Hackers target financial planners

by |

Hackers are creating new strategies to separate you, and your clients, from your money, but there are steps you can take to guard against these attacks, according to Bill Winterberg, a CFP and technology consultant.

Winterberg offered the following steps, ranging from longstanding basic measures to newer ones, to Financial Planning:

1. Do not email sensitive information in the body of an email.

If you send attachments with password protection, keep those passwords long and difficult to decode.

2. Remember: Many phishing attacks, which send a seemingly legitimate email to collect information, involve a sense of urgency.

A client emails from London to say she has lost her passport and needs money wired to an account. Another client claims he just purchased a Lexus but wrote a check off the wrong account and needs money wired to cover the purchase. To make sure you are really communicating with a client, take the obvious precautions

3. When setting security questions, make the answers opaque

Winterberg says, to the question, “What was your first car,” the answer might be “taupe,” referring to the color of the car and not the make.

4. Beware of cold calls

Cold calls are a form of “social engineering” by hackers in which imposters try to change your perception to gain access, Winterberg said.

For example, a hacker will call a planning firm posing as someone from Microsoft tech support. The hacker will ask the planner to open a file on his computer that shows a series of error messages. Feigning concern at hearing this, the interloper will then instruct the planner to download a new file onto his computer that purports to address the problem. Instead, Winterberg says, it contains malware. And now the hacker has full access to your system. Rather than take such a cold call, instead call the main support line at Microsoft to verify the issue is a legitimate one.

5. Ramdom hacker techniques are designed to exploit everyday human curiosity

Hackers have been known to leave hundreds of thumb drives in parking lots with something compelling written on it, such as the name of a celebrity combined with, for example, “taxes 2012.”

Winterberg cautioned advisors to be suspicious of every foreign USB drive.

6. Protect Your Devices

To protect yourself and your firm in case a device such as an iPad goes missing, learn how to wipe the content from it remotely.

Planning firms need to hire a technology expert to stress-test your firm’s hardware and software systems for leaks, Winterberg said. Leaks are possible areas of vulnerability to hacking attempts.

7. Padlock Your WiFi

For your WiFi, use a high level of encryption and, if nobody will be using it over the weekend, shut it off. “Why give someone all day on a Saturday to leisurely try to break in?” Winterberg asked.