Take Steps to Protect Yourself: A Cybersecurity Checklist
October 12, 2022
As we continue to spend more time on digital devices, and especially as digital uptake has accelerated as a result of the pandemic, the number of scams and amount of fraud has also increased. According to recent figures, Canadians lost over $381 million1 due to fraud last year alone, a figure which more than doubled in 2021,2 and this is only expected to rise in 2022.3 Equally unsettling is the growing number of incidents — over 100,000 reported in 2021 — with victims that span every age group, from young people to the elderly.
It’s not just our increasing dependence on digital technology that has led to the growing number of scams; the types of fraud continue to become more sophisticated and scammers are constantly getting better at what they do. As advisors, we feel it is important to protect the financial well-being of our clients, and this includes providing information to help safeguard individuals from new and evolving scams.
Here are some red flags to watch for, as well as a checklist of preventative measures that can be taken — both of which can act as a starting point to help protect yourself, and others, against potential cybercrimes.
Know the Red Flags
Familiarizing yourself with how to spot a scam may be one way to protect yourself from falling victim. The most common scams target individuals through fake emails, texts, phone calls and letter mail, as this allows for anonymity. However, scammers have become increasingly bold and may even target victims by showing up at their front door unexpectedly. In most circumstances, there are common red flags that may indicate a potential scam, including:
- Pressure to act or respond immediately;
- Pressure to send money, including requests to use methods of payment that leave no record or trail, such as cash or gift cards;
- Threats of legal or law enforcement action;
- Requests to disclose personal information or questions about financial accounts;
- Situations which create a sense of fear, surprise or excitement; and
- Offers that appear too good to be true, such as a giveaway, windfall or promise to deliver significant returns on an investment.
Since the types of fraud and scams continue to evolve, it may be worthwhile to visit the Canadian Anti-Fraud Centre’s online website from time to time. This government body collects information on fraud and cybercrime and supports law enforcement through information sharing. Most helpful, it posts the latest scams and fraudulent activity to keep individuals aware. It also provides various resources that may be helpful in teaching more vulnerable individuals, such as children or the elderly, how to identify a scam and help protect themselves from fraud. The website can be accessed at: www.antifraudcentre-centreantifraude.ca/index-eng.htm
Take Preventative Measures
Taking measures to help protect yourself may also reduce the possibility of becoming a victim of identity theft, fraud or scams. Here is a cybersecurity checklist that can act as a starting point:
Protect Devices
- Keep software and operating systems updated. Software companies continuously improve their security fixes each time they release an upgrade. These updates are important as they help to protect against malicious software called “malware.”
- Use reputable antivirus programs. This can help protect computers or laptops from becoming infected with viruses, or remove viruses in the event they infect a device.
- Download applications from reputable sources. Be wary of pop-up ads or third-party sources when downloading files or applications as they are more likely to contain malware.
- Secure devices in public places. Be aware that your device may not be secure if you are using a public WIFI hotspot. Without the use of a virtual private network (VPN), unscrupulous individuals may be able to intercept your communication. Never use publicly available charging cords or USB ports from unknown sources as these can be used to deliver malware onto your device to steal your data.
Secure Accounts and Account Access
- Create strong usernames and passwords. Never use similar username and password combinations. If a hacker compromises one account, they may then be able to access other accounts.
- Consider the use of a reputable password manager. If you have multiple accounts and are unable to keep track of multiple usernames/passwords, it may be helpful to use a password manager. This software creates unique and complex passwords and stores them in an encrypted state.
- Use multi-factor authentication (MFA) when possible. MFA requires multiple methods of verifying a user’s identity to access an account or complete a transaction. This is a layered defence that makes it more difficult for a hacker to access your account.
- Keep contact information updated. With financial accounts, always make sure your contact information is updated so that you can be contacted in the event of suspicious activity.
Pause Before Acting
- Don’t click on links or open attachments from unsolicited emails or texts. This can be one way for a hacker to install malware on your device. For phone calls or text messages, this also allows the sender to know that a person has responded, likely making them an ongoing target.
- Don’t share personal information with unverified sources. While it goes without saying that you should never provide personal financial information to strangers, how this information may be pursued by fraudsters is becoming increasingly sophisticated. Individuals are often fooled into believing that they are speaking with reliable sources. As it relates to reputable financial institutions, keep in mind that they generally will not initiate a call to verify personal financial information, including security codes or personal information numbers (PINs). If in doubt, offer to call the company in question back, using a general number obtained from an official document (such as a statement or credit card) or found on a reputable site on the internet.
- Limit personal information shared on social media. Consider that the information you share online on social media and other sites can be collected by fraudsters. This includes disclosing seemingly innocuous information, such as the names of children, your birthday or your employer; all which can be used for identity theft or other fraudulent activity. If you are able to enable privacy settings on social media accounts, this may be one way to help limit the amount of information that is available to strangers.
- Validate the source. If you are being solicited and are uncertain, consider validating the source by asking questions and collecting information. Always take the time to do a background check through a general search on the internet, and not by any links provided by the source. There are resources available, such as safe browsing sites that can check a website’s status and uncover websites which are unsafe or have been compromised. One example is Google’s website checker: https://transparencyreport.google.com/safe-browsing/search. If in doubt, consult with a trusted family member or friend.
- Don’t respond. If you’re not 100% certain of the source of a call, email or text, consider not responding. Also, remember: don’t always trust the name that is included on an email, text message or phone’s caller ID, as fraudsters can manipulate this information. It’s not always who it says it is.
Monitor Your Finances
- Periodically review your financial accounts. If you see suspicious activity, report it immediately to the financial institution and the police. The earlier that fraudulent activity can be reported, the greater likelihood that repeat activity can be stopped.
- Allow for notifications on financial accounts. Where possible, consider allowing for push alerts or other communication for transactions on your financial accounts. This can help identify suspicious activity immediately and prevent it from recurring.
- Review your credit score from time to time. This may be one way to uncover fraudulent activity. Reputable credit monitoring services can provide credit reports that contain details on your existing lines of credit, as fraudsters have been known to steal an identity and establish new lines of credit.
We Are Here to Provide Support
These are just a handful of ways to help improve your cybersecurity and better protect yourself from potential fraud. At Canaccord Genuity, we take the safeguarding of assets and personal information seriously. As advisors, one important aspect in supporting our clients to successfully reach their financial goals is helping individuals protect themselves and their finances from scams and fraud. If you would like further information, or need assistance in supporting more vulnerable individuals with discussions about cybersecurity, please don’t hesitate to call the office.
Notes
1. This represents the amount that was reported to the police and the Canadian Anti-Fraud Centre only.
2. https://www.rcmp-grc.gc.ca/en/news/2022/fraud-prevention-month-raises-awareness-a-historic-year-reported-losses
3. As of July 31, 2022, it was reported that $284.7M had been lost to fraud in 2022. The annualized amount of losses exceeds the annual amount reported in 2021 of $381M. Source, as accessed on September 21, 2022: https://www.antifraudcentre-centreantifraude.ca/index-eng.htm