Did you know that, according to a blog post by Sanskriti Jain on getastra.com, cybersecurity statistics indicate that there are 2,200 cyber attacks per day, with a cyber attack happening every 39 seconds on average? Many cybercriminals are using social engineering to access computer systems, gather information, or make money. Social engineering is when someone tries to manipulate you into performing an action or sharing confidential information, and unfortunately, most successful attacks are caused by human error. If you educate yourself about some common social engineering methods, you may be able to recognize them and stay safe from an attempted attack.
There are several different social engineering methods that cybercriminals may use to trick you. Here are three common methods and examples of each one:
1. Malicious links
Cybercriminals may use malicious links to trick you into downloading dangerous software or opening an unsafe webpage. You may receive a phishing email, which is an email that may try to convince you to share sensitive information, click an unsafe link, or even download a malicious attachment. For example, you might receive an email with a link to access tracking information for a shipment. If the email appears legitimate, you may be tempted to click the link, which could download malicious software that allows the cybercriminal to control your computer.
2. Fake webpages
Cybercriminals may create fake webpages to trick you into logging into the website or entering sensitive information. For example, you may receive a phishing email containing a link to LinkedIn. If you click on the link and enter your login credentials, the cybercriminal now has those credentials and can log into your actual LinkedIn account. Now they can view your personal information and change your password, preventing you from further accessing your account. Another very common example is phishing emails containing links to DocuSign.
3. Impersonation
Cybercriminals may impersonate a celebrity or even someone you know to try and trick you into revealing sensitive information, clicking an unsafe link, or downloading a malicious attachment. For example, you could receive a phone call from a cybercriminal posing as your internet provider. They could tell you your payment is overdue and mention your account number and date of birth, which may lead you to provide your payment information. These types of impersonation attacks can also occur over email, text message or social media.
So how do you stay safe from social engineering? Here are some tips you can use to help protect yourself:
Before clicking on a link, hover your mouse over the link to make sure that the link is secure and matches the website you’re looking for.
Instead of clicking a link or a button in an email to go to a website, visit the website directly by entering the URL into your address bar.
Before sharing any sensitive information, such as your date of birth or banking information, you should always verify that the source you’re sharing the information with is legitimate.
If someone you know messages you to ask questions about your organization or sends you a link, you should contact that person directly to make sure the request is legitimate. If a message or call seems suspicious, it is likely suspicious.
By taking a few minutes to exercise caution before clicking on links or providing sensitive information, etc, you may be able to prevent a cyber attack from occurring. Register for our upcoming elder fraud seminar on Oct. 8 by visiting the following link: https://www.reichassetmanagement.com/events.
Securities offered through Kestra Investment Services, LLC (Kestra IS), member FINRA/SIPC. Investment advisory services offered through Kestra Advisory Services, LLC (Kestra AS), an affiliate of Kestra IS. Reich Asset Management, LLC is not affiliated with Kestra IS or Kestra AS. The opinions expressed in this commentary are those of the author and may not necessarily reflect those held by Kestra Investment Services, LLC or Kestra Advisory Services, LLC. This is for general information only and is not intended to provide specific investment advice or recommendations for any individual. It is suggested that you consult your financial professional, attorney, or tax advisor with regard to your individual situation. To view form CRS visit https://bit.ly/KF-Disclosures.
Eric is President and founder of Reich Asset Management, LLC. He relies on his 25 years of experience to help clients have an enjoyable retirement. He is a Certified Financial Planner™ and Certified Investment Management AnalystSM (CIMA®) and has earned his Chartered Life Underwriter® (CLU®) and Chartered Financial Consultant® (ChFC®) designations.
