The Covid-19 pandemic is an ideal time for scammers to compromise your devices and steal your data. To maintain your personal and business cyber security during the pandemic—and always—you should take immediate and long-term1 precautions.
Immediately: Guard your devices—check yourself, check the source
Let’s say you get a message that tells you to take action right away, or offers a wonderful opportunity. Before you click, take a moment to consider:
Your feelings: Is there something going on that is making you feel anxious or upset (e.g., Covid-19)? Is the message connected to any of that? Remember, the pandemic has put us all on edge right now so it’s important to slow down and avoid impulsive decision-making.
The message’s source: Look carefully at the sender’s email address, social media profile or handle, as well as the original message itself. Is there anything odd about them, for example, strange spelling errors or capitalization or tone? Any of these could indicate a phishing attempt.
Confirming: If you know the person or company who sent the message, call them to confirm it came from them. However, don’t use any phone number included with the message—use numbers you’ve already got on file, for example, your credit card company’s number printed on the back of the card.
Intimidation: Are you feeling pressure to act because you or someone else will look foolish if you don’t? For example, if you get a message from the CEO of a company demanding instant access to a sensitive account, you might feel that you should immediately do as you’re told. Resist that urge, though, and call their admin before taking action.
The attraction: Is something being offered at a steep discount? Or is it a message about something you’ve wanted for a while but haven’t been able to get? Before clicking, put the site, or the text of the message, or the name of the person making the offer into a search engine, and see what the results show you. If you see the text used frequently or anything questionable about the site or sender, don’t click and don’t respond.
Long-term: Technology to protect your devices and data
You probably already use anti-virus and anti-malware software, so make sure it stays up to date. There are other technology and practices you should be using, too:
VPNs: Subscribe to—and use—a VPN to create a “tunnel” between your device and the sites you visit so that online snoops can’t see what you’re doing. You can select different servers from around the world, so VPNs are also handy for masking your physical location.
Passwords: Don’t use the same password twice, and change them often, especially your most important ones such as your home Wi-Fi network. And because tracking all those passwords is a burden, use a password manager and be sure to set up multifactor authentication.
Multifactor authentication: Set up multifactor authentication on all your devices and on any accounts that allow it. This means that a minimum of two unrelated things must be used to log into the device or account. Combinations may include two or more of:
-
Facial or fingerprint authentication
-
A text sent to a different device
-
A one-time and/or time-limited code generated by an authenticator app
-
Passwords
Digital wallets: Set up accounts with PayPal, Google Pay and Apple Pay and use them to pay for your online and in-person purchases as much as possible. By doing this, you protect yourself from the repercussions of a hack at the company you are buying from.
Low-limit card: Have a separate, designated credit card with a low limit. If you have any doubts about a site or a service and can’t use your digital wallet to pay for it, use that card.
Share financial data securely: Any data you share will be grabbed if your email or messaging gets hacked.
-
Ensure that your accountant or lawyer has a secure transfer system, or set one up yourself, such as Dropbox, WeTransfer or OneDrive.
Know what’s at risk, and what to do if you’re phished
Covid-19 is the perfect environment for new types of fraud, and with so much confusion around it, we’re all at risk of phishing scams. That’s why it’s important to be aware of how we’re at more risk, and what to do if someone does get access to your data.
Read more about this in Part 3 of our Cybersecurity series – Here’s what to do if your information has been compromised.
1 https://www.bmo.com/pdf/protecting-yourself-from-cybercrime-en.pdf
BMO Private Wealth provides this publication for informational purposes only and it is not and should not be construed as professional advice to any individual. The information contained in this publication is based on material believed to be reliable at the time of publication, but BMO Private Wealth cannot guarantee the information is accurate or complete. Individuals should contact their BMO financial professional for advice regarding their personal circumstances and/or financial position. The comments included in this publication are not intended to be a definitive analysis of tax applicability or trust and estates law. The comments are general in nature and professional advice regarding an individual’s particular tax position should be obtained in respect of any person’s specific circumstances.
BMO Private Wealth is a brand name for a business group consisting of Bank of Montreal and certain of its affiliates in providing private wealth management products and services. Not all products and services are offered by all legal entities within BMO Private Wealth. Banking services are offered through Bank of Montreal. Investment management, wealth planning, tax planning and philanthropy planning services are offered through BMO Nesbitt Burns Inc. and BMO Private Investment Counsel Inc. Estate, trust and custodial services are offered through BMO Trust Company. If you are already a client of BMO Nesbitt Burns Inc., please contact your Investment Advisor for more information.
® Registered trademark of Bank of Montreal used under licence. All rights are reserved. No part of this publication may be reproduced in any form, or referred to in any other publication, without the express written permission of BMO Private Wealth.
