Posts filed under “Web/Tech”
I am not the only one thinking about this. New York State Department of Financial Services issued a report on cybersecurity in the banking sector, where more than 150 organizations rely on third-party service providers for critical banking functions. The regulators want the banks to tighten security.
So should you.
We spend most of our time in financial markets looking at ways to deploy our capital: What assets to buy or sell, how much we should save for retirement, whether we should own more of these stocks and less of those bonds.
We don’t spend so much time thinking about the ways we can lose that money — to fraud and to common theft. We should be more vigilant, especially as we move our lives online, with digital access to our checking and savings accounts, our online portfolios, even our taxes.
It is impossible to make yourself hack-proof, but you can make yourself less vulnerable.
It all starts with some common-sense security steps. Three ways you probably can improve your existing practices: Develop better e-mail habits, beef up password security and (as always) remember that your behavior is the root of most of your problems.
Get your e-mail act together
Every day, your inbox fills with all manner of junk. Some of it is merely time-wasting nonsense, but let’s not forget about the really dangerous stuff: phishing schemes, malicious viruses and malware. It seems the only reprieve we get are those rare occasions when the main servers in Russia — a.k.a. Spambot Central — gets temporarily knocked off-line.
People have tried a variety of ways to tackle this: Filters, whitelists, e-mail verifiers and trusted ID services; disposable e-mail addresses from sites such as Mailinator; “junk” e-mail addresses from Hotmail, Yahoo or Google. And still the danger keeps coming.
I have a few tricks I use to keep the really nasty stuff under control, such as:
• View e-mail as plain text.
All of the bad links, embedded viruses and other malware go away when you select “view as plain text.” Sure, you lose all of the graphics and links, but you lose the threats as well.
• Create a primary e-mail address.
This is your main address — for colleagues, clients and peers. Never share this e-mail address. Don’t subscribe to anything using this address — no Internet mailing lists, no subscriptions, nada. Use this address alone for your finance- and business-related e-mails. Anything unrelated is junk; treat it that way. Block the domains of senders. Mark junk mail as junk.
• Use an e-mail forwarder.
I have been a big fan of Leemail.me. Instead of giving out my e-mail address, I use Leemail to auto-generate an address whenever I want to share my e-mail with an unfamiliar company. It forwards my e-mail from the company to me. When I want to shut that sender off, I flick a button.
Tracking the companies that share or sell your e-mail address is invaluable. The basic version of Leemail is, astonishingly, free, and the upgrade is only a few bucks a year.
• Don’t hit “unsubscribe”; get blacklisted instead.
There are a number of companies that provide e-mail services to third parties, shops such as Constant Contact, Vertical Response and iContact. They are the middlemen between businesses and consumers. And while they claim to be “opt-in only” and not spammers, in truth, they are subject to whatever bad behaviors their clients engage in. They all have become legal quasi-spammers.
On every e-mail these companies send, there is an unsubscribe button. NEVER CLICK THAT. When you do, you are not unsubscribing. Rather, you are verifying that your e-mail address is legitimate.
Instead, go to the company Web site and track down the customer service number. Call customer service and insist on having your e-mail or domain “blacklisted.” Thats the only way to ensure you will truly be unsubscribed. If the company refuses, file a Federal Trade Commission complaint.
If you were like I was five years ago, you had one simple password that you used for everything — Amazon, Facebook, Wall Street Journal — everywhere. This could’ve been disastrous. Now all passwords are different. Avoid the common errors, such as using birthdays or your kids’ names. Never use sequential numbers. And for goodness sake, don’t use “password” as your actual password.
Put all of your passwords on a document named something other than “My passwords.” I find burying passwords somewhere in a spreadsheet to be useful. Print out a copy and place it in your safety deposit box with other important papers.
I have said all too often that when it comes to investing, people are their own worst enemy. Behavioral problems are rife in security as well. Get into the practice of thinking about security, and soon it becomes second nature.
The Securities and Exchange Commission has gotten much more serious about personal financial data security. They have informed advisers and brokers that there is a duty to protect client data. When we set up our wealth-management practice, we put into place specific policies and procedures to protect clients:
● All sensitive information is sent by secure e-mail using a third party for encryption.
● We never e-mail Social Security numbers or account numbers or other private data via regular email.
● We went totally paperless. Our file cabinets are empty, everything is cloud based.
● Any documents that arrive are shredded, so even our outgoing garbage is secure with nothing usable to a thief.
Most of this is common sense. However, many people are still vulnerable. With smarts and a bit of awareness, you can make your financial assets much more secure.
North Korea’s cyberattack on Sony Pictures exposed a new reality: you don’t have to be a superpower to inflict damage on U.S. corporations
If most people remember anything about the North Korean government’s cyberattack against Sony Pictures last November, it’s probably that there was a lot of juicy gossip in leaked emails about movie stars, agents, and studio executives. There was also an absurd quality to the whole episode, which was over an ill-advised movie comedy about the assassination of North Korea’s leader, which the North Koreans did not find funny. The weirdness of it all has obscured a much more significant point: that an impoverished foreign country had launched a devastating attack against a major company on U.S. soil and that not much can be done about it. In some ways it’s another milestone in the cyberwars which are just beginning to heat up, not cool down.
My Sunday Washington Post Business Section column is out. This morning, we look at how to avoid usual errors when you are managing your online banking, investment, and retirement accounts: Protect your assets by practicing common-sense cybersecurity. Here’s an excerpt from the column: “We spend most of our time in financial markets looking at ways…Read More
NEVER TRY TO CORRAL THE CUSTOMER People balk at being controlled. Once you place limits, the public abandons you or finds a way to circumvent what you are doing. Give people the opportunity to do more, to expand their horizons, to share. Once you tell them what they cannot do, you’re screwed. This is why…Read More
1. CHECK YOUR GRAMMAR No one’s going to take you seriously if you use “there” instead of “their” or “your” instead of “you’re.” Maybe you should write your missives in Word first, where there’s a grammar checker. Or maybe run your prospective words by your mother, since you want her to be proud of you….Read More
Nice article on disintermediation from Tom Goodwin: “Uber, the world’s largest taxi company, owns no vehicles. Facebook, the world’s most popular media owner, creates no content. Alibaba, the most valuable retailer, has no inventory. And Airbnb, the world’s largest accommodation provider, owns no real estate. Something interesting is happening.” To say the least ….Read More
Click thru for live Twitter feed Congrats to my colleague and partner Josh Brown, for hitting a major milestone this week: 100,000 Twitter followers. If you are not following Josh on Twitter, you are missing some of the most insightful and hilarious comments about the workings of the financial markets in all the…Read More