8 ways to stay cybersafe

As the world spins faster with change and as technology becomes more sophisticated, cyber threats are increasingly on the rise. Global shifts create uncertainty and can increase anxiety, all while cybercriminals are ever ready to prey upon individuals’ fears and emotions.

 

Being cybersafe is the practice of proactively protecting your identity and safeguarding your world. Being aware of the varied types of sophisticated schemes that are being employed will help protect you from being compromised. Cybercriminals are opportunistic and when you are vigilant, you stand a better chance, especially during times of uncertainty. Here are eight ways to help you protect yourself and your assets.

#1. Play hard to get — monitor your accounts

When you regularly log in to your account, you can monitor activity and know when there is an issue. You can also practice safe computing by registering your account, which includes auto asset protection and account restoration with the Voya S.A.F.E. Guarantee program. If any assets are taken from your workplace retirement plan account due to unauthorized activity and through no fault of your own, Voya will restore the value of your account.*

#2. Safeguard your devices

It’s a good idea to manage your computers and cell phones by making sure you have an auto lock on your screens, reboot each device every evening for software updates and ensure your devices have a privacy screen to reduce the risk of “shoulder surfing” by prying eyes. Be sure to use a camera cover on your laptop when not in use and never leave your laptop unattended especially in public. Refrain from logging into financial accounts or using passwords on unsecure public networks commonly found in coffee shops, libraries and airports as this is used most often by cyber criminals to ‘surf’ for personal information.

#3. Secure your home network

Locking down your home network includes having the latest firmware installed for Wi-Fi routers, switches, cable modems and firewalls. Make sure to create a strong password to protect your router or cable modem and inform only trusted family members. You can also use Wi-Fi protected access encryption protocols such as WPA2 or WPA3 to block hackers.

#4. Protect your passwords and PINs

Start with strong passwords across all of your devices, but be sure not to duplicate or use them with websites or applications. It’s also a good idea to avoid using personal information such as names or birthdates, change your password often and always keep confidential. Avoid using your debit card at stores or other public venues where a PIN is required to be used.

#5. Beware of phishing, smishing, phone scams, and spam email 

Cyber criminals are always developing new tactics to get personal data through emails and phone calls. A good measure of common sense is needed when a scam presents itself and always trust your gut. If it doesn’t seem right, it probably isn’t. Here a few things to know:

What is phishing?

A phishing attack is an online fraud technique that involves sending official- looking email messages with return addresses and links that appear legitimate. Some can contain hyperlinks to fake websites where fraudsters attempt to get financial or login info such as account numbers, PINs, credit card numbers, etc. The stolen data may be used to gain access to financial accounts or make fraudulent purchases. Tips to help stay on top of phishing and scams:

  • Watch for emails claiming to be from the U.S. government.
  • Be suspicious of any emails or links from sources you don’t recognize.
  • Be suspicious of anyone who calls or emails impersonating a customer, agent or advisor asking for personal data in the hope of gaining access to unauthorized accounts.
  • Anyone claiming to be from Voya calling from an anonymous line or “spoofing” a customer or Voya number. Voya will never ask you for your personal information by email.
  • Make sure your anti-malware and anti-virus software is up-to-date.
  • Anyone asking you to share and/or confirm confidential customer or employee information.
  • Referring to you by name as a way to personalize the conversation and reinforce the scam.
  • Injecting a sense of urgency, fear or guilt that you will be reprimanded if you don’t immediately without question, comply with their requests.

A few email subject line examples of phishing that play on emotions:

  • Your account has been locked!
  • You’ve been selected!
  • Act now!
  • You’ve won!

Tips to identify Phishing emails:

  • Look for misspellings and grammatical errors.
  • Pay attention to email signatures that do not match senders address.
  • Email creates a call for action/sense of urgency/emotion.
  • Hyperlinks have unknown web address.
  • “From” email address is not a standard looking address or is masked to appear to be legitimate. You can right click on the sender to unmask/reveal the email address.

See something suspicious? Act with caution

  • Never enter your username or password into unknown websites.
  • Do not click on any unknown links or open any attachments.
  • Delete the suspicious email from all mailbox folders.
  • Go directly to your account website to login and access messages.
  • Call the company to confirm the legitimacy of the email.
  • Use a spam filter to avoid seeing these messages.
  • Never respond to a spam message; your email address is recorded as live and the spam will increase.
  • Should you read a spam message remember: If it sounds too good to be true, it probably is. If you received unsolicited email offers or spam, send the messages to spam@uce.gov.

What is smishing?

Smishing is a cyberattack where scammers target individuals through SMS (commonly known as text) messages. The strange-sounding name is a merger of “SMS” and “phishing.” The goal of a smishing attack, as with most forms of social engineering, is to trick victims into taking certain actions that will benefit the scammer. In most cases, this involves giving away personal or financial information. 

Here are the types of smishing examples to look out for:

  1. Delivery notification and package-tracking smishing
    • Common during holidays or sales events
    • Scam texts from FedEx, UPS or USPS about delivery issues
    • Aim to trick you into clicking harmful links or giving personal info
  2. Financial services smishing scams
    • Target bank and credit card users
    • Pose as legitimate banks to steal sensitive data
    • Often send fraud alerts to prompt clicking malicious links or calling fake numbers
  3. Confirmation smishing scams
    • Fake confirmation requests for orders, appointments, or invoices
    • Directs to sites asking for login credentials or sensitive data
  4. Customer support smishing scams
    • Pose as trusted companies, not just banks
    • Notify of account issues and direct to fake sites with spyware
  5. Gift or giveaway smishing scams
    • Offer free gifts or fake contest giveaways
    • Links lead to malware-infected sites

Smishing attack warning signs:

  • Suspicious phone numbers
  • Misspelled words or grammatical errors
  • Links and files from unknown numbers
  • Urgent requests
  • Money requests
  • Prize notifications for contests you didn’t enter

What to do:

  • Do not send personal information via text
  • Inspect new phone numbers
  • Avoid clicking suspicious links or files
  • Contact the business directly to verify texts
  • Never respond to smishing texts
  • Use two-factor authentication
  • Download antivirus software

#6. Bank, shop and spend wisely:

  • Cancel your unused credit cards so that the account numbers will not appear on your credit report.
  • Sign your credit cards immediately with SEE ID for merchants to confirm your identity.
  • Do business with companies you know are reputable, particularly when making online transactions.
  • Use a secure browser when you conduct business online that encrypts or scrambles purchase information. Customers can verify that the web page they are entering is secure by looking for the https:// on every page to ensure your entire session is encrypted — not just the login page.
  • Avoid opening emails from unknown sources.
  • Ask businesses about its privacy policies and how information is used.

#7. Protect yourself from mail fraud:

  • Remove posted mail, especially bills, from your home mailbox every day. Signing up for electronic statements and paying bills online can help you reduce the chance of someone stealing information from your home mailbox.
  • Know your billing cycles. Follow-up with creditors if bills or new cards don’t arrive on time. An identity thief may have filed a change of address request in your name with the creditor or the post office.
  • Shred receipts and mail, especially pre-approved credit card applications.
  • Eliminate the receipt of pre-approved offers of credit by calling 1-888-5-OPT-OUT.
  • Account for all new checks when you receive them in the mail.
  • Remove your name from direct mail lists and write to the companies you do business with and ask them not to sell or rent your name. You can visit the Direct Marketing Association’s website to learn about laws that protect you and how to get your name removed from these lists.

#8. More common sense tips:

  • Check your Social Security Earnings and Benefits statement once each year to make sure that no one else is using your Social Security number for employment. You can obtain your statement at https://www.ssa.gov/myaccount/statement.html.
  • Securely destroy documents containing personal information.
  • Be very cautious about posting personal details on social networking sites or on the internet. Criminals can use this information to commit fraud.
  • Never carry your Social Security card, bank passwords or other sensitive information in your wallet.

This list is by no means exhaustive, and you can see the many ways cyber criminals can try to access your personal information. Remember, being cybersafe is the practice of proactively protecting your identity and safeguarding your world — so you can preserve your identity and stay healthy financially.

 

 

* Please see the full S.A.F.E. Guarantee at go.voya.com/datasecurity for more information.

This information is provided by Voya for your education only. Neither Voya nor its representatives offer tax or legal advice. Please consult your tax or legal advisor before making a tax-related investment/insurance decision.

Products and services offered through the Voya® family of companies.

3813350_1024

CN3959364_1226