Swiss-Cheese Security
Swiss-Cheese Security

Swiss-Cheese Security





Swiss-Cheese Security

How hackers are poking into your online financial records.

“Firewalls today look like Swiss cheese,” says Jerry Irvine, CIO and partner of Prescient Solutions, a Chicago-area IT staffing organization.

Despite our best attempts to protect ourselves and family from cyber-attacks, viruses and malware wiggle through the holes and wreak havoc on our computing systems and, for some, our personal lives.

Most commonly these hacks are a result of phishing, the activity of defrauding an online user of financial information by posing as a legitimate company. You may think you are safe, because you don’t click on the plea for money from a relative stuck in a foreign country. But, the attacks are usually much more subtle, and users are oblivious to many of them.

According to Irvine, the average person receives 75 phishing scams a day and clicks on 25 of them. Surreptitiously, phishers gain access to your system and use malware to tap into financial information you thought was secure.

Here Irvine answers the basics about phishing and offers steps you can take to protect yourself today.

Q: What makes us so vulnerable to phishing?

Jerry Irvine: Poor phishing scammers don’t have the resources to hire a good graphic artist and mimic web pages of legitimate banks. But emails from Nation State and large crime syndicates are sophisticated, designed to look like they are from real financial institutions, such as Chase Bank.

The email says, “Click here and change your password.” When you click on it, it takes you to a site that is a facsimile of the actual bank’s website. When you input your user ID and password, it copies it to their servers at the same time it would redirect you directly to the Chase website, and automatically log you in. You don’t even know that you were hacked.

What other types of phishing exist?

JI: Many phishing scams you don’t see. You unknowingly click on a page and it automatically runs a script—or malware—in the background. Now you have a key logger application on your PC that copies all of your cookies.

What is a cookie, and what is the danger of a hacker having access to your cookies?

JI: A cookie is how a website recognizes you and keeps track of your information (think of a shopping cart on Amazon.) When you tell the site you want to save your password and credit card information, all of that information is put into cookies.

The problem is that that the average person uses the same user ID and password for every site. Once a hacker gains access to one of your favorite sites, they can gain access to all of your records, including your bank account records. By installing a tiny file on your computer, they have all your information at their fingertips.

What can a user do today?

JI: There are malware applications that will look for footprints of known Malware applications. But less than 30% of those actually work.

The best advice is to be a smart user.

Create secure and diverse passwords. Don’t open emails with attachments, unless you’ve asked for the attachment. Never go to sites beyond the first page on your browser (by the time you get to the second, third and fourth pages, chances are those sites have malware). Users are always the biggest risk. It’s important you understand safe computing – what to open up, what not to open up.

Learn the Tricks of the Hacker Trade

At a special Trust Company sponsored event in January, Jerry shared his insights regarding cyber security and offered advice on how to stay a step ahead of hackers.

Tags:  Cookies, Cyber Attacks, Cyber Safety, Cyber Security, Financial Hackers, Financial Protection, Financial Records, Hackers, Identity Theft, Malware, Online Passwords, Online Scams, Phishing, Safe Computing

Note:  The content of this article is for guidance and information purposes only and is not intended to be construed as advice. Information provided is not intended to provide investment, tax, or legal advice.

External Links:  This page may contain External Links. By clicking on these links, you are leaving the TC Wealth Partners website and going to a third party site. We are not responsible for the products, services, and content provided on third party sites. We also cannot endorse or guarantee the information or recommendations provided on third party sites. To learn more about our Security and Privacy policies, please visit our Terms of Use section.