In 2022-23, 32% of UK businesses claimed to have suffered a cyber attack. 24% of charities reported the same. The threat is also real for individuals with rising incidents of hacking, ransomware and other malicious activities in recent years.
With the average cost for cybercrime standing at £4,200 it is vital to ensure that your data and personal information are kept safe online. As financial planners, we are especially aware that these risks can undermine clients’ financial goals and stability.
Below, we offer an updated cybersecurity checklist for 2023 to help you guard your wealth and finances. We hope these insights are useful to you. Please contact us for more information or to speak with a financial adviser:
t: 01228 210 137
e: [email protected]
Have a plan for your device(s)
Many UK adults now hold much of their lives on their smartphone or tablet – taking it with them wherever they go. Their email account(s), online banking and other sensitive information are on there. Yet what would happen if your device got stolen or lost?
Consider putting a plan in place to find, lock or erase your device remotely if this happens. It is also generally wise to enable a password, fingerprint or facial recognition to prevent anyone else from easily accessing your device files.
You might also want to develop a separate plan for your wallet/purse. For instance, could you still cancel your bank card(s) quickly and easily if this got lost or stolen along with your phone? Have you memorised your emergency contact(s) so you are not left in a lurch in an unfamiliar place?
Build your IAM strategy
Identity and access management (IAM) is especially important in today’s digital age when hackers might steal someone’s name, identifying number or credit card number to impersonate them and commit fraud. Indeed, UK consumers lost a combined £1.2 billion across all fraud types last year. So it is a risk that needs guarding against.
One of the best defences against online fraud is using multi-factor authentication (MFA) – also known as 2-factor authentication (2FA). Here, you need to complete an extra step after entering your login information to an app or website.
For instance, if you log into your email account on a computer, you might need to approve the login using the Google Authenticator app on your phone; you may even be prompted to enter a code sent to your email address or phone number. This makes it much more difficult for someone to hack your account(s) remotely using just your password.
However, try not to neglect the risks of 2FA. Have backup options in place to prepare for the scenario of losing your phone (e.g. using a security key). Also, be mindful that using an app is generally considered better for 2FA than using SMS (text messaging).
This is because SMS is vulnerable to malware-based attacks, man-in-the-middle (MITM) attacks and phishing. For instance, certain malware exists which can infect smartphones with trojans which are specifically built to intercept one-time passwords (OTPs).
Prepare for ransomware
Ransomware (blocking a device or threatening to publish someone’s sensitive information) remains one of the biggest cybersecurity threats in 2023 to both individuals and firms. Since this tactic involves hackers demanding money until a ransom is paid, we are especially mindful of this threat as financial planners.
Good IT hygiene is a crucial first step to protecting yourself (e.g. installing good antivirus and malware software and scanning regularly for viruses). Another key step is to be very careful about clicking on links (URLs) in emails, social media messages and texts – especially if you are suspicious of the sender or it is a message you were not expecting.
Phishing emails can impersonate someone you trust (or an organisation/company) to try and convince you to click on a malicious link. This link can then can take you to a website which downloads malicious software to your device (e.g. a trojan horse) or which poses as a legitimate website – e.g. for your bank – where you could enter your login information.
Warning signs of a phishing scam include poor spelling and grammar in the message, panic tactics, a lack of personalisation, unsolicited attachments, links which do not match the domain and requests for sensitive information. If you are in any doubt, it is best to check directly with the organisation in question e.g by phoning your bank from the number on your bank card to check the message or request is genuine.
Practice good internet safety
So much of our daily activity is now conducted online – both for work and leisure. Yet a lack of knowledge about internet safety can lead to cybersecurity breaches. Here are some tips to help you protect yourself when browsing:
- Use a secure connection. For instance, be mindful that you have no control over the security of public WiFi (e.g. when sitting in a cafe). Avoid online shopping, mobile banking and other sensitive activities if you need to use public WiFi.
- Use strong passwords that are hard for hackers to guess. Also, try not to use the same password across multiple websites and apps.
- Check any websites before visiting. For instance, if a website has the “https” prefix (or a padlock symbol) then it means they have an “SSL certificate” – authenticating a website’s identity and enabling an encrypted connection.
Invitation
If you would like to discuss your financial plan and retirement strategy, then we would love to hear from you. Get in touch with your Financial Planner here at Vesta Wealth in Cumbria, Teesside and across the North of England.
Reach us via:
t: 01228 210 137
e: [email protected]
This content is for information purposes only. It should not be taken as financial or investment advice. To receive personalised, regulated financial advice regarding your affairs please consult your Financial Planner here at Vesta Wealth in Cumbria, Teesside and across the North of England.