Merrill Lynch Life Agency Inc. is a licensed insurance agency and wholly owned subsidiary of Bank of America Corporation.
© Bank of America Corporation. All rights reserved.
As our lives become more and more digital, families face increasing threats of cybercrime. Here are some ways to avoid becoming a victim.
There's little doubt that the next generation of today's families will grow up with open and continual access to technology. This generation, more than any before, will be "digital natives," meaning they won't have ever lived without applications (apps), email, the Internet, social networks and mobile devices.
The numbers are staggering: Estimates suggest that an additional 1 billion people will have access to the Internet over the next five years, and they will be doing so almost exclusively via smartphones.1 There's no question that these devices provide convenience and play a growing role in our lives, but they also allow for increasing financial risks. Because people accustomed to constant online access may not fully understand these risks, never before has it been more important for everyone to protect their assets and identity from cybercrime and those who commit it.
Attacks can come from anywhere. For example, a family noticed, during a routine check of a credit report, that someone had purchased over 100 gift cards—each worth $150—and had given them away to people whose names they didn't recognize. The hack occurred through a shopping app on a teenager's smartphone when an item was purchased through a store's Wi-Fi connection.
The family contacted Tania Neild, a cybersecurity consultant, to analyze and diagnose what had happened. In the process they learned some key preventative measures. A Ph.D. in database integration who spent five years at the National Security Administration (NSA), Neild says family members usually have little idea about how much their daily online activities may be putting their assets at risk. This family in particular was victimized because they weren't following some of the basic guidelines of cybersecurity.
"We worked backward to find out what went wrong," says Neild. "Were they on a public Wi-Fi? Yes. Were they doing a transaction? Yes. Were they successfully processing the consequences? No." Neild said it was helpful to have the whole family in the room so they could work on the issue together. "This was a four-generation family," she says, noting that different family members had very different skill sets when it came to technology. "I had everyone from an infant to a great-grandfather in front of me, and although I had my work cut out for me, in the end, it was helpful to work as a team."
While cybercrime has increased by 38% in the last year,2 this doesn't mean families can't use email and social networks. Kids, especially, want to participate since so many of their friends are online. A recent independent study found that 24% of American teens are online "almost constantly" via smartphones and almost 75% of teens have smartphones.3
Over 100,000 breaches in cybersecurity occur every day, and there's more than one kind of cybercriminal.
Neild says rules are important, but the real key is balance. "I try to move everyone to the middle," she says. "If it gets too strict then it's not practical. But if it's too loose, you open yourself up to great risk." She begins with the basics:
Sometimes stating the obvious is necessary, Neild says, such as reminding kids that they should never share their passwords. Likewise, children need to understand the dangers of posting photos and personal information. "They need to recognize what is and isn't visible and act appropriately," she says. A large public donation, for example, could end up in local media for positive reasons, but that could lead cybercriminals to individual family members' work or social network accounts. From there, seemingly innocent public information can be used against a family. "It could be something benign, a post like 'Having fun in Cabo,'" she says. "But if someone recognizes your name because your family just donated $10 million to build a library, there you are in Mexico, where kidnapping is big."
Over 100,000 breaches in cybersecurity occur every day, says Neild. And there's more than one kind of cybercriminal. Just like in the real w orld, different people want different things, and have different tactics to try to get them.
Some cybercriminals are outsiders, digging up information on a family via social networks or by accessing networks illegally. Others may have insider information about the family, or even be family acquaintances or on the family's payroll. Recognizing different kinds of cybercriminals is paramount to a family's security, as is taking precautions.
The criminals behind these acts can be divided roughly into three categories:
Simply increasing the length of a password can help ensure a family's online safety.
As the threat of cybercrime grows, so does the need to protect family assets. How is this done? Some suggest working with a web master to establish a family domain—a secure site accessible by a small number of approved family members, each with their own domain email (e.g., firstname.lastname@example.org). While this is often fairly simple to set up, it can mean granting another individual or company access to any emails sent from the domain.
Neild suggests having a trusted technology (tech) expert help set up secure email and build a private server— or firewall. This server should be used when handling family assets, instead of public servers or Wi-Fi devices. The server design should include a desktop accessible to authorized family members with unshared passwords. The desktop should not have wireless capabilities, and should be hardwired via ethernet to the server. The firewall should be checked and reinforced in regular monthly installments, or at least once every quarter.
Neild says it's also essential to choose the right tech expert, and that the person designing the system should be evaluated the way one would a mechanic. "References, references, references," she says. "You want someone to be focused and very rigorous when setting this up."
While complexity often plays an important role, simply increasing the length of a password can also help ensure a family's online safety, according to Brad Deflin, founder and president of Total Digital Security. "Length is everything," he says. "Certain hacking software can sometimes crack an eight character password in less than a day, while a 10-character password could take a year and a half to crack using the same software."
Despite all the precautions you can take, hackers still get around the cybersecurity that's in place and breaches do occur, reiterates Neild.
This, too, is something for which every family should prepare. Victims of cyber theft, like burglary, often feel violated and don't know what to do next. A good start is remembering these three steps:
Family assets may be insured, but once trust is violated, it's not easily rebuilt. Even after a security breach during which nothing was stolen, families may feel like they've been robbed. Taking these three actions can help you get back on the path towards peace of mind.
Cybercrime is a fact of modern life, and it's only becoming worse. While the benefits of instant online access are many, so are the perils. But with thorough preparation and a good understanding of the online world, all members of families should be able to enjoy the benefits of the Internet today and look forward to a safe and secure tomorrow.
1"Mobile Is Eating the World," ITU, a16z, 2015.
2The Global State of Information Security® Survey, 2016.
3"Mobile Is Eating the World," ITU, a16z, 2015.
4The True Link Report on Elder Financial Abuse 2015, True Link Financial, January 2015.