Putnam Investments partners with Jeff Lanza, former FBI Special Agent with over 20 years of experience, to educate shareholders and advisors on the threats of cybercrime and how to protect themselves. He offers these three tips with actionable items you can implement to better protect sensitive and personal information.
1. Beware of phishing
Phishing is an online scam that targets individuals by sending them an email that appears to be from a well-known source — an internet service provider, a bank, or a mortgage company, for example.
The phishing email asks the individual to provide personal identifying information such as passwords, account numbers, or Social Security numbers. If they get that information, they could gain access to your email, bank, or other accounts. According to the Federal Trade Commission, scammers launch thousands of phishing attacks like these every day — and they’re often successful.
Four phishing email red flags
Never reply or click on suspicious links or attachments. If you click on an attachment, it could download malware to your computer!
2. Keep your devices free of malware
Let’s take a look at that same phishing email, only this time we will focus on the attachment. One of the most common ways that malware (MALicious softWARE) is downloaded to your devices is by clicking on an attachment in an email. Viewing and reading the email should not cause a problem, but clicking on the attachment will. Never click on attachments in emails from unknown senders or suspicious senders.
Other than not clicking on attachments, there are two more lines of defense:
- Use antivirus software. Your antivirus software provides perimeter security and will block some malware from downloading to your computer even if you do click in the wrong place. Be aware that hackers are always creating new malware, so keep your antivirus software updated.
- Keep your browser updated. Browsers such as Google Chrome, Mozilla Firefox, and Microsoft Edge provide a layer of security. If a threat is recognized, you may be warned not to continue. Browser updates nearly always include security improvements.
3. Use strong passwords or passphrases
- Use a strong password that is a minimum of 8 characters long with an upper case letter, lower case letter, a number, and a symbol.
- If a site’s login parameter accepts a passphrase, no complexity is needed, but the string should be at least 12 characters long.
- Use a unique password/passphrase for each account. This prevents hackers from getting a password from one breach and using it to breach other accounts.
Avoid the most common passwords
Source: Cybernews analysis of over 15 billion user passwords.
You might consider using a password manager. They are considered to be a reliable and secure way to store passwords.
Using a browser to store passwords has risks — if someone gains physical access to your computer or infects it with malware, it is possible they could log in with saved passwords.
What is a passphrase?
A passphrase is a sentencelike string of words used for authentication that is longer than a traditional password, easy to remember, and difficult for hackers to guess.
A passphrase should contain some complexity. The advantage to passphrases is that they are easy to come up with and easier to remember.
To learn much more about cybersecurity, contact your Putnam consultant team.