Phishing. It can happen to almost anyone. Phishing emails try to trick you into clicking on their fraudulent links or attachments, which can inject your computer with malware or otherwise con you into giving away credit card numbers, login credentials and similar personal information.

For example, there’s been a fake email making the rounds lately, posing as an urgent notice from Schwab, and promising the recipient a “Security Benefits Award.” All you have to do (so they say), is click on the link provided and your account will be credited.

Unfortunately, those who fall for phishing schemes are far more likely to lose money than be credited any. Sheriff Schiffer here, with three solid suggestions on how to avoid getting hooked by a phisher.

1. Don’t Click. Your first and strongest line of defense is to never click on any links or open any attachments in a phishing email. If you don’t take their bait, they won’t be able to reel you in.
2. Don’t Trust. While it’s too bad we must always be on guard, today’s online environment essentially requires it. Rest assured, if Schwab or any other reputable service provider requires follow up from you, this is NOT how they’ll go about requesting it. Be especially wary of:
   • Unsolicited emails arriving out of the blue, even if they’re supposedly from a familiar source
   • Enticing offers or scary alerts with a sense of urgency; phishers know people tend to throw caution to the wind when greed or fear takes over; they literally bank on it
   • Typos, bad grammar or generic salutations; not all phishing emails contain these, but many do
3. Do Verify. Believe me, your family, friends and professional alliances would much rather hear from you directly if anything they have supposedly sent to you seems suspicious. It’s always a good idea to be in touch by calling or sending a separate email (don’t hit “reply”), and asking the alleged sender if they really did send it.

A bonus tip: If an email smells “phishy” to you but you’re not sure either way, you should also be able to reach out to your financial advisor or a similar reputable source, asking for extra input. Here at Hill Investment Group, we’re happy to assist our clients with these sorts of questions. It’s in everyone’s best interest if we all join forces against phishers.

Today’s news is a two-for-one deal, introducing our new team member PJ McDaniel, as well as Hillfolio™, our ground-breaking new digital platform. We’d be hard-pressed to decide which we’re more excited about! Fortunately, we don’t have to. In a perfect pairing, PJ has joined our St. Louis office to oversee the new service.

What’s Hillfolio? We’re glad you asked! Hillfolio will bring evidence-based investing and institutional-level portfolio management to a wider audience, including those who might not otherwise be able to experience the high-touch care we strive to make the hallmark of every investor’s experience here at HIG. We’ll be covering it in more detail in the months ahead; for now, call it one of our most ambitious dreams being realized.

Back to PJ. Although new to the team, his relationship with us began six years ago, when he and Matt Hall both began serving on the Saint Louis Club board. Besides bonding over their status as the group’s “young guys,” they also became co-mentors, each learning from the other’s perspectives.

PJ had spent more than a decade in alternative investment sales. As he consulted with financial advisors across the country, he kept seeing huge variations in the quality of advice investors were receiving … and it bothered him. From Matt, he grew to appreciate the powerful differences a fiduciary mindset and efficient evidence-based investing can bring to people’s investment outcomes.

“I am excited to play a direct role in moving more people into evidence-based investing,” says PJ. “Once you understand that you cannot predict the markets, you get to focus your time on family, friends and other activities that make life enjoyable.”

For Matt, PJ’s experience in launching and growing new businesses was equally inspirational.

Call it fate or just good timing, but as PJ found himself increasingly uncomfortable in his career, we were beginning to seriously advance our Hillfolio platform, to the point where we needed a new team member to become its full-time champion. That’s when we and PJ realized we had a unique opportunity to join forces on our shared dream to put logic, data and evidence to work for every investor.

In addition to his 13-year career as a financial professional and an advisor to advisor firms, PJ holds a bachelor’s degree in business administration from Regis University. He also was selected to attend a “Semester at Sea” program where he studied international finance. Married in 2008, PJ and his wife have grown “the McDaniel tribe” to a party of five, including their three boys Jack (6), Patrick (4) and Henry (2). His wife is an accomplished evidence-based dietitian, cookbook author, corporate wellness guru, and media spokesperson who you may have seen on St. Louis’ local Fox 2 station.

When he’s not working or parenting, PJ can be found running, swimming or playing a round of golf. During his college years, he was a caddy at an exclusive country club, where he had the opportunity to caddy for Tiger Woods, then-sitting President Clinton, and countless other characters. Reflecting on the experience, PJ says, “Whether you watch a pro player or the leader of the free world duff a chip, it reminds you that we’re all human. The real eye-opener is how people handle or recover from their mistakes.” This is a lesson he hopes to instill in his boys as they grow old enough to take on summer jobs of their own.

Please join us in welcoming PJ to the HIG team … and watch for unfolding Hillfolio news to come!

In the good old days, online security used to be more nicety than necessity. For years, I had one 8-digit random password to serve every login need. With developments in hacking technology, the standards for passwords have changed, and a one-size-fits-all password no longer makes the cut. In this piece we’ll challenge our old beliefs about passwords and introduce you to five new powerful password procedures to help you stay secure.

1. Make it unique. Each of your online accounts should have a unique password. Otherwise, if a cyberthief breaches one account, they’ve effectively breached them all. Don’t make it easy for them.

2. Stay sane with a password manager. Unless you are a master memorizer, assigning unique passwords to each login is a tall order indeed. Solution: install a top-of-the-line password manager. This handy tool will help you to store, and even generate strong passwords. Here’s an independent review of available providers to get you started.

3. Lead with length. Remember those 8-digit passwords we talked about? There are random generators out there that will decode 8 characters in a computerized heartbeat. Instead, passwords should be 16 or more characters long.

4. Words are welcomed. It used to be a no-no to use dictionary words in a password. This is now considered okay, as long as the string meets the 16-character suggestion. Bonus points if you include a sprinkling of numbers, symbols and cases. For example, a semi-legible password like April48+greenGoose12% is probably equally as strong as an entirely random string like F8*tjE#378FpP6Jm#@4.

5. Change it up, often. Once your password game is strong, it’s best to routinely change them. Quarterly is ideal, and the password manager can help. Schwab conveniently prompts you when it’s time to change theirs, as do many other financial institutions.

How else can we assist you with your cybersecurity? Send me your questions … I’m on patrol!