Industry Trends

Don’t Be Free With Your Personal Information


On Freedom of Information Day, the American Library Association recognizes individuals and groups who support the public’s right to know and gain access to government information. It’s also the birthday of James Madison, who was an advocate for transparency in government and is considered the father of the U.S. Constitution. 

Thinking of how the government protects information made me think about how I would secure my own data. InfoSec (Information Security) is a very hot topic as numerous high-profile data breaches have occurred within the last year. So, where do you start to protect your data?

  1. Keep your devices’ firmware, software, operating systems and applications up to date; this includes your phone, TV, Blu-Ray player, laptop, tablet, etc. – anything that connects to the Internet
  2. Install and run updated anti-virus and anti-malware software on your PC
  3. Use strong passwords that contain uppercase and lowercase letters, special characters and numbers
  4. Change the default passwords on all new devices
  5. Don’t open email attachments from unknown or unexpected sources
  6. Proceed with caution when using public Wi-Fi without VPN or a secure connection; your data is at risk
  7. Do not use exploited software or hardware – anything that has been hacked, cracked, pirated or jail broken
  8. Always enable your device’s firewall
  9. Be thoughtful of the type and amount of information you are willing to share on social sites
  10. Learn how to back up your devices so you don’t lose important information 
  11. Control physical access to your devices so they are not lost or stolen
  12. Understand Social Engineering –  be very suspicious if people you do not know contact you and request your username, password or credit card


technology security data

Phishing: The New Internet Pastime


For many, fishing is a relaxing recreational sport. Growing up in Missouri, I was fortunate to have a lake on our property, and my love for quality fishing rods, beautiful lures and even stink bait became an important part of my pastime activities. A bad day of fishing is time well spent.

Today, there is a new type of pastime called phishing, and it has nothing to do with reeling in bass, crappie or trout. Phishing scams are attempts to fraudulently access online accounts by posing as real companies. What we once thought was just folks taking advantage of the elderly, is now a very real and scary business. 

In the first half of 2014, there were more than 120,000 unique phishing attacks worldwide, with more than 750 targeted institutions – the highest the APWG (an internet policy committee) has ever seen. This is very real and affects all of us. This Internet pastime activity needs to be understood more deeply by the financial services community.

Phishers are strategic criminals. Shrewd and decisive, they use scam campaigns to pick off as many of us as they can to gain access to our private, financial information, and for fun, many drop malware viruses onto our computers to make them crash and burn. They will stop at nothing.

Some examples of phishing scams include:

  • You receive an email from your bank asking you to reset your password. Should you click the link?
  • You receive an email security notice from your IT department with a link to find out more information about a privacy break. Should you click the link?
  • You receive an email saying your iPhone was recently accessed and to click a link to reset your PIN code. Should you click the link?

Overwhelmingly, I’m going to say in EVERY situation where you feel something looks off, it probably is. Never click links. Never download attachments. Never reply to the sender. Just delete the email immediately and notify your IT department (if applicable) so they can research.

Some tips to avoid phishers are:

  1. Use your SPAM folder. It is there to protect you. Block anyone whose email address you don’t know.
  2. Don’t send personal information through emails. Well that’s hard with the financial service work we do, eh? If you have encrypted email, use it! Otherwise, pick up the phone and call.
  3. Never click on links in email. Ever.
  4. Beware of pop-ups. If you get them, do not enter information in them.
  5. Remember, you are always the target. Phishers are very smart, and they will continue to hit you with all they have. Always be on alert!

To drive these tips home, Twitter recently put its staff to the test. I don’t know about you, but I’m thinking employees of an Internet company would be pros at detecting phishers, right? They wanted to see how many would fall for different types of phishing scams. With so many big brands under scrutiny for compromising their customers’ data, Twitter took a proactive approach and said, “Let’s see which employees know phishing scams and which ones don’t.” Their newer employees failed; their seasoned employees rocked. Using these scam emails as a pop quiz, Twitter was able to then see where continuing education was needed and apply accordingly.

I don’t share this to scare you from ever doing business through email again. I share this to make you more informed about the target on your back and on your clients’ backs. Be smart about email, use it wisely and keep your identity and financial information safe through encrypted email systems and by modifying certain online behaviors.

The Bottom Line: It’s always better to be safe than sorry