Be Careful Out There!

This is not my favorite topic for sure, plus we have all heard it a million times…but in the recent weeks we have seen a serious uptick in attacks and scams. They range beyond the usual email stating someone is going to give you millions of dollars for helping them or the fake calls from Amazon or Microsoft. We have seen two instances of hackers gaining access to the boss’ email and sending an email request to the controller, requesting a bank wire. Unfortunately, in one case $450,000 was wired as instructed. Unlikely they will see that money again. I received an email, supposedly from one of our employees, requesting me to update their payroll auto deposit information. Yep, got right on that one. They are not just targeting large corporations.

Cyber-attacks are not just a problem for companies but also for individuals.

If your computer can be compromised, it can be used as part of other attacks. These attacks are often used to disrupt businesses, but since we all deal with businesses every day, the attacks can affect us as well. Companies like FireEye and CheckPoint visually plot the threats.

So, what should we do to protect ourselves?

• Always have a backup of your computer or device. Antivirus programs only do so much…
• Use common sense, apply the “Sniff” test. Does it smell right?
• If you are a CPA…test for reasonableness.
• Don’t engage phone scammers…if you want to extend your car warranty, call your dealer.
• Don’t open unknown emails and click on links. This can be the start of very bad things. If you are a business, you should work with your computer support people to create a comprehensive threat management program which should also include testing for vulnerabilities in your systems.

A personal pet peeve is passwords.

It seems that everyone under the sun has their own idea of what a secure password is. Upper & Lower Case, Number, Special Character, blah, blah…except they all seem to have a different idea of what is needed and/or excluded. Outside of two-factor authentication, the most secure password is a passphrase (including spaces if allowed.) There is no substitute for a long password/passphrase. An example: “Minors not Miners” the approximate crack time for this passphrase is 1 century. Compare that with “Bob123$” which can be cracked in 13 seconds. You should use different passwords for each program so that in the event someone gets your Facebook password they don’t also get your bank password.

We use an application called USE A PASSPHRASE to test the security of our passwords. If you store passwords in your browser (Chrome, Safari, etc.) remember, if your computer password is known, someone can gain access to all the stored passwords.

While I am not trying to solve every security issue you may have, my purpose it to remind you to be vigilant in protecting yourself and your family. There is no shortage of “How-To” information available on the internet. Just don’t click on the “Make My Computer Secure” link or ad which displays on the page with the information on how to protect yourself.