• Serendipity Team

Staying one step ahead of cybercrime

With some of the world’s largest and most reputable organisations falling victim to cyber attacks, it’s time to take a fresh look at what you’re doing to protect your own personal and financial data.

SolarWinds may sound like something only an astronomer need worry about. But in 2020 it became better known as “the largest and most sophisticated [cyber] attack the world has ever seen”, according to Microsoft President Brad Smith.1 Named after one of the companies whose software was hijacked, the SolarWinds attack is reported to have affected companies as large and secure as Microsoft, Cisco and Intel, as well as US government agencies including the Pentagon. Closer to home, our financial services corporate regulator, the Australian Securities and Investments Commission (ASIC), recently fell victim to a software breach that also hit the Reserve Bank of New Zealand.2 High-profile attacks like these highlight the growing risks of cybercrime, and the importance of acting now to protect your data as well as your clients’ information. Here are some of the most common threats you need to be aware of, and the steps you can take to protect yourself.

The biggest threats in 2022

1. Remote working

The threat When COVID-19 took hold, many workplaces closed and sent their staff home to work. While some offices have since reopened, many Australian workers continue to work remotely without the benefit of on-site IT support, secure servers and hardened networks. That brings increased security risks.

What you can do about it

  • If you or your staff are working from home, make sure everyone has enabled automatic software and security updates.

  • Install reputable and reliable anti-virus programs and keep them up-to-date.

  • Use strong ‘passphrases’ instead of passwords and use a different one for each website and app.

  • Use a trusted and secure wi-fi source.

  • Activate two-factor identification for employees accessing office systems.

  • Use secure teleconferencing and messaging services, and be aware of services such as Zoom having possible security vulnerabilities.3

2. Pandemic-related phishing

The threat Cybercriminals have taken advantage of the pandemic to send a higher volume of phishing emails to unsuspecting victims. Phishing emails entice users to click on a link, open an infected attachment, or enter passwords and other personal information in a web page disguised to appear legitimate. They include emails purporting to be from government agencies, workplace systems or software providers, as well as financial institutions.

What you can do about it

  • Never open an email or click on a link sent from a source you can’t verify.

  • Look for emails where the sender’s name doesn’t appear to match their email address, and links that aren’t what you expect – for example, a URL similar to the real web address of a company, but with some tell-tale differences.

  • Be wary of ZIP files, which can be used to disguise ransomware and malware, Microsoft Office files, which can contain embedded macros, and PDFs, which can be used to create and run JavaScript.4

  • Be careful of organisations asking you to update or confirm personal details like passwords or PINs in direct messages.

  • Remember that most banks will never ask for your banking information by email or text message, or ask you to click on a link to sign into your online banking.

3. Identity theft

The threat Cybercriminals are attracted to a range of personal information – everything from your name and date of birth to your tax file number and online account login details. Once they’ve harvested your details, they can use them to create fake documents and apply for loans, benefits or even real ID documents.

What you can do about it

  • Limit what you share online about yourself and your family.

  • Stay on ‘private’.

  • Don’t accept friend requests from strangers.

  • If you notice unusual purchases on your bank statements or receive statements for loans and credit cards you haven’t applied for, contact your bank immediately.

Our books are open, and we are available to work with you in-person in Sydney, Newcastle or Australia wide via video conference. To get started, just click here to book an obligation free consultation.

What you need to know

This information is provided and produced by Serendipity Wealth Advisors. The advice provided is general advice only as, in preparing it we did not take into account your investment objectives, financial situation or particular needs. Before making an investment decision on the basis of this advice, you should consider how appropriate the advice is to your particular investment needs, and objectives. You should also consider the relevant Product Disclosure Statement before making any decision relating to a financial product.

1 Itnews, SolarWinds hack was ‘largest and most sophisticated attack’ ever: Microsoft, 15 February 2021.

2 Australian Financial Review, ASIC says it was hit by cyber-attack, 25 January 2021.

3 CPO, Why Enterprises Should Have Serious Concerns About the Security Shortcomings of Video Conferencing Platforms, 3 February 2021.

4 Kaspersky, Top 4 dangerous file attachments, 2019.