Person entering password on computer

October 29, 2020

How to Protect Yourself and Your Money Online

Protecting assets is a central part of any wealth management strategy. And while most businesses have learned to plan for cyberthreats, tackling cybersecurity best practices during the pandemic and making sure remote employees know how to protect sensitive data against increased activity, not everyone is as vigilant about the possibility of cybercrime on a personal level.

According to a 2017 Campden Research study, more than a quarter of ultra-high-net worth (UHNW) families, family offices and family businesses with an average wealth of $1.1 billion have been targeted by a cyberattack. And if you fall into that category, you could be more vulnerable to an attack by savvy cyber thieves.

"Hackers that target high-net-worth individuals have done their homework," said Stacy Bertrand, manager of information security strategy and metrics at City National Bank. "They know they have money and that they have something to steal."

But it's not just financial resources that make these families more vulnerable to a cyberattack. It's often their public status and lifestyle choices that may make them more susceptible.

Thank you for subscribing!
Error. This is not a valid email address. Please try again.
Error. Please make sure all fields are properly filled out and try again.
Subscribe to Our Newsletter

Lifestyle cues used for social engineering attacks

Social engineering involves the use of social media to mine your information.

Hackers can gain clues about things like wealth status, property ownership and investments through private details that you choose to share publicly on your social media channels. From there, cyberthieves can use social media to facilitate a scam.

These thieves use a wide range of techniques to try and trick you, said Eduardo Kieffer, director of Cyber & IT Risk for RBC in the United States.

“They might use familiar subject lines or spoof a trusted sender to try to get you to open an email or click a link," Kieffer said. “Email fraud works by impersonating someone you already know and trust."

Setting ground rules for social media use with your family members can be an effective way to combat the social engineering threat. For instance, you may wish to restrict the types of photos or information shared through social media, or insist family members set their account visibility to private-only.

Public status adds risk

In general, Bertrand said high-net-worth individuals (HNWIs) are more searchable online.

Someone who owns a company, holds a C-suite position, frequently makes large donations to charity or is a public figure has a highly-visible online presence, making it easier for cyberthieves to profile them as potential victims.

"Hackers are able to perform sophisticated spear-phishing attacks with the information they receive from searching the internet," said Bertrand. Spear-phishing involves the use of fake emails, which lure you into clicking a link, downloading a file or sharing sensitive personal or financial information that can be easily exploited.

Most cyberattacks start with a phishing email, which is also one of the most common ways computers are infected with malware.

To prevent this from happening to you, it's always best to take the "better safe than sorry" approach and pick up the phone to verify the email is actually coming from the person you believe sent it.

Lack of centralization can make cyberattacks easier

Having a broad network of people who aid in managing your wealth can also be a boon for hackers.

"Typically, clients we work with have a financial team," said Bertrand. "Because more people are potentially involved in managing various aspects of your financial plan, hackers have more wiggle room to build convincing stories that do not need to be verified."

Bertrand offered two tips for protecting yourself when you have a larger team, or widespread assets.

First, "high-net-worth individuals need to develop a 'trust but verify' process," she explained. "This means that people or companies who work with these individuals need to know what they are allowed to approve and what they need to call and verify."

In the best-case scenario, employees should verify all emails and phone calls with you prior to transferring money.

The second tip is to understand where your assets are held.

You don't necessarily need to aggregate all your assets in one place but you should have visibility and transparency with regard to where your accounts are located and what's in them.

High-net-worth households have the means to pay up

The use of ransomware — a software program that blocks access to systems or data until a ransom is paid — also poses a threat to HNWIs.

An estimated 4,000 ransomware attacks occur each day, and while businesses are often the target, individuals and family offices aren't immune.

Because HNW households have the resources to pay the ransom, cyberthieves are betting many of these individuals would prefer to pay up rather than dealing with a locked computer.

Preventing ransomware begins with protecting your personal and financial details and ensuring basic security practices are followed down the line by employees and any other individuals who have access to your information.

Luxury locations are a target for wireless spoofing

When you're traveling, you may find yourself using public and open wireless networks or hotspots to get online.

But these networks are particularly insecure, even when they require a password. Hackers are taking advantage of this fact and targeting luxury hotels and airport lounges where they know HNWIs will be using their laptops and phones.

So how do you protect yourself outside of the home?

In general, never log in to password-protected websites that contain sensitive data, such as your bank accounts, social media channels or email, when using public Wi-Fi. If you need to use a Wi-Fi hotspot, consider using a virtual private network (VPN) to secure your connection.

Recognizing and understanding the various ways in which you may be a target of cyberfraud is an important step in protecting your assets. With this knowledge, you can have a conversation with the professionals who are managing your assets to ensure they're properly equipped to identify and handle a cyberthreat.

You'll also be able to take your own precautions, making it difficult for a cyberthief to target you in the first place.

Need to discuss cybersecurity and your wealth plan with an advisor and wish to find one? Get in touch with a City National advisor today.

This article is for general information and education only. It is provided as a courtesy to the clients and friends of City National Bank (City National). City National does not warrant that it is accurate or complete. Opinions expressed and estimates or projections given are those of the authors or persons quoted as of the date of the article with no obligation to update or notify of inaccuracy or change.

City National, its managed affiliates and subsidiaries, as a matter of policy, do not give tax, accounting, regulatory or legal advice. Rules in the areas of law, tax, and accounting are subject to change and open to varying interpretations. You should consult with your other advisors on the tax, accounting and legal implications of actions you may take based on any strategies presented, taking into account your own particular circumstances.

This article is a republication of content originally published by RBC Wealth Management, a division of RBC Capital Markets, LLC, Member NYSE/FINRA/SIPC. © 2020, Royal Bank of Canada, used with permission. This article may not be reproduced, distributed or further published by any person without the written consent of RBC Wealth Management. Please cite source when quoting.

Thank you for subscribing!
Error. This is not a valid email address. Please try again.
Error. Please make sure all fields are properly filled out and try again.
Subscribe to Our Newsletter