Cybersecurity Awareness: What You Need to Know

 

man using laptop

October 2021 marks the 18th Cybersecurity Awareness Month — and cybercrime continues to evolve.1 Though you may not get as many emails promising bodily enhancements or asking you to keep some overseas funds in your checking account temporarily, the risk of falling victim to a cybercriminal is a real one. How up to speed are you about protecting yourself electronically in 2021? Learn more about a couple of the most common cybersecurity risks and ways to guard against them.


Phishing and Spear Phishing

Phishing occurs when a cybercriminal sends out a mass email, text, or another electronic message to random addresses. This message carries a harmful attachment or link that, when clicked, may provide the criminal with access to passwords, financial information, or even the entire computer’s hard drive. Some phishing attacks may be avoided if you make a rule not to open attachments to messages unless the message comes from a trusted source. Even this is not completely safe because spear phishing appears to come from a trusted source.

Spear phishing is more targeted than standard phishing.2 A spear-phishing attack spoofs (imitates) a specific individual's account in a convincing way, using information gleaned from sources such as LinkedIn, Facebook, or other social media to create a realistic persona of that individual. The spear-phishing attack sends a message to that individual's contacts with instructions to click a harmful link or download an attachment.

You might get an email from a coworker with a subject line related to something you're working on. If the content of the email just says, "Hey, need some information ASAP - can you check this out?" you may think nothing of clicking on a link in the email. Because spear phishing messages look like they come from a trusted source and generally include some corroborating information, they're harder to spot and avoid. 

It's good general practice to pick up the phone and give the sender a quick call or send an email reply to clarify if you get an unsolicited email asking you to click on something, especially if there is a sense of urgency. Do these extra steps before you click on something that may cause malware to install.


Connected Devices

Another potential cybersecurity risk involves connected or "smart" devices. Not only are these devices generally connected to your mobile phone or another device, allowing you to control them wirelessly, they might also be connected to the Internet.

Without taking proper precautions to shield these devices from a security breach—that could allow a hacker to gain control of such things as your virtual assistant, the thermostat, an internet router, or lights—you could be placing your entire home or office at risk. Some of these precautions include encrypting your connection, installing a device to monitor network traffic and alert you to potential threats, and utilizing two-factor authentication.
 


Sources

1https://www.cisa.gov/cybersecurity-awareness-month

2https://www.trendmicro.com/vinfo/us/security/definition/spear-phishing  


Important Disclosures:
 

Content in this material is for general information only and not intended to provide specific advice or recommendations for any individual.

All information is believed to be from reliable sources; however LPL Financial makes no representation as to its completeness or accuracy.
 

LPL Tracking #1-05172470


 

Check the background of investment professionals associated with this site on FINRA's BrokerCheck.

© 2018 DST Systems, Inc. Reproduction in whole or in part prohibited, except by permission. All rights reserved. Not responsible for any errors or omissions.

Securities and advisory services are offered through LPL Financial (LPL), a registered investment advisor and broker-dealer (member FINRA/SIPC). Insurance products are offered through LPL or its licensed affiliates. SEFCU and SEFCU Wealth Management Services ARE NOT registered as a broker-dealer or investment advisor. Registered representatives of LPL offer products and services using SEFCU Wealth Management Services, and may also be employees of SEFCU. These products and services are being offered through LPL or its affiliates, which are separate entities from, and not affiliates of, SEFCU or SEFCU Wealth Management Services. Securities and insurance offered through LPL or its affiliates are: 

The LPL Financial representatives associated with this Website may discuss and/or transact securities business only with residents of the following states: CA, CT, FL, MA, ME, NC, NJ, NY, PA, UT, VA, VT, and WI.