As a CPA, one of the conditions for maintaining my license is to earn Continuing Professional Education (CPE) credits. This past week, I was watching a CPE webcast by one of the Big Four Accounting firms, and one of the segments focused on phishing. For those who do not know what phishing is, it is “when you receive emails, texts, or calls that appear to be from legitimate companies or people you know. However, they are actually from scammers. They want you to either click on a link, or open an attachment, or enter your personal information (username and password) on a fake website, so that they can steal your money or identity, or gain full access to your devices (computers, tablets, mobile phones, etc.)” The webcast focused on the dangers of phishing as it relates to businesses and corporations, and the millions of dollars these organizations could potentially lose.
While the concept of phishing is not new to me, I began to think of phishing from a different perspective: personal financial impact. While many of us do not have millions of dollars to lose, just one attack could wipe out all that you have saved over the years. What would you do if you woke up tomorrow morning and found all your savings and investment accounts wiped out? I have read on social media people joking that they wished these scammers would hack and wipe out their student loan debt or other debts they owe! However, these scammers are not looking to help you, instead, they are looking to destroy everything that you have built.
Here are some useful tips in protecting YOUR money:
- Protect your accounts by using multi-factor authentication
- Have you ever been on a website before, that after you enter your username and password, sends you an email or text message with a verification code to enter on the website you are trying to access? If yes, you have experienced multi-factor authentication. Multi-factor authentication adds an extra layer of security which may make it more difficult for scammers to access your accounts. If you currently do not have multi-factor authentication, the next time you log into your online banking website/app, investment website/app, or any other site that contains personal information that could become compromised and have a detrimental impact, go to your security or privacy setting, and opt for the multi-factor authentication if that is available.
- Protect your computer by using security software
- Ensure that your computer is up-to-date with the latest security software. See, when your computer’ protected is outdated, it is easier for scammers and hackers to gain access. They could potentially lock you out of your own computer! How scary is that? Think of all the documents, photos, or other confidential information that you have saved on your computer. If you lost those tomorrow due to an attack, would you be ok? I guess not!
- Protect your mobile phone by setting software to update automatically
- For many people, their mobile phone has replaced the function of their computer. They perform and complete everything on their mobile device! Similar to software updates for the computer, you want to ensure that your mobile phones are being updated with the latest security software. Most, if not all phone manufacturers, have the feature which allows you to enable them to push out automatic software updates to your device.
- Protect your data by backing it up
- Get in the habit of frequently backing up your data. There are external hard drives available as well as cloud services. Do your thorough research to find the solution that works best for you. Backing up your data frequently, allows you to easily restore your data and information, should you be attacked and have your device wiped clean, or if you are locked out.
- Call and verify for peace of mind
- If you get an unusual request from a friend or business, call them directly to verify. Do not redial them number that you received the call from. Instead, make the call using the phone number that you have stored in your contacts, or go directly to the businesses’ website and call the number that is listed on the website. When I was an auditor, I demonstrated professional skepticism when reviewing clients’ documentations and records. I want you to demonstrate the same when it comes to giving out personal information, be skeptical! If it seems phishy (pun intended), then call and verify!
If you believe you have been a victim of a phishing attack, report it to the Federal Trade Commission (FTC) at ftc.gov/complaint.
Remember, part of managing your money and growing wealth is protecting your money and assets from scammers! If you have any additional tips on protecting your money from scammers, leave them in the comment section below.