Defending Yourself Against Keyboard Criminals

By Michael Hopper, CFP®, CTFA

During a recent visit to my mother- and father-in-law’s, I found them huddled anxiously around their computer while talking to someone unfamiliar on speakerphone. As I drew nearer to their monitor, I could just make out an internet pop-up claiming that their computer had been infected with approximately 12,353 different viruses and urging them to contact “Apple tech suport (sic)” immediately for assistance. 

Sensing what was really happening, I asked the “Apple employee” if he had ever heard the names Steve Jobs or Tim Cook. The reply came back, “Never heard of them. Who are they?” At that point, my father-in-law thankfully realized the scam and ended the call before any damage could be done.  

Unfortunately, cyberscams and cyberattacks like this have become all too common — not only for individuals but for corporations and municipalities, too. Earlier this year, a ransomware attack on Colonial Pipeline resulted in fuel shortages across the East Coast, all due to a single compromised password. Locally, hackers gained access to the City of Tulsa network, crippling a variety of city services for months and potentially exposing thousands of residents’ private information. 

Thankfully, you can help protect yourself by following these five tips:

• Use strong passwords with eight or more characters, containing a mix of letters, numbers and symbols. Perhaps of even greater importance, never reuse passwords across different sites and apps. If you struggle with that last point, consider using a password manager such as Dashlane or LastPass.
• If a website or app offers two-factor or multi-factor authentication, use it. By entering both your password and a randomly generated code sent to your cellphone, it becomes exponentially more difficult for a hacker to breach your account. This extra layer of protection helps you avoid being the lowest-hanging fruit for would-be hackers. 
• Never open attachments or click links in emails from unknown senders, no matter how urgent or real they appear to be. Most malware or ransomware attacks are initiated through links or attachments in fake emails, otherwise known as phishing emails.
• If you use social media such as Facebook, only add people you know. Of equal importance, limit the amount of personal information you share on social media.  
• When in doubt, ask someone you trust for a second opinion. Scammers frequently create a false sense of urgency or familiarity with you, and they can often be very convincing. Let someone you trust act as a second set of eyes.