.com. Please note: Private  Ocean does not  make  any representations  or  warranties  as  to  the  accuracy,  timeliness,  suitability, completeness,  or  relevance  of  any  information  prepared  by  any  unaffiliated  third  party, whether  linked  to Private  Ocean’s web  site  or blog  or  incorporated  herein,  and  takes  no responsibility   for   any   such   content. All   such   information   is   provided   solely   for convenience  purposes  only  and  all  users  thereof  should  be  guided  accordingly. Please also note: If  you  are  a Private  Ocean client, please advise  us if you have not been receiving account statements (at least quarterly) from the account custodian.

Leave a Comment