How Advisors Can Stay Vigilant About Cybersecurity

The word “cybersecurity” may bring up images of Mission Impossible gadgets and rooms filled with black-clad hackers. However, in this day and age, the reality of the situation is much less glamorous and much more pressing—cybersecurity impacts every industry and anyone with an internet-connected device.

According to recent data from cybersecurity education company Cybint, almost 60 percent of small businesses have experienced cyberattacks. For financial advisors, who are entrusted with clients’ sensitive financial information, a cyberattack could put their clients’ personal information and nest egg at risk.

Here are some tips to help you strengthen your business’s online security practices:

Practice good password management.

We know, it’s a pain – but if you’re still using the same password to log into your work email, Facebook profile, Amazon account and professional systems, you are extremely vulnerable to being hacked. Consider using a password manager and implementing password encryption for important documents. Generally, writing all your passwords on a Post-It note that’s stuck to the side of your laptop is not a best practice.

Keep your software up-to-date.

Your computer wants to auto-install updates for a reason: Typically, these updates are there to help fix a security blind spot or provide better immunity for a common computer virus. It might take a few minutes out of your work day, but installing updates as soon as they’re available can help keep your devices safe and secure.

Beware of suspicious emails, texts and phone calls.

One of the most popular ways hackers gain access to people’s computers and mobile devices is through the process of “phishing.” Phishing scams typically involve a cyber-criminal crafting a fake email or text message that looks like it’s from someone you know or from a company you trust.
When you open the email or message, you’ll be prompted to click a link, which won’t lead you to a document to review or an order confirmation page, but to a foreign site that will automatically download malware to your device. The type of malware will vary, but it’s possible for scammers to gain access this way to your location data, saved passwords, credit card numbers and basically anything else you have on your device.

Know the signs of phishing.

So how do you spot a phishing email? First, take a good look at the sender’s email address or phone number. Often, scammers will use a web domain that is nearly identical to your company’s and may go to some lengths to have the “sender” appear be someone you know.

Before opening any external links in an email, double check the address to make sure it matches. For example, let’s say you work at a firm called Fake Site, and your colleague’s normal address is connie@fakesite.com. If Connie sends you a strange email with a shortened link to click, first look to make sure her email address is correct. If you see a slight variation of it, such as cannie@fakesite.com, connie@fakkesite.com, or connie@fakesite.co, delete the email immediately and report it to your tech department.

Additionally, many hackers purposefully fill spam emails and texts with bad grammar and misspellings, and that’s by design: They are targeting people who will overlook those things, because they’re more likely to overlook other red flags as well.

To learn more about how HighTower can help advisors protect their clients and businesses from cyberattacks, email us at advisorsuccess@hightoweradvisors.com.