Alert:
Cybersecurity and Fraud
Accessing online and mobile financial and investment services has become a standard for many Canadians. Cybercriminals from around the globe seek to take advantage of this trend while staying largely anonymous. Even the most savvy and experienced investors must be vigilant to safeguard their information against tactics employed by cybercriminals.
This article explores the landscape of cyber threats and offers practical advice on how you can protect yourself from becoming a victim of digital fraud.
Understanding the Cyber Threat Landscape
Cybercrime includes a wide range of illicit activities carried out electronically from anywhere in the world. So long as people like you invest and handle money electronically, there will be bad actors wanting to steal your information and money. Investors are particularly prone to these threats while navigating the complicated world of online trading, managing portfolios, and coordinating electronic trades.
How to Protect Yourself
Learn: Knowledge is your best defense against cybercriminals. See Knowledge as Defense section for a list of common attacks and simple defensive strategies.
Secure Your Devices: Ensure your devices (computer, phone, tablet, etc.) have up-to-date security software. Utilize strong and unique passwords for each online account, enable two-factor authentication whenever possible, and regularly update operating systems.
Use a Secure Network: Avoid connecting to, and accessing sensitive information through public Wi-Fi networks, which are highly susceptible to being hacked. Instead, rely on secure and private networks, such as a Virtual Private Network (VPN).
Beware of Phishing Attempts: Cybercriminals attempt to phish through emails, text messages and phone calls by tricking you into revealing sensitive information to gain access to your accounts. Always be skeptical of requests for your personal information, take the time to verify who you’re sending information to, and stick to official websites, email addresses, phone numbers, etc.
Regularly Monitor Accounts: Regularly review your bank statements, investment portfolios, and other accounts to identify unauthorized or suspicious activity. Report any concerns to your financial institution as soon as possible.
Diversity: Spreading investments across different assets and platforms can help avoid the impact of security breaches.
Stay Cautious with Social Media: Everything you share on social media becomes public information, which cybercriminals can use to exploit you. While it is nice to share details of your life with family and friends online, every detail could be used by cybercriminals to impersonate you, guess your passwords, and more.
Conclusion
As the digital landscape continues to evolve, so do tactics used by cybercriminals. For example, artificial intelligence has recently been used to spoof images, voices and communications at scale. Useful technologies can always be exploited which is why informed investors make the safest investors.
Knowledge as Defense
Knowing the methods cybercriminals use to compromise investor information is the best way to protect yourself. It is important to understand this list includes only some methods of attack.
Phishing attacks
Cybercriminals send deceptive emails or messages pretending to be from legitimate financial institutions, luring you to click on malicious links or to provide sensitive information.
Verify the legitimacy of the emails by checking the sender’s email address, verify text messages by contacting the sender through an official channel, avoid clicking on suspicious links, and refrain from sharing your information via email. Always enable “two-factor” authentication when available.
Ransomware
Malicious software infects your files or devices and attacker demands payment or risk exploitation.
Regularly backup important data offline, install reputable antivirus software, use caution when opening attachments in emails or downloading files from unfamiliar sources.
Identity Theft
Attacker steals your information to impersonate and access your financial accounts.
Use strong, unique passwords for each of your financial accounts. Regularly monitor your accounts for activities you do not recognize, or your advisor never mentioned. Be aware ANYTHING you post on social media can be used by cybercriminals.
"Man-in-the-middle" Attacks
Attacker intercepts communication between you and the financial platform, gaining access to sensitive information.
Avoid using public Wi-Fi connections, especially those not requiring a password. Consider using a “Virtual Private Network” (VPN) and always check for “https” in the website URL before entering sensitive information.
Social Engineering Attacks
Cybercriminals gain your trust or manipulate you into sharing personal information later used to access your accounts.
Be cautious of unsolicited communications and verify the identity of anyone requesting your information.