While cyberattacks have not been heavily utilized yet by Russia during the Ukrainian conflict, the financial sector remains on high alert to the possibility. Possibility is rapidly becoming probability. As a user of financial applications, it’s important for you to know how to protect yourself from cyberattacks. Over the past two weeks I’ve received calls from several clients and friends who have experienced various intrusions.

George Kurtz, CEO of CrowdStrike, an American cybersecurity company, is one of several informational security corporations increasing vigilance in anticipation of likely cyberattacks. According to Kurtz, “People are looking for potential denial of service or other retaliatory intrusions that could disrupt the financial sector, markets, et cetera,” Kurtz said. “So, everyone is on high alert. The U.S. government recently came out with a ‘shields up’ message.”

What is Phishing?

Ransomware attacks are one of the most feared issues. Phishing emails are the primary trigger of ransomware attacks. This happens when you accidentally click on a link in an email – that often looks real but isn’t – that loads a program on your computer that locks you out until you pay a “ransom” to the perpetrator. The following chart shows the most prevalent ways that lead to a successful ransomware attack.

How do you protect yourself from Phishing Attacks? Always look at the email address of the sender before clicking on any links! Often these emails look legitimate. They have the name of a legitimate company and appear as an email you’ve received in the past. Yet, if the sender has an email address that ends in “.RU” it’s from Russia! In fact, if it isn’t from XYXcompany.com, it’s probably fake. I get these emails frequently from someone purportedly from Amazon. Fortunately, these emails are going to one of my email accounts that is not connected to my Amazon account.

The next two areas, Poor user practices and Lack of cybersecurity training require education. Some of this can be obtained by reading. They require intentionality and a mindset of mistrust. Here’s the most important thing you can do in this area: Treat every email as if it’s intended to steal your information!

Password Management is No Joke

The big area that you can control is your Password Management activity. On one hand, this is probably the greatest hassle. Yet, your “go to password” – the one you use for everything – is the most dangerous culprit. The chart below shows how quickly certain passwords can be cracked by a hacker.

Here are the worst passwords that you can use. They are probably on Post It notes on every hacker’s bulletin board! These are the Top Six most frequently used really bad passwords:

1. 123456
2. picture1
3. password
4. 111111
5. qwerty
6. abc123

If you’re currently using any of these, please change them immediately. The good news is that today most financial software won’t let you use these. Further, they make you change your password routinely. This is for your protection.

Two-Factor Authentication

Finally, many software packages now offer, or better yet, require Two-Factor Authentication. Always use this when it is available, even if it is not required. This way, whenever you log in, a random code is sent to your cell phone that you must enter before proceeding. This makes it incredibly difficult, if not impossible, for your account to be hacked.

Protecting yourself from cyberattacks is critical these days. If you have been notified that your data has been compromised, then your Social Security number, some passwords, address, or answers to security questions are likely already on the Dark Web. Locking your information down is tremendously important.

 Call us if we can help.

Rick Adkins, CFP®, ChFC, MBA

© 2022 The Arkansas Financial Group, Inc., All rights reserved.

Please remember that past performance may not be indicative of future results. Different types of investments involve varying degrees of risk, and there can be no assurance that the future performance of any specific investment, investment strategy, or product (including the investments and/or investment strategies recommended or undertaken by The Arkansas Financial Group, Inc. [“AFG]), or any non-investment related content, made reference to directly or indirectly in this commentary will be profitable, equal any corresponding indicated historical performance level(s), be suitable for your portfolio or individual situation, or prove successful. Due to various factors, including changing market conditions and/or applicable laws, the content may no longer be reflective of current opinions or positions. Moreover, you should not assume that any discussion or information contained in this commentary serves as the receipt of, or as a substitute for, personalized investment advice from AFG. AFG is neither a law firm, nor a certified public accounting firm, and no portion of the commentary content should be construed as legal or accounting advice. A copy of the AFG’s current written disclosure Brochure discussing our advisory services and fees continues to remain available upon request or at www.arfinancial.com.

Please Remember: If you are a AFG client, please contact AFG, in writing, if there are any changes in your personal/financial situation or investment objectives for the purpose of reviewing/evaluating/revising our previous recommendations and/or services, or if you would like to impose, add, or to modify any reasonable restrictions to our investment advisory services. Unless, and until, you notify us, in writing, to the contrary, we shall continue to provide services as we do currently. Please Also Remember to advise us if you have not been receiving account statements (at least quarterly) from the account custodian.