Cybersecurity Tip of the Week

id = "FBMainForm_38110945" action="/cybersecurity.html" method = "post" onsubmit = "return false" >
Cybersecurity Tip of the Week Search  

 
Robo-Advisors
by FCNB on 


Robo-Advisors

Robo-advisors are increasing in popularity thanks in part to easy-to-use smartphone apps and online portals that make setting up an account convenient and quick.

But if you’re considering using a robo-adviser, it’s important you’re aware of the cybersecurity risks and considerations before opening an account.

What are the risks?

It seems that data breaches are becoming a common event these days, this can be scary for many reasons but it is something extremely nerve-wracking for people considering this technology-based tool.

The good news is that security is a primary concern for robo-advisors as well. Banks (and robo-advisors) have high levels of security encryption that keeps your assets and data safe. That’s why you rarely hear about a bank being hacked.

Also, many robo-advisors are owned by larger banks and investment houses, which means that investors get the same level of protection that an in-person banker enjoys.

Third-party apps that require access to your financial institution accounts may pose a problem in the event of a breach or hack.  It is important to talk to your financial institution to ask what impact using this app may have on your account, and if your funds are protected if the app or website gets hacked. 

How do I protect myself?

As with any app or online account, here a few things you can do to help protect yourself from a data breach:
  • Use a complex password.
  • Change your password on a regular basis.
  • Never use the same password.
  • Make sure your devices (laptops, tablets, phones) are locked in case of theft or lost.
  • Review your accounts and credit report occasionally. This would avoid an unpleasant surprise when you go to make a large purchase using your investments.

To learn more about investing using a robo-advisor click here.
Whether you decide to work with a human advisor or robo-advisor, make sure you choose the right one. To help you make the decision, use our Five Steps to Choosing an Advisor workbook or visit our Saving & Investing webpage for more information.

*This post is not intended to provide investment, financial, legal or other professional advice - always do your research and check registration before you invest.



Comments     Permalink     Add Comment

Robo-Advisors
by FCNB on 


Robo-Advisors
Robo-advisors are increasing in popularity thanks in part to easy-to-use smartphone apps and online portals that make setting up an account convenient and quick.
But if you’re considering using a robo-adviser, it’s important you’re aware of the cybersecurity risks and considerations before opening an account.
What are the risks?
It seems that data breaches are becoming a common event these days, this can be scary for many reasons but it is something extremely nerve-wracking for people considering this technology-based tool.
The good news is that security is a primary concern for robo-advisors as well. Banks (and robo-advisors) have high levels of security encryption that keeps your assets and data safe. That’s why you rarely hear about a bank being hacked.
Also, many robo-advisors are owned by larger banks and investment houses, which means that investors get the same level of protection that an in-person banker enjoys.
Third-party apps that require access to your financial institution accounts may pose a problem in the event of a breach or hack.  It is important to talk to your financial institution to ask what impact using this app may have on your account, and if your funds are protected if the app or website gets hacked. 
How do I protect myself?
As with any app or online account, here a few things you can do to help protect yourself from a data breach:
  • Use a complex password.
  • Change your password on a regular basis.
  • Never use the same password.
  • Make sure your devices (laptops, tablets, phones) are locked in case of theft or lost.
  • Review your accounts and credit report occasionally. This would avoid an unpleasant surprise when you go to make a large purchase using your investments.

To learn more about investing using a robo-advisor click here.
Whether you decide to work with a human advisor or robo-advisor, make sure you choose the right one. To help you make the decision, use our Five Steps to Choosing an Advisor workbook or visit our Saving & Investing webpage for more information.
*This post is not intended to provide investment, financial, legal or other professional advice - always do your research and check registration before you invest.
   

Learn more about Frauds and ScamsSee all Cybersecurity tipsLearn more about how to Get Cyber Safe



Comments     Permalink     Add Comment

Tracking your health with an app? Facebook is too
by FCNB on 


Tracking your health with an app? Facebook is too

You don’t even have to be a Facebook user for the social media platform to collect data on you – and highly personal data, at that!

If you’re using a phone app that tracks things like your menstrual cycle, heart rate, exercise habits and calories burned, chances are good that that app is sending that information along to – you guessed it – Facebook. 

Fuel for advertising
A Facebook-provided analytics tool called “App Events” lets app developers track and store user data, then send it right to Facebook, who then use it to fuel their advertising algorithms. Developers use App Events to track how and when people used their apps, and to gain insights for their own advertising purposes. 

The social media platform was caught acquiring sensitive data from Flo Period & Ovulation Tracker, and around 30 other apps so that information could be used for hyper-targeted ads. People were willingly inputting this info into their apps, but they had no idea what would happen to the data beyond the primary function of the app.

An example: Say a woman is trying to get pregnant, so she’s tracking her periods, ovulation and sexual activity in the Flo Period app. The app sends that information to Facebook, who then hit her with ads for maternity clothing, prenatal vitamins, diapers and daycares in her area. 

The goal of most tech is to slurp up information and turn it into profit, no matter how private the data. And it doesn’t get much more private than bodily functions!

Feigning ignorance 
Facebook claims it requires apps to tell users what info is shared and forbids apps from sending intimate data. But it did nothing to stop the flow of that sensitive data. 

Given their lax attitude toward data privacy, it’s not hard to imagine Facebook selling private information to health insurers, who would pay a premium for it and even use it to decide who they’ll cover. Free health apps have already been known to give up sensitive information to insurance companies – why wouldn’t Facebook do it?
 
Digital gangsters
A Wall Street Journal investigation found that many of these apps didn’t disclose that they would be sharing this information with third parties, or with Facebook specifically. Shortly after the Journal story broke, New York Governor Andrew Cuomo called for further investigation into this invasion of privacy.

This all comes on the heels of a scathing report out of the U.K. that essentially called Facebook digital gangsters who are abusing the power of their platform. And it’s not just Facebook; Google and Amazon have a scary amount of data on every one of us, which means we need to be taking this seriously. 

Data privacy should be an election issue
While the issue of data privacy is finally starting to be a high priority in the States, with investigations into breaches and tougher policies mirroring those or Europe, in Canada we’re just not there yet. We need to push for stricter privacy legislation and make it an election issue. We need to demand accountability from these data-hoarding corporations.   

*Blog post from Beauceron Security, for more information visit: https://www.beauceronsecurity.com/blog?offset=1552065484713 



Comments     Permalink     Add Comment

Dealing with Spam
by FCNB on 

Dealing with Spam

Spam is more than just an email chain letter.  It can also include malware, spyware, phishing, and false or misleading representations carried out through any means of telecommunications, text messages (short message services – SMS), social network sites, website, apps, blogs, and more.

 

Realize that you are an attractive target to hackers. Don’t say: “It won’t happen to me.” The best way to detect and avoid scams is to get to know the tactics and schemes scam artists use.

 

Cut down on spam by setting up spam filters on your email program, and unsubscribe to mailing lists you’re no longer interested in.

 

Learn more about Frauds and Scams

See all Cybersecurity tips

Learn more about how to Get Cyber Safe


Comments     Permalink     Add Comment

How to spot misleading info online and what to do about it
by FCNB on 

How to spot misleading info online and what to do about it

With all the information that’s available online, it’s inevitable that some of it will be wrong. Sometimes it’s a case of inaccurate facts, sometimes it’s opinion, satire or parody, and other times, it’s a case of deliberate attempts to mislead or influence public opinion through alternative media.

Either way, people are becoming less sure of the information they see online and elsewhere. According to a recent Ipsos Poll, on behalf of Radio Television Digital News Association (RTDNA), Canadians are less likely to trust traditional news media, with only 65% declaring some level of trust, and only 11% trusting the media “a great deal.” In the same poll, 68% of Canadians claimed they can always tell the difference between a news story and an opinion or commentary piece, but 24% admit they’re not so sure.

While “click-bait” is an internet concept, publishing less than truthful headlines to increase publication sales has been around for a while. You see examples every time you pass the tabloids in the checkout line at the grocery store. But now, false or misleading articles and memes are circulated on social media with the intention of getting us to buy a certain thing, or even vote for a certain candidate in an election.

Now, more than ever, we need to educate ourselves and our children about how to take a more critical look at information and articles shared online. Here are some starting points:

Read beyond the headline

Consider the evidence in the article before believing it. Sometimes, a well-researched news article will be shared by a third party with a misleading headline or conclusion. Other times, the headline was written by an editor, not the journalist, and provides an oversimplified description of a more nuanced take on an issue. Either way, it’s worth your time to read the whole thing before commenting or sharing. If you’re really skeptical, just ignore it.

Consider the source

Do you recognize the name of the source? Is it a national media outlet that you’ve heard of and known for years? Is the author trying to get you to buy something? Or vote for someone? Is it trying to provoke an emotional reaction, especially outrage at a person or organization?

Investigate

Is this the only news source reporting on this story? Searching for “News” related to the article topic in your search engine should pull up similar stories for other news sources.

Say Something

If you go through the steps above and conclude that an article you’ve seen is less than truthful, what should you do?

Resist the urge to comment or react to it through social media. These interactions will make the article more popular and it will be shared more by the social network. If you do want to alert the person that shared it to your thoughts, do so through a private message, or by phone or text.

*Blog post from Cyber Safe, for more information visit: https://www.getcybersafe.gc.ca/cnt/rsks/ntrnt-thngs/hm-en.aspx



Comments     Permalink     Add Comment

Cyber Safe: 5 ways to protect your privacy on a new smart device
by FCNB on 


Cyber Safe: 5 ways to protect your privacy on a new smart device

 

Whether it was on your wish list, or you gifted one to a family member, chances are someone in your household received a new device that connects to the Internet. While connected devices (also known as “smart devices”) are fun and make our lives easier, they also provide opportunities for hackers to access personal and private information.

 

Take steps to protect yourself, and your family, by following these tips:

 

1. Secure your home Wi-Fi network


Smart devices use the Internet to send and collect data. If your home Wi-Fi connection is not secure, your data is not secure! When using Wi-Fi, the minimum security you should have is wireless encryption and password protection. Under your wireless settings, make sure your router has WPA2 encryption enabled. Then, lock your wireless network with a strong a unique password. A strong password includes uppercase and lowercase letters, numbers, and special characters.

 

If you are an advanced user, create a separate network zone on your Wi-Fi network to connect your smart devices. This is called "device isolation" and functions similarly to "Guest Wi-Fi" networks.

 

When using your smart device on-the-go, connect only to trusted, password-protected networks, and turn off settings that automatically search for Wi-Fi networks.

 

2. Turn off geolocation when not in use


Many smart devices have apps that use geolocation to provide services, such as fitness tracking or maps. If an application can see your location, a hacker could too. In your device’s settings, turn off geolocation when you are not using it.

 

3. Before installing apps, understand the app's privacy policy and terms of use


All apps have privacy settings that help control who can see your information, and what they see. Customize these privacy settings so personal information, such as full names and contact details, are hidden. Also, be wary of apps asking for unnecessary or excessive information. Take a good look at the permissions, and don't just click “allow” for everything.

 

4. Disable microphones and cameras when not in use


Most gaming headsets, smart TVs, smartwatches, and smart speakers come with a microphone and/or camera. If not secure, your device could transmit information you don’t intend it to. Turn off your camera, and mute your microphone, when you are not using it.

 

5. Create usernames that don't contain identifying information

 

Oversharing could put your privacy at risk. When setting up a login for your device (or for a game or app), make sure your username does not contain identifying information, such as your name, age, location, or contact information.

 

*Blog post from Cyber Safe, for more information visit: https://www.getcybersafe.gc.ca/cnt/rsks/ntrnt-thngs/hm-en.aspx

 

Learn more about Frauds and Scams

See all Cybersecurity tips

Learn more about how to Get Cyber Safe


Comments     Permalink     Add Comment

How to safely use Internet banking and investing
by FCNB on 


How to safely use Internet banking and investing


Cybercriminals will go to extreme measures to get access to your banking information. Once they have access to it, there’s nothing stopping them from taking out a loan in your name, buying a new car, or even applying for a mortgage. They also know that financial institutions use extreme measures to protect your information. So they phish, spy and hack their way into your information from other sources, piecing together what they need to access your financial accounts.


Keep a close eye on your financial accounts on a regular basis. Follow these safety tips to ensure a safer banking experience:


  • Create a strong password that is unique from your other accounts.
  • Make sure to use secure websites. Websites that start with https:// or shttp:// use higher security measures than ones that begins with http:// (“s” means “secure”).
  • Always type in your banking information versus using the autofill.
  • Don’t use  public Wi-Fi or public computers for sending sensitive or personal information.
  • When you are finished, close your browser, clear your history and cache, and disconnect from the Internet.
  • Be suspicious if you get an email from a financial institution asking for your personal information.  Remember: legitimate financial institutions will never ask for your personal information in an email.
  • Don’t believe everything you read in online newsletters, investing blogs or bulletin boards. Fraud artists often float false information and “hot tips” as part of their efforts to rip off investors or manipulate the market for a particular security.
  • Knowledge is power. Be aware of the latest frauds and scams. For a full current list, visit our list of frauds and scams page.


For more information on investing, please visit our Savings and Investing page.


Learn more about Frauds and Scams

See all Cybersecurity tips

Learn more about how to Get Cyber Safe



 

Comments     Permalink     Add Comment

Cyber Safe: 3 Things to Look for Before You Buy a Smart Device
by FCNB on 

Cyber Safe: 3 Things to Look for Before You Buy a Smart Device

Smart home assistants, virtual reality headsets, smartwatches—these are some of the hottest gifts flying off the shelves this holiday season. Before you buy a device that connects to the Internet, do your research to help protect yourself, and your gift's recipient, from falling victim to cybercrime.

1. Only buy from companies and sites you trust
Take the time to do some comparison shopping and ensure the company you are buying from offers smart devices with at least basic security features such as the ability to lock the device with a password.

When buying online, stick to secure websites, with URLs that begin with “https.”

Some warning signs that a site could be untrustworthy include:
  1. Poor or unprofessional design
  2. Broken links or a disabled back button
  3. No contact information such as a phone number, email, or address
  4. No return policy

Research other's people experiences with the device, or with the company/site you are buying from. If the reviews are mostly poor, or mention security or privacy issues, consider shopping elsewhere.

2. Look for security features
An untrustworthy company could sell you a faulty device with weak, limited, or non-existent security measures. When buying a new smart device, think about what data will be collected from you, then research how the device will protect that data. At a minimum, check to see if the device will give you the option to lock the device with your own strong and unique password.

3. Check the company's privacy policy and data-sharing practices
All reputable connected-device vendors will have a published policy specifying the types of data collected by their device, which can include your daily routines, fitness and health habits, and personal banking and payment information. Before you buy a device, check the privacy policy and terms of use to understand what information will be collected from you, and what it will be used for.




Comments     Permalink     Add Comment

All apps contain cyber risks
by FCNB on 

All apps contain cyber risks 

One thing you need to remember about the Internet world – is that there is no geography. The fabric of the internet wraps around the globe and passes through geographical boundaries as if they were none. In other words – we are all sitting in the same spot in the digital world.  Which is how someone in Montreal can order McDonald’s using a Halifax resident’s app.

How to protect yourself: 

  • If you are using an app that is linked to your banking information, make sure it offers multi-factor authentication.
  • Create really long passwords.
  • Keep passwords protected, especially in public Wi-Fi zones. Go beyond protecting your passwords with not sharing it friends or writing it out in an email, by keeping it protected from Wi-Fi hot spots. When there is a public Wi-Fi hot spot, there is always a chance someone else could see what you are doing – all it takes is for someone to be sitting near you to have the right piece of hardware to steal your data.



Comments     Permalink     Add Comment

An ounce of prevention is worth a pound of cure
by FCNB on 


An ounce of prevention is worth a pound of cure

Earlier this year, we explored what to do if you email gets hacked; today, we will discuss how to prevent it from happening.

1. Find out if your email address has been compromised. The first thing that we recommend is that you verify if your email address has been found in any of the hacked data sets.

You can gain some insights into whether your email address has been found in any compromised data sets at https://haveibeenpwned.com/ Make sure to check both your personal and work email addresses.

If you email address shows up, you should change your password for whatever service or website is identified, to a unique password for each service as soon as possible. Make your password at least 12 characters long, the longer the better.

2. Start using a password manager.

3. Turn on 2-factor authentication for accounts that permit it.

4. Verify your password reset processes for important sites.
  • Many hackers exploit weak password reset processes to get into your account, rather than trying to hack your password directly. The next time you login to important sites, verify that your password reset processes are properly set up and secure:
  • Make sure the email addresses they have are up-to-date, particularly any secondary email addresses.
  • Make sure any phone numbers are up-to-date.
  • Enable 2-factor authentication whenever possible.
  • Avoid reset questions, the answers for which are easily determinable (such as your mother’s maiden name). If there is no other option, create a unique answer to these poor questions that only you know (for example, use your university student number as your mother’s maiden name).

Learn more about Frauds and ScamsSee all Cybersecurity tipsLearn more about how to Get Cyber Safe



Comments     Permalink     Add Comment

 
RSS Feed


2017 © Financial and Consumer Services Commission