Making Financial Transactions Through Apps: How to Protect Yourself

From IPads to smartphones, there are now an endless number of apps that can be used to transfer funds, whether you’re sending or receiving money on Paypal or using your personal banking app to access your account.

Online shopping and other ecommerce apps also require you to input some of your financial details. In fact, any app that is used to process payments can expose you up to security risks.

Here are some ways to protect yourself when making financial transactions using apps.

Make sure the app is secure

It’s not always easy to know whether a hacker created an app to deliberately steal your personal information or take over your bank account. To ensure you are using a legitimate app, only download from a trusted website or from a well-known company. Most major apps from legitimate providers are safe. Oftentimes, banking, money management and e-commerce companies invest heavily in making sure that their sites are secure, and that your information is protected.

Be alert

Although it’s convenient to jump on someone else’s WiFi or do your banking at the local coffee shop, it’s not always safe. Make sure you are accessing your financial apps from a secure web browser with protected connection; mainly your home WiFi that has been protected with a password and two-step identification.

Don’t overshare your information

Be very careful of apps that ask you to share more information than seems necessary for them to work. When you are sharing your credit card information or bank details with a third-party app, you are leaving yourself vulnerable to identity theft and other fraud. One way to prevent a security breach is by looking into the encryption methods used by the app and how it secures your data. Rest assured that most large providers take data security extremely seriously.

Only log on to apps using secure passwords

When it comes to transferring money on a dedicated financial app, be sure to use a dedicated email address and password to sign up, ideally one that you don’t use for anything else. Your login information should be anonymous and not contain pertinent information like your name or or birthdate.

Most financial apps are secure providing they come from a trusted source, but others may not be up to par. With a bit of due diligence and a little research, you can stay safe online. Just make sure you know exactly what app you’re using before sharing any private information.

4 Steps to Staying Safe Online

One of the challenges of the current cyber age is that everyone owns at least one computer or mobile device, and most have more. Today, people constantly use their smartphones and tablets in all manner of public places, from waiting rooms and the local coffeehouse to sporting events. You see them everywhere scrolling through their messages, sending texts and posting photos on social media.

While these devices provide users with a real convenience, they can also be dangerous if they’re not used wisely and safely. Rarely a week goes by that you don’t see a news story about someone’s identity being stolen or their online account compromised. Then, there are the hackers, phishers and other online criminals who figure out ways to breach security. If you use your Internet-connected devices in public areas — as most people do — it’s important to ensure that you’re using them safely.

Below are four tips to help you ensure safe online experiences.

Be wary of rogue emails and other possible hacks.

From email correspondence with friends and family members to ecommunications for which you’ve voluntarily signed up, like sales messages from shopping sites, you’re getting tons of messages online. It’s great to stay informed but there are problems that can result if you aren’t on guard. Don’t click on links in emails unless you know with absolute certainty that they’re safe. Also, be careful about what personal information you post online. Consider marking your social media accounts private so only friends and family members can access your private posts. Also, watch out for any red flags.

Don’t share your passwords.

Let’s be honest — no one beside you, or maybe a family member, needs to know your passwords. It’s like the combination lock on your locker at the gym or spa. Keep it to yourself. Also, select passwords that no one can easily guess. Since you likely have usernames and passwords for numerous sites, write them all on a slip of paper and keep it in a safe place for easy access.

Do not download or install anything on your computer or devices unless you’re sure it’s safe.

It’s way too easy to download a rogue file that could compromise your data, place unwanted cookies on your hard drive or even cause the computer or device to stop working correctly. Referring back to the earlier comment about links, be aware that cyber hackers — who are criminals, make no mistake about it — are always sending links to unsuspecting people and cleverly disguising them as legitimate emails. One click on the wrong link could unleash a world of problems and carry a significant cost if your computer or device needs to be serviced. To ensure that you don’t accidently download a virus, Trojan horse or other troublemaking file, install virus protection on their computers. That way, you’ll get a warning if a rogue link or file shows up in your email box.

Don’t share personal information online with anyone you don’t know.

There are many people online purporting to be someone else, and you never know when the nice person you’re conversing with online is someone with less-than-sincere intentions. Unfortunately, these people infiltrate chat rooms and other online meeting places, start conversations and attempt to gain personal information. Sometimes, they’ll try to convince you to meet in person. If you do happen to encounter someone and find yourself in an online conversation that makes you uncomfortable, log off immediately and save the conversation if you can. Then, alert the proper authorities, if necessary.

Online Security: How to Shop Safely This Holiday Season

Chances are, if you haven’t started, you’re busy making a holiday gift list and getting ready to make your online purchases. The spike in holiday shopping this time of year is inevitable, but it can also make you more vulnerable to a myriad of online threats.

In fact, any computer or device visible on the internet becomes a target for hackers, who try to send it connection requests and expose its weaknesses. Fortunately, you can shop safely by implementing some of these proven safety strategies.

Shop from secure sites: Now is not the time to use new sites for your online purchases. Your best bet is to shop from trusted, well-known sites that you’re familiar with. A rule of thumb: check for the ‘https’ in the web address. This usually indicates a “safe” site.

Install updated antivirus software: Installing updated antivirus software is a good start to keeping your devices secure. Oftentimes, companies will send periodic software updates to cover the latest malware attacks, so make sure to install them.

Don’t shop using public wi-fi. Transmitting credit or debit card information over a public Wi-Fi connection leaves you more vulnerable to cyber attacks. It is best to shop online from home using a protected and secure Wi-Fi password. Even better, using a virtual private network (VPN) provides you with greater security online because it encrypts all data traffic.

Use a credit rather than debit card: In the event that your credit card information is stolen, there are laws in place that will limit your amount of liability. You may not have the same protection with a debit card.

Log out of each website: Leaving a website open or neglecting to log out will leave you more vulnerable to an attack, especially if you entered your personal information and a form of payment.

Don’t allow websites to store your financial information: It can be convenient to store your address and payment information so that the next time you visit the website, it’ll already be entered. In reality, it leaves that information vulnerable to hackers.

Remember, with holiday shopping in full force, it is best to remain vigilant in order to prevent your private information from falling into the wrong hands.

How a Misaddressed Email Can Lead to a Security Breach

Cyber attacks are becoming increasingly sophisticated as hackers continue to find loopholes to gather information and use it against their victims. With new digital threats occurring at a rapid pace, it is more important than ever to remain vigilant when connecting to the internet.

Despite the warning, many don’t realize the potential consequences of sending an email to the wrong contact; however, when it comes to data security, a misaddressed email can seriously impact an organization. Businesses, especially those that are highly regulated like in finance and healthcare, need to be ready in the event a misaddressed email ends up in the wrong hands.

For instance, think of a time you accidentally dialed the wrong number. It may have been embarrassing, yet, you probably didn’t overthink the mistake. Sending a misaddressed email that contains private information about a patient, client or a company cannot be brushed over. Further, the misuse of CC and BCC functions could expose your entire database to potential hackers.

If a hospital were to accidentally leak confidential patient information to the wrong person, that health care system could face serious reputational damage if the incident was reported in the media. The same goes for company information such as trade secrets; if it were to fall into the wrong hands, the damage could be irrepressible.

A misaddressed email can be caused by a simple missed character in the address or pressing send too soon. The information that was once confidential is now sitting in the wrong inbox, perhaps an unknown individual or worse, a cyber criminal.

You are probably asking yourself by now, “so what is the solution?” For starters, a strong security strategy will prevent data loss before it occurs. For large corporations, it is important to implement staff training on email security best practices to mitigate against potential data loss. Cyber security solutions that use machine learning to monitor employee behavior and intervene to stop a breach can also be effective.

Further, tools that prompt email users to double check their emails based on a set parameter can also be helpful in preventing a message from being sent out in error. The takeaway here is that organizations need to implement a plan to increase awareness and improve email culture so that data remains safe and secure, the way it was intended.

5 Tips for Preventing Online Identity Theft

The holiday season is upon us. The next two months should be a time of fun and good cheer for everyone, but it’s also a time to be very cautious. The reason? Identity thieves are lurking in the dark recesses of the Internet and they’re more active now than ever.

As a technology professional, I’ve seen my share of problems related to hacking. The good news is that it’s very easy to protect yourself and your devices. Don’t let your personal information be stolen or compromised. Here are five tips for safeguarding your identity.

Stay away from phishing emails and websites

This is a website that looks legitimate but isn’t. Often, they’re linked to rogue email messages that appear official but are anything but. On the surface, it looks just like the real deal, but it isn’t. It was cleverly created to persuade you to enter personal information, which can then be used for nefarious purposes.

How do you know it’s fake? Well. you might not, although there are some telltale signs: a word misspelled, the wrong URL (web address),or an email address that was not sent from the official company domain. If any email message or website asks you for your social security, bank, credit card, or driver’s license number, health insurance information or other personal data, visit the company’s actual web page, call their help line and ask about the request before sharing any information.

Use a unique password

Sure, it’s easy to just enter your address, a phone number or someone’s nickname when prompted for a new password. Unfortunately, these might be the first things hackers try when attempting to access someone’s account. Whether you have five or 25 passwords, it will only help you if you make them all completely different. This can’t be overstated. Consider a different combination of letters (upper and lowercase), numbers and punctuation marks for each password, and create a record of each for easy referral. You can also change your passwords regularly to keep the hackers off guard.

Be discreet about personal information

With Facebook and other social platforms becoming a repository for recording daily activities, people often post way too much information on their personal pages. It’s advisable to think twice before putting personal information on public view. Believe it or not, hackers can create a pretty accurate personal profile of you with information they find on your social media pages, then use it against you. Similarly, be cautious about posting messages like, “Well, I’m off for my morning run.” Hackers and thieves perceive such information as “I’m not home for the next hour.”

Only buy from reputable websites

Ecommerce has taken the place of brick-and-mortar stores in large part, and the convenience online shopping websites provide can’t be argued. But the proliferation of such platforms has also created problems. All reputable online shopping sites have (or should have) security measures built in, meaning that your personal information is encrypted and unavailable to the average hacker. This means that entering your credit card number should be a worry-free experience. On the other hand, there are many sites that aren’t as safe. For you, this means thoroughly investigating an unfamiliar shopping site before you make a transaction. You can do this in several ways. One is to look for online reviews by other shoppers. Another is to look for “https” in the website’s URL. which indicates that it’s a secure, encrypted connection.

Be wary of public wi-fi

While it’s tempting and convenient to make purchases online from the comfort of your coffeehouse table while sipping a latte, it’s not necessarily safe. Public wi-fi, while a convenient benefit offered by many gathering places, is susceptible to unexpected hacks. Just to be safe, wait until you get home to make that purchase.

Remember, always be aware of your surroundings. You never know when a hacker is just around the corner ready to confiscate your personal information for malicious use.

Why Updating Your Software is Important for Security

You’re in the middle of doing something important – creating a report the boss needs by the end of the day or composing a detail-filled email to your top client – when it happens: a pop-up box appears on your screen, interrupting your work flow to let you know that an update to one of your computer applications is ready to be downloaded and installed. But you’re busy. This can wait, you think. You set it aside for another time.

Software updates can be time-consuming, but it’s important to take the time and install them in a timely manner.

You might not realize it, but software updates can go a long way toward protecting your computer and personal files. It’s actually pretty routine for software developers to identify security problems in products that are already on the market. In fact, that’s often the primary reason for issuing updates — to address security problems or glitches that have been discovered after the application’s release. In some cases, the revised security measures improve upon those previously provided.

Security problems in applications are known as software vulnerabilities, and the term means exactly what you think it does. A vulnerability provides an open door to savvy hackers, who are experts at exploiting vulnerabilities to achieve their own ends. What this means for you is that they can then create code, package it in malware (malicious software) and share it with you via a rogue email or even through a website that looks innocent enough. The next thing you know, your computer is infected and the malware is grabbing your data.

You do not want this to happen.

Another unfortunate thing that malware often does is it comprises your address book, sending infected messages to everyone in your network. As a result, those unsuspecting contacts –

your family members, friends and others – see a message from you, think you’re sharing something fun or informative with them, then click on a bad link, causing problems to their own computers or devices.

Software updates are issued for a reason.

Computer and online security should be a priority for everyone. You can never be too cautious, especially when hackers can be extremely resourceful. For companies networks that become infected or compromised, downtime and repairs can be both time-consuming and expensive. Updates, when you receive them, will offer you the highest functionality available, along with the most peace-of-mind that you’re protecting your hardware and your data.

Finally, look into antivirus and security software to learn what’s offered and how you can benefit from installing it on your computer. Read online reviews, then do what works most effectively for your situation.

Online Security: 3 Easy Ways to Protect your Identity

In today’s world, internet hackers are smarter and savvier than ever before. You may not realize the dangers they can impose until your private email or online accounts are compromised. The good news is, there are things you can do to prevent these types of intrusions from occurring.

Here are 3 easy steps you can implement today to protect your security online.

Select a strong password

The first line of defense against a hacker is setting up a strong password for each of your online accounts.

Although it may be convenient to use a familiar word or numerical sequence that you can easily remember, such as an address, zip code, favorite car, or pet’s name, it’s far more effective to create a password that no one can crack. If you use a common password, it’s possible that a hacker could access your account, click on the “Forgot password” link and use information about you to guess your password.

Instead, create a strong password that includes a random combination of uppercase and lowercase letters, numbers, punctuation marks, and symbols. Write your password down and keep it in a safe place so that you can easily access it. The more complex your password, the less likely a hacker will be able to gain access to your accounts.

Beware of spam

One of the tricky ways hackers can infiltrate your accounts is by using spam or phishing tactics. When this occurs, your contacts will receive an email from the hacker (posing as you) asking them to click on an untrusted link. This, in turn, allows a hacker to access your personal information.

While it can be difficult to tell if your email account was abused in this way, a quick check of your sent email will help identify anyone who was targeted from your contacts list. If you do find someone contacted by the hacker, let them know immediately that you didn’t send the email to them and to NOT click on the link.

Two-factor authentication

In addition to passwords, a different type of security mechanism called two-factor authentication is becoming increasingly available. Using two-factor authentication ensures that even if someone has your password, they still need something else before they can get into your account. That can range from a fingerprint to a pin number. Two factor authentication simply allows you to protect your account with an added layer of security.

In the age of the internet, it’s unfortunate that users have to be concerned about the security of their private accounts, but taking a few extra precautions will go a long way toward maintaining peace of mind.


Law Firms and Others Facing Increasing Cybercrime

In the past few years there have been myriad news stories about cybersecurity threats at law firms and other companies around the world. Hackers just love a challenge, but more than that, they love overcoming one. And their motivations run the gamut, but when they’re successful, they create lots of problems that can be extremely costly for the targeted organization.

To be sure, law firms aren’t alone. Cybercrime is a major concern today for just about every industry you can name, and it doesn’t seem to be slowing down. In fact, many sources say that it continues to rise. CNBC has reported that the overall cost of cybercrime has exceeded $600 billion.

Why is this happening? For one thing, most professional offices today depend heavily on technology to conduct their daily business, so the same widespread connectivity that helps us do our jobs is also making us vulnerable to cyber attacks.

Law firms are rightfully concerned about cybercrime because of the immense volume of confidential data — legal, financial and personal — that they maintain and transfer online. And law firms specializing in corporate or property law are at even greater risk because of the potential for financial gain by hackers.

Additionally, there have been many news reports in recent years about hackers employing cybercrime to satisfy political, economic or ideological motivations. The truth is that cybercriminals can range from computer buffs looking to have fun to business competitors and even spies or terrorists trying to topple governments.

In any business or legal environment, cybercrime is a threat that must be addressed. Smaller office networks are considered easier to break into since they may have fewer security resources and a smaller IT team than larger ones. All companies need to be aware of what’s happening out in the ether and the consequences that can follow a cyber crimes, and be prepared in the event such an incident does occur.

Email, where cyber criminals are most active, can be extremely vulnerable to phishing attacks. According to Verizon, email is responsible for 92.4 percent of malware. These attacks can take various forms including cleverly disguised messages that appear to be from a familiar source. Another common form of phishing can arrive via attachments that, if opened, can cause major problems. These and other ruses are developed to motivate recipients into divulging confidential information, providing users’ credentials or downloading viruses and other malware.

This is why it behooves all companies to be on guard. You never know when something malicious might arrive in your inbox, and clicking on an errant link could easily start a chain reaction that’s capable of shutting down your company network for hours, even days, at a time.

So what’s the solution? Well, hackers are nothing if not smart, even brilliant. And they’re also devious. The good news is that companies of all types are becoming more and more alert to this growing trend and are actively exploring ways to address it. Head the hackers off at the pass, so to speak.

If you own a company or business that has an in-house network, do everything you can to keep them as safe and worry-fee as possible. This means installing prevention technology that detects problematic emails and cyber attacks before they have an opportunity to enter and infect your system. This way, your network does all the heavy lifting, preventing you and your company from experiencing costly downtime.

Also, teach all the members of your team what to look for, should a malicious email appear in their inbox. This can range from checking the footer of a suspicious-looking message with professionally designed graphics to ensure that it’s really from the sender it claims to be from, to being aware of warnings noted by the system that it might be a malicious email to being very careful about opening attachments that haven’t been scanned by your company’s email system to determine safety.

It’s an old adage that still holds true today: An ounce of prevention is worth a pound of cure.

The Growing Problem With E-Mail Security

E-mail security has been a huge issue since the technology’s emergence in the mid-1990s, and for all of our tech sophistication and heightened awareness of the problem, it’s only gotten worse.

Cybersecurity specialist Kazpersky Labs, for example, reports that while the volume of spam dropped last year, the firm’s tracking showed a 59 percent jump in phishing attacks. But the bad actors are a creative lot – just when you think you have a handle on one e-mail scam, they change tactics and you have to adjust your defenses.

Throughout most of 2017, for example, the types of e-mail to look out for contained malicious URLs, linking back to sites hosting malware. Proofpoint found the volume of these e-mails jumped by 600 percent in the third quarter – a 2,200 percent from the same 2016 quarter. But by the fourth quarter, cybercriminals switched their preferred scamming methods from malicious URL use to messages carrying malicious attachments. The volume of these messages jumped by 300 percent during the fourth quarter from the third.

Keeping up is almost like trying to win at the whack-a-mole game.

It’s fascinating (in a train wreck kind of way) to look at the ebbs and flows of the scams that the bad guys use to convince people to act, and how adept they are at seizing on major events and issues to get past their guard.

Last year’s big opportunities?

The FIFA 2018 world cup preparation, giving rise to fraudulent, if official-looking messages about lottery wins and promising free tickets. And the cryptocurrency craze has provided a rich vein of blockchain-themed tricks, like malware-laden websites disguised as cryptocurrency exchanges. Another trick is malware in spam emails, billed to be utilities for earning Bitcoins.

There is a cost to all this. Phishing scams alone cost American businesses about $500 million a year. But there are a lot of impacts of cyber attacks – obvious and those beneath the surface – to think about, as a study by Deloitte showed.

The firm identified 14 cyberattack impact factors with direct and/or intangible costs that will add to the pain of a major cyber incident. The direct costs ranged from attorney fees and litigation to customer notification, and technical investigation to cybersecurity improvements. Beneath the surface? Operational disruption, for one. Then there are increases in your insurance premiums and the lost value of customer relations and contract revenue. It’s not a pretty picture for potential damage, Deloitte’s modeling showed.

Any number of solutions will help mitigate the risks that come with our increasing dependence on e-mail as a fast, efficient and inexpensive way to communicate with each other.

The best place to start is to make people aware and equip them to be on guard against malicious e-mails that might make their way into e-mail boxes. The tips bear repeating: Never click on a link or an attachment on an unsolicited e-mail. Always check the sender. Bad actors can be quite skilled at replicating logos to look like the real deal, but your bank is not going to ask you to share sensitive information like your social or account number or bank account password through this channel. And common sense applies. Offers that seem too good to be true usually are, especially if the outreach is out of the blue.

But e-mail security issues have a broad scope, and are an enterprise-wide concern. It makes a holistic, enterprise wide approach to secure messaging the imperative for any organization that exchanges sensitive information with customers.

The way of the future? Increasingly, it’s moving toward integrative solutions that enable users to control, track, share and protect sensitive business information as a means of heading problems off at the pass.