Details Are Part of Our Difference
Embracing the Evidence at Anheuser-Busch – Mid 1980s
529 Best Practices
David Booth on How to Choose an Advisor
The One Minute Audio Clip You Need to Hear
Tag: compliance
Summer cyber cleanup – email is guilty until proven innocent
In today’s digital landscape, knowing what cyber risks to avoid and which red flags to look for are essential to protect you from evolving cyber threats. We’re sharing our top ways to protect yourself this summer.
3 steps you can take today to protect your email
- Enable two-factor authentication. This is our top bang-for-your-buck recommendation: easy with a big security benefit. Two-factor authentication adds an extra layer of security to protect you even if your password gets compromised. For those of you who use Gmail – here is a link that shows you how to set it up.
- Don’t share private personal information. Opt for a good old-fashioned phone call if you ever need to share passwords, social security numbers, or bank details. Our team can help you create secure links if you need to share these over written communication.
- Have a long, strong, and unique password. We’ve said it before, and we’ll say it again – keeping your email (and banking) passwords ~15 digits long and unique from other passwords are simple ways to protect yourself. Why? Criminals will grab the username and password combinations from retailers and test them at banks and email providers. Unique passwords help prevent this technique from working. Here is an independent review of good password managers that can help you store your info securely.
A discussion of email security would be deficient without a mention of phishing. We think this is so important we’re highlighting three additional tips to help you identify phishing when you encounter it. What is phishing? Email phishing is a cyber-attack where scammers attempt to trick you into revealing your private information through email. They often use a combination of social engineering or malicious links to get you to share information. This is, unfortunately, becoming more common, and it’s important to know how to protect yourself.
3 tips to spot a “phish” in your inbox
- Suspicious email addresses. Phishing emails often mimic legitimate organizations but have slight variations or misspellings in the sender’s address. Check if the email matches the official domain, and be cautious of misspellings or unexpected differences.
- Urgent language and misspelled words. Phishing emails use urgency to create panic and pressure you into immediate action. They may threaten account closure or penalties. Beware statements like “Your account will be deactivated in 24 hours” or “Legal action will be taken if you don’t respond soon.” Misspellings are easy to spot and often indicate a phish.
- Requests for sensitive information, suspicious links, or attachments. Phishing emails ask for sensitive details like passwords or credit card numbers, which legitimate organizations rarely request via email. Avoid sharing personal information through email unless you’ve verified the request independently. When you see an email that you think is a phish, we recommend calling the institution directly to verify (using a phone number you look up instead of the phone number in the suspicious email).
At HIG, we work daily in the background to protect your information by raising awareness within our team, identifying vulnerabilities, evaluating security controls, and fostering a security culture. We have developed a comprehensive cybersecurity program that includes quarterly phishing testing of our team to fortify our internal defenses for your protection. Curious to learn more? Give me a call at 314-448-4023.