Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
And our phone lines they are open for you right
now if you've got a question for our retirement planning
professionals from Class Financial join this week by CJ. Closs
and Eric Schwartz. They'd love to chat with you. All
I gotta do is pick up phone gifts. Call this
morning number to get on the air six soh eight
three two one thirteen ten. That's six soh eight three
two one thirteen ten. Going to be talking this week
about cybersecurity, but any type of retirement related question. The
(00:23):
phone lines are available to you to get on the
air and get your question answered again. Telephone number six
oh eight three two one thirteen ten. That's six oh
eight three two one thirteen ten.
Speaker 2 (00:33):
I helpe.
Speaker 1 (00:33):
You have a chance to check out the website class
financial dot com. If you haven't been there yet, head
on over today. It's coss klaas financial dot com. While
you're there, you can learn more about Colss Financial, you
can learn about Eric, you can learn about CJ and
everyone at Class Financial. Also learn about their separate divisions
how they can help you or if you're an employer,
I mean learn all about that available at classfinancial dot
com and their telephone number six oh eight four four
(00:56):
two five six three seven. That's six oh eight four
four two five six three seven. No charge for the
initial gets no the aployment dech co loss financial. It
will be complimentary to you. And joining us this morning
are CJ Class and Eric Schwartz. CJ, how you doing
this week?
Speaker 3 (01:11):
I'm doing great, Sean? How are you?
Speaker 1 (01:12):
I'm doing really well. Great to chat with you. Eric,
how have you bet? Did you get a little time off?
Did you take a vacation? I did?
Speaker 2 (01:20):
I did? I was off last week, So I'm I'm
happy to back be back on the show.
Speaker 1 (01:24):
Great to have both of you along and welcome back.
And we've got a conversation about cybersecurity and oh my goodness,
I was, you know, going over the show notes the
other day and as a as a tech nerd, I was,
I was shocked by some of the stuff out there.
So you're definitely gonna want to pay very close attention
this week's program for a couple of reasons. As mentioned,
(01:45):
a great opportunity to learn some stuff and protect yourself. Also,
speaking of great opportunities and why you want to pay
close attention, each and every week, we do the Closs
Quiz question week. This week no exception, our friends from
class Financil have provided a twenty five dollars gift card
to Amazon. Tell you a bit later on the program
how you can win with the class Quiz Question week
little tip. It always benefits you for a couple of reasons,
(02:05):
as mentioned to listen closely to the program, but also
I'll give you a little leg up on everybody else
because most of the time the question answer with Class
Quiz Question Week come up during the program, and before
we start our conversation this week about cybersecurity, let's actually
look back to last week and get the class Quiz
Question the week question and answer there as well.
Speaker 2 (02:24):
Eric. Yes, thank you to everybody for listening, and special
congratulations to Connor from Madison who was our winner last week.
And the question was it was a true false. Many
small business owners are looking at selling their business to
fund their retirement and the answer to that was true.
So congratulations Connor.
Speaker 1 (02:45):
Great work, Connor, really good, really good program last week.
Don't think you can always listen back at Clossfinancial dot com.
That's Class k l aas Financial dot com. So we're
talking cybersecurity this week, and of course, given that lost
financial you guys are in the retirement planning and investment
management business, that's what your firm does. Now, Typically we
(03:06):
talk about things directly related to that industry and that
specialty like investment, social security, medicare, and so on. Today's show, though,
we're going to be kind of going a little bit
of a different direction discussing cybersecurity and how to protect
your personal finances against digital threats. Let's kind of break down, CJ,
what we need to know here.
Speaker 3 (03:25):
Yeah, that's right, Sean. So typically during Money in Motion
we discuss topics native to our industry, like you've mentioned, investments,
insurance of state planning, taxes, banking, cash flow, so on
and so forth, and certainly we're not moving away from
that as a broad theme. However, there has been so
much of an uptick recently over the just over the
past few years in digital threats that we decided to
(03:48):
detquete an entire show to the topic. So as we
approach this topic, we do want to remind everyone that
we are not cybersecurity experts, and we do not offer
any cybersecurity service for a fee at Class Financial. We do, however,
manage a lot of clients private information that requires us
to invest heavily in our own cybersecurity measures. Furthermore, we
(04:11):
often get a front row seat to some pretty terrible
behaviors around cybersecurity, which has led us to recognize our
need for better education to our clients and then of
course to the public through this radio show about protecting
your personal finances from digital threats.
Speaker 1 (04:28):
Talking this morning with CJ Closs and Eric Schwartz, our
retirement planning professionals from Class Financial and great work for CJ.
They're kind of laying out what we're going to talk about,
so CJ to start, what are some of those common
threats that people should be aware of when it comes
to their finances.
Speaker 3 (04:43):
Yeah, good questions. So the most common digital threats are
and in these terms are going to be odd, but
don't worry, we'll break them down. The most common digital
threats are phishing, smishing, fishing, malware, and identity theft. So
let's dig in these just a little bit so you
better understand what each of those what each of those
(05:04):
kind of means. And I encourage you as I'm going
through each of these, think to yourself, have I experienced this?
Because I'm willing to bet that if you kind of
pay attention during the show and we go through this,
you're going to go, oh, yeah, I've seen that before.
Oh yeah, I've seen that before, And some of you
may even say, yeah, I clicked on that before or
I responded to that before. So the first one is phishing.
(05:25):
This is a type of cybercrime where attackers try to
trick you into revealing some sensitive information like usernames, passwords,
and credit card details, often by disguising themselves as a
trustworthy entity. In an electronic communication. They might send you
an email that looks like it's coming from your bank
or a popular online service, or even a government agency,
(05:48):
containing a link to a fake website that looks legitimate.
Once you enter your details, the attacker captures your information.
I'll give you two examples simply. I've gotten one from
what looked like bank, and I've gotten one from what
looked like Amazon. Now I've gone through pretty extensive training
on not clicking on anything and navigating to websites. In
(06:09):
a couple of those cases, I could immediately tell because
the logo was a little odd and they were asking
me to reset my password, which typically they don't send
you an email to do that unless in anyway. So
I was able to figure it out, but I will
tell you it's getting harder and harder, and so we're
not going to go into all the solutions for this,
but I can just tell you phishing so again, sending
(06:31):
out all these emails from sources that you and I
might think are credible, think Social Security Administration right, or
think the IRS. All of us would want to respond
to emails from those entities, but often they're actually not
from those entities. They're from cyber attackers. The next kind
is smishing SMI shing. This is similar to phishing, but
(06:54):
uses SMS text messages. You might receive a text message
claiming there's an issue with your bank account, onto a
package being delivered or a prize you've won, urging you
to click on a link or call a number, And
of course these links or the phone number leads to
a malicious website or a malicious you know a person
on the other end of the line to either download
malware or to obtain your Social Security number and date
(07:17):
of birth. I've gotten two of these just in the
last week, FYI, So this is not uncommon at all.
Text messages that come through like your bank account has
been hacked. Click here to reset your password. It's just amazing,
terribly amazing, but amazing. The next type is vishing. This
is voice phishing where attackers are using phone calls to
(07:37):
trick you. They might impersonate bank representatives, tech support or
government officials like the irs. They'll use social engineering tactics
to create a sense of urgency or fear. By the
way social engineering would be Hey grandma, this is your
your grandson Jimmy, And you go, what do you mean social? Like,
(07:59):
how would they know that? Well, listen, our world is
so social. Somebody can just go online, look you up
on Facebook, see that your your grandson is Jimmy, and
then call and impersonate Jimmy and say they're in Ghana
in jail and you need to wire ten thousand dollars
at this bank account right now. So again, really tricky
stuff that you have to watch out for. The next
(08:21):
one is malware. This is a broad term for malicious
software is designed to damage, disable, or gain unauthorized access
to computer systems. Examples include viruses, worms, trojans, spyware, and ransomware.
If malware gets onto your device, it can record key strokes,
including passwords. It can steal files, take control of your computer,
(08:42):
or even encrypt your data and demand a ransom for
its release. So this often comes in the form of
an email comes in, you click on it, it downloads
a program, and then you know your computer is infected.
And finally, the one that people hear about the most,
although it's it's actually these other ones that I just
mentioned are becoming more common, but the one we've heard
(09:03):
historically about the most is identity theft. This occurs when
someone steals your personal identifying information like your name, social
Security number, data, birth or financial account numbers, and they
use it to commit fraud. This could involve opening new
credit cards in your name, filing fraudulent tax returns, making
unauthorized purchases, or even getting medical services. So there's the
(09:26):
most the five most common types of cybersecurity that we
are running into. And again back to what I said before,
I'm betting if you are listening closely right now as
a listener, you have touched personally at least one, if
not two, three, or four of those, and so just
continue paying attention because we're going to talk about different
(09:47):
ways to mitigate that risk.
Speaker 1 (09:49):
Cute and funny names, but really serious stuff, that is
for sure. As we talked this morning with CJ. Claus
and Eric Schwartz, our retirement planning professionals from Class Financial,
the website class financial dot com, that's Klaas Financial dot com.
They're telephone number six oh eight four four two five
six three seven. No charge for the initial get to
know you appointment tech Loss Financial. It will be complementary
to you again their number six oh eight four four
(10:11):
two five six three seven. So, Eric, why is you
know personal data such such a big target for cyber criminals?
Speaker 2 (10:20):
Yeah, Sean, financial data is a it's a prime target
for cyber criminals, and I think the most obvious reason
is probably just that financial information is often directly related
to our money, So our bank accounts, our investment accounts,
credit cards, all these things allow criminals to steal funds,
make unauthorized purchases, or even open new lines of credit
(10:43):
for their own benefit. And for this reason, there's a
really high value on the dark web for stolen financial
credentials personal data, and they can be sold to other
criminals who then use them for various fraudulent activities. All
this stuff just makes it a really lucrative business for
the initial attackers. The other piece of this is all
(11:05):
of our devices, all of our you know, accounts with
different stores, and our financial lives. They are all interconnected.
And you know, a breach in one service, like say
an online shopping site where you've you've saved your credit
card information, I think we can all say we're probably
guilty of this, that that can potentially expose information that
(11:28):
could be used to access all sorts of other financial accounts. Right,
so I think probably at least every other week, maybe
maybe once a month if it's a good month, I'm
getting some sort of email from a credit monitoring service
saying your information was in a was in a data breach, right,
and you just pretty much become immune to it after
(11:49):
a while because there's nothing. You know, it's like, well
what am I going to do? Change? Change my password
every week? So you know, even beyond your financial accounts,
if your if your emails impromised, all these things can
be used to find ways to access your personal financial information.
And finally, this is unfortunately one of the biggest risks
(12:10):
is ourselves. So the human element, despite you know, technology
advancements and security, we remain a significant vulnerability to our
own financial security. CJO is talking about fishings, mishing and wishing.
These these words are are they sound crazy, but like
(12:31):
you said, they're they're dangerous on and you know, just
curiosity and fear. Attackers know all of these things are
are ways that they can gain access to us and
take advantage of our vulnerabilities. So you know, just a
lapse in judgment can lead to a lot of information
getting shared.
Speaker 1 (12:49):
It's it's pretty it's scary stuff as you see some
of these some of these techniques, and I always think
with like criminals, like if only they would just supply
themselves to like the legitimate world, they'd probably be wildly
successful because the amount of work and effort and cunning
that they put into this stuff is it's pretty amazing.
Speaker 3 (13:08):
And definitely, Sean, I thought the exact same thing. Yeah,
oh my gosh, you're brilliant. It just applies us to
a reasonable, non malicious trade and you could be wildly successful.
Speaker 1 (13:18):
But yeah, I don't get it. It's a it's a
scary world out there and you want to protect yourself
and really great information this week. This is like many
of the shows that we do here on Money in Motion,
when you want to share with folks as well. You
can always listen back to the podcast share it from
Cossfinancial dot com. That website class financial dot com. That's
Klaas financial dot com. They're telephon number six oh eight
(13:40):
four four two five six three seven. No charge for
the initial gets know you appointment tech lots Financial. It
will be complimentary to you again their number six oh
eight four four two five six three seven. Into our
conversation with c Jen Eric. We will do that next
as Money in Motion with cost Financial continues right here
on thirteen ten. Wiba talking about scams out there this
(14:00):
morning with our retirement, specifically cybersecurity with our retirement, playing
professionals from class financial really important topic. Don't forget if
you miss any part of the show, you can always
listen back at classfinancial dot com. So we left off
talking about some of those some of those reasons why
financial targets are our prime for cyber criminals. Are there
specific red flags that folks should be you should be
(14:23):
looking looking for, Eric.
Speaker 2 (14:25):
Yeah, we're going to talk about just a few of
them here, just things to be aware of when you're
doing anything online or over the phone. The first one,
you want to be very very leary of is urgent language.
So scammers will often try to create a sense of
panic or urgency so they can bypass your critical thinking.
Phrases like your account will be suspended immediately, or action
(14:48):
required within twenty four hours, your funds are at risk.
All of these things are just meant to make us
not stop and think and just you know, respond to
whatever the individual is asking for. So just just slow down,
especially when it has to do with with your your
bank or or your investment accounts. Often you're not going
(15:10):
to get a call from those institutions saying we need
to we need to move immediately like yesterday, right, They're
they're generally going to be much more measured, and so
watch out for that urgent language. The other thing you
want to look out for, especially in emails and text messages,
are going to be suspicious suspicious links, So always be
wary of those before clicking. Hover your mouse over the
(15:33):
link if you're on a desktop computer, or hold your
finger down on it on a mobile device, and that'll
show you the actual URL where it's going to take
you if you click on it. And if that doesn't
match a legitimate website of the organization that it actually
claims to be from. So you know, if you're say
your bank is uw Credit Union, if it's not taking
(15:53):
you to UWCU dot org slash something, it's almost certainly
a scam. Okay. So even if it looks similar to
something you've received from them before, small misspellings or even
extra characters here here and there, those can be giveaways
as well. Just be really cautious of links that you're
that you're sent unprompted and finally, unsolicited requests for personal information. Okay.
(16:18):
So legitimate organizations, especially your bank, government agencies, they will rarely,
if ever ask you to provide sensitive information like your
full social Security number, your password, or your pins via email,
text or just a random a random phone call. So
if you receive a request like that, that is a
major red flag. I feel like every time I get
(16:41):
I get a text message from a website I'm trying
to sign into, it says do not give anyone this code.
So heed those warnings and if you're unsure, always contact
the organization directly using a phone number from their verified,
verified website.
Speaker 1 (16:56):
Really scary stuff. And c J. Let's talk a little
bit then about the per prevention side of this, what
should folks know and what more importantly, what should you
be doing when it comes to protecting your money from
these crooks?
Speaker 3 (17:09):
Yeah, good question, Sean. So we don't want to focus
on the scary stuff for too long. Otherwise people will,
you know, dig a hole and bury themselves. So let's
talk about some things you can do to safeguard your
finances digitally, because there are quite a quite a few
things you can do to safeguard yourself. Number one would
just be around strong unique passwords. So a strong password
(17:31):
is long, it's at least twelve to sixteen characters. It
uses a mix of uppercase and lower case letters, numbers,
and symbols. The unique part is equally critical. Never reuse
passwords across different accounts. If one service you use suffers
a data breach and you've used the same password elsewhere,
criminals can use that leaked credential information and get into
(17:52):
other websites. So again, strong unique passwords. Now here's what
somebody's going to say to me. And I know this
because I'm going through this with my mother right now.
I wish if she was listening, she could call it
and testify. But CEJ, I won't remember them, right, I
need to use one of three because then I can
(18:13):
remember them. Well, that's where secure encrypted password storage managers
comes in, So this is an indispensable resource. These are
tools like last pass or one password, or bitwarden, or
even built in browser password managers, although the built in
browser password managers are generally a little less secure. But
(18:35):
the idea of this is to say, no, no, no,
we get it. We totally get it that. Ultimately, if
you're gonna have unique usernames and passwords for every single website,
there's no way your brain can store that information and
we don't.
Speaker 1 (18:48):
Expect it to.
Speaker 3 (18:49):
What we would say is get a secure encrypted password
storage manager like the ones I mentioned before, last Pass,
one Password, Bitwarden and save those unique passwords on there.
Not to mention, listen, everybody, good websites will require you
to reset your credentials aka you're using name or password
every few months because they want to reduce the likelihood
(19:11):
of a data breach where suddenly they get current usernames
and passwords ripped down from their website. So I cannot
encourage you enough strong unique passwords number one, but number two,
purchase one of these secure encrypted password storage managers so
that you're not so anxious about remembering all of them. Now,
(19:33):
the next topic, or the next kind of way to
safeguard yourself would be around multi factor authentication. This is huge.
Multi factor authentication is also sometimes called two FA or
two factor authentication. It adds an extra layer of security
beyond just a password. It typically requires you to provide
(19:55):
two or more verification factors to gain access to an account.
So even if a criminal somehow gets your password, they
still can't log in without this second factor. So it's
important to have think of it this way. If I
have a key or a lock, and somehow a criminal
gains access to that key or that lock on my door,
(20:20):
that's scary, right, They pop open the lock and they
walk into the house and they steal my valuable stuff.
But what if I had two locks or two keys,
what's the probability that that same person gets access to
both of those access points? Well, guys, for the listeners,
it goes down dramatically, and it's not just cutting in
(20:40):
half your risk, It actually cuts your risk down by
like eighty percent. So the two FA the two factor authentication,
also known as multi factor authentication, is a huge way
to reduce that risk. Now, this often comes in the
form of like you getting a texted code, so you
put in your username and password and then you get
a text message on your phone. It can also come
(21:01):
into things like physical tokens, so they have like a
physical item that generates a new numeric number that you
have to enter in or a smartphone app that again
is generating new numbers. So there's also like biometric two
factor authentications like fingerprint scans or facial scans. I know
(21:24):
Apple iPhones and different devices have that function. But the
idea of this is that when you add in a
second layer of security, it just dramatically reduces the risk.
And I know, again I've sat with my mother recently
on this. I know this can be an area of
frustration because people go, my goodness, if I didn't have
to use my using him in password. Now I've got
(21:46):
to have this cell phone sitting around all the time
for the text messages. Well, it's either that or your
stuff gets stolen, right like kind of pick your poison.
And I get it that it's frustrating. I totally empathize,
but we've all got to get over that because this
is just an extra layer of security to make sure
that your critical information is not getting taken by hackers.
Speaker 1 (22:07):
What about software there CJ.
Speaker 3 (22:09):
Yeah, so software developers constantly find and fixed security vulnerability,
so this would be bugs or weaknesses in their operating systems.
Thanks you know, Windows, Mac, iOS, Android, Linux, and then
web browsers do the same, Chrome, Firefox, Fari and these
different applications. So one thing you should be doing is
updating these apps. Another thing that I often run into,
(22:32):
both with my folks and then with clients that we know,
is they'll say, I never do any of those app
upgrades or the or the Windows upgrades or the iPhone
upgrades because you know, little things move around and I
don't know where they are. And on the one hand,
I get it.
Speaker 1 (22:49):
I'm there with.
Speaker 3 (22:49):
You, like it's frustrating when a new update is coming
out constantly and things look different and function differently. But
what you're missing is it's not just about the look
and the functionality behind in the screen. Behind the scenes,
they're adding in patches, security patches from threats that they've seen.
So I would encourage you keep your operating systems, your
(23:10):
your programs, your apps, keep them up to date. If
there is an update to be downloaded.
Speaker 1 (23:17):
Downloaded, great, goodvice, great great program as always, don't forget
you and listen back today's show also great one you
want to share sad on over to Classfinancial dot com.
That's Gloss Klaas Financial dot com. Can subscribe listen right online.
They're telephone umber at Loss Financial six oh eight four
four two five six three seven. No charge for the
ininanitial get to know your appointment to at Coss Financial.
It will be complementary to you again their number six
(23:39):
oh eight four four two five six three seven. More
of money in motion with Coss Financial comes your way
next right You're on thirteen ten WIBA talking with our
retirement planning professionals from Class Financial, CJ. Closs and Eric
Schwartz talking this week about cybersecurity and just got a
couple of minutes in the program. I do want to
make sure we talk about things like you know, I
know a lot of folks do like online banking and
(24:00):
other things from your phone. Are there some things Eric,
that folks should be thinking about when it comes to
security of those devices.
Speaker 2 (24:07):
Yeah, Sean, that's a really good point and a good
question as well. So just a few considerations in this
area Number one, When you are accessing your banking information,
use the official banking apps only. Okay, So when you're
on your smartphone and you're wanting to access your checking account,
(24:27):
bound savings account, or make a transfer, whatever it might be,
make sure you're using the most up to date application
because this is going to have the most robust security features,
it's going to undergo regular security audits, and it's designed
to protect your data. Okay. And if you're trying to
access your bank information through like a mobile browser, so
(24:50):
like you just pull up Safari your Chrome on your phone,
that is not that that's not as secure or up
to date as the app in many cases, and it
can expose you to risks. Beyond that, unofficial apps might
be malicious fakes that are designed to steal your login credentials,
while outdated browsers or insecure browser settings could really just
make you vulnerable to phishing. So make sure you're using
(25:13):
the official banking apps and they are up to date.
The second one here is avoid public Wi Fi when
you're doing sensitive transactions. So public Wi Fi networks like
those in coffee shop, airport, hotel. They're very convenient and
nice to have, but they are often unsecured or they
(25:33):
have weak security protocols. We always get this warning I
think too when you log onto a public website, I
feel like I do where it says, you know, be
careful what you share on this network. This means that
the data that's transmitted over these networks can be easily
intercepted by malicious actors who might be quote unquote eavesdropping
(25:53):
on the network. So when you perform sensitive transactions like
logging into your bank account, or making online purchases, or
even just checking your investment portfolio, your your logging credentials,
and your financial details can be vulnerable. If you are
on a public Wi Fi, it's best to use your
cellular data connection for these activities and that will provide
(26:15):
you with a more secure and private connection. If you
do need to use a public Wi Fi source, consider
using a reputable virtual private network or a VPN that's
going to add some additional encryption to your to your
internet traffic. Finally, keep your phone locked and encrypted. Okay,
(26:35):
so this refu this refers to securing your physical smartphone device.
When we say locked, we mean make sure that you
have a strong password, pin fingerprint, or you know facial
recognition to keep your phone secure and prevent unauthorized access
if it is lost or stolen. When we say encrypted,
(26:56):
we mean that most modern smartphones are often built with
in device encryption, and when your phone is encrypted, all
the data on it, like your photos, your messages, your
financial application data, it's scrambled and unreadable without the correct
decryption key okay, which is all tied into your lockscreen,
(27:18):
password and pin. So if your phone falls into the
wrong hands, if it's locked and it's encrypted, it acts
as a much stronger barrier against data theft. And without
that protection, someone could potentially access your your financial applications,
your personal information, or any other sensitive data that's stored
on your device. So ensure that you have these features
(27:38):
enabled and configured correctly.
Speaker 1 (27:40):
A lot of great information this week, don't forget. You
can listen back to this on previous shows podcasts all
at Cossfinancial dot com. That's also a great place to
get to know the team at COSS Financial again the
website cossfinancial dot com. That's k l Aasfinancial dot com.
Telph number six so eight four four two five six
three seven No charge for that initial get to know
your appointment dech Lots Financial. It will be complimentary to
(28:01):
you again their number six oh eight four four two
five six three seven. You want to hold on to
that teleph number as well. It's time now for the
Class Quiz question of the week. It works like this.
In just a moment, I'll ask you the class quiz
question of the week. You will then have thirty minutes
for in today's program to call the Class Financial Office
right here in Madison at six oh eight four four
two five six three seven. If you are the first
caller with the correct answer, win this week's prize, which
(28:22):
is a twenty five dollars gift card to Amazon. This
week's coloss quiz question of the week is this true
or false? Multi factor authentication, which is sometimes called two
factor authentication is like having two locks on your door
instead of only one. True or false telephone number six
oh eight four four two five six three seven. First
(28:43):
call with correct answer whin this week's prize again the
twenty five dollars gift card to Amazon. No forgot as well.
That's Class Financial Office right here in Madison. CJ.
Speaker 2 (28:50):
Eric.
Speaker 1 (28:50):
It's always informative, always great chatting with both of you guys.
Have a great day, Thanks Sean, Thanks Sean, Take care guys.
Doctor Greer comes you way next year at thirteen ten
Wiba
And our phone lines they are open for you right
now if you've got a question for our retirement planning
professionals from Class Financial join this week by CJ. Closs
and Eric Schwartz. They'd love to chat with you. All
I gotta do is pick up phone gifts. Call this
morning number to get on the air six soh eight
three two one thirteen ten. That's six soh eight three
two one thirteen ten. Going to be talking this week
about cybersecurity, but any type of retirement related question. The
(00:23):
phone lines are available to you to get on the
air and get your question answered again. Telephone number six
oh eight three two one thirteen ten. That's six oh
eight three two one thirteen ten.
Speaker 2 (00:33):
I helpe.
Speaker 1 (00:33):
You have a chance to check out the website class
financial dot com. If you haven't been there yet, head
on over today. It's coss klaas financial dot com. While
you're there, you can learn more about Colss Financial, you
can learn about Eric, you can learn about CJ and
everyone at Class Financial. Also learn about their separate divisions
how they can help you or if you're an employer,
I mean learn all about that available at classfinancial dot
com and their telephone number six oh eight four four
(00:56):
two five six three seven. That's six oh eight four
four two five six three seven. No charge for the
initial gets no the aployment dech co loss financial. It
will be complimentary to you. And joining us this morning
are CJ Class and Eric Schwartz. CJ, how you doing
this week?
Speaker 3 (01:11):
I'm doing great, Sean? How are you?
Speaker 1 (01:12):
I'm doing really well. Great to chat with you. Eric,
how have you bet? Did you get a little time off?
Did you take a vacation? I did?
Speaker 2 (01:20):
I did? I was off last week, So I'm I'm
happy to back be back on the show.
Speaker 1 (01:24):
Great to have both of you along and welcome back.
And we've got a conversation about cybersecurity and oh my goodness,
I was, you know, going over the show notes the
other day and as a as a tech nerd, I was,
I was shocked by some of the stuff out there.
So you're definitely gonna want to pay very close attention
this week's program for a couple of reasons. As mentioned,
(01:45):
a great opportunity to learn some stuff and protect yourself. Also,
speaking of great opportunities and why you want to pay
close attention, each and every week, we do the Closs
Quiz question week. This week no exception, our friends from
class Financil have provided a twenty five dollars gift card
to Amazon. Tell you a bit later on the program
how you can win with the class Quiz Question week
little tip. It always benefits you for a couple of reasons,
(02:05):
as mentioned to listen closely to the program, but also
I'll give you a little leg up on everybody else
because most of the time the question answer with Class
Quiz Question Week come up during the program, and before
we start our conversation this week about cybersecurity, let's actually
look back to last week and get the class Quiz
Question the week question and answer there as well.
Speaker 2 (02:24):
Eric. Yes, thank you to everybody for listening, and special
congratulations to Connor from Madison who was our winner last week.
And the question was it was a true false. Many
small business owners are looking at selling their business to
fund their retirement and the answer to that was true.
So congratulations Connor.
Speaker 1 (02:45):
Great work, Connor, really good, really good program last week.
Don't think you can always listen back at Clossfinancial dot com.
That's Class k l aas Financial dot com. So we're
talking cybersecurity this week, and of course, given that lost
financial you guys are in the retirement planning and investment
management business, that's what your firm does. Now, Typically we
(03:06):
talk about things directly related to that industry and that
specialty like investment, social security, medicare, and so on. Today's show, though,
we're going to be kind of going a little bit
of a different direction discussing cybersecurity and how to protect
your personal finances against digital threats. Let's kind of break down, CJ,
what we need to know here.
Speaker 3 (03:25):
Yeah, that's right, Sean. So typically during Money in Motion
we discuss topics native to our industry, like you've mentioned, investments,
insurance of state planning, taxes, banking, cash flow, so on
and so forth, and certainly we're not moving away from
that as a broad theme. However, there has been so
much of an uptick recently over the just over the
past few years in digital threats that we decided to
(03:48):
detquete an entire show to the topic. So as we
approach this topic, we do want to remind everyone that
we are not cybersecurity experts, and we do not offer
any cybersecurity service for a fee at Class Financial. We do, however,
manage a lot of clients private information that requires us
to invest heavily in our own cybersecurity measures. Furthermore, we
(04:11):
often get a front row seat to some pretty terrible
behaviors around cybersecurity, which has led us to recognize our
need for better education to our clients and then of
course to the public through this radio show about protecting
your personal finances from digital threats.
Speaker 1 (04:28):
Talking this morning with CJ Closs and Eric Schwartz, our
retirement planning professionals from Class Financial and great work for CJ.
They're kind of laying out what we're going to talk about,
so CJ to start, what are some of those common
threats that people should be aware of when it comes
to their finances.
Speaker 3 (04:43):
Yeah, good questions. So the most common digital threats are
and in these terms are going to be odd, but
don't worry, we'll break them down. The most common digital
threats are phishing, smishing, fishing, malware, and identity theft. So
let's dig in these just a little bit so you
better understand what each of those what each of those
(05:04):
kind of means. And I encourage you as I'm going
through each of these, think to yourself, have I experienced this?
Because I'm willing to bet that if you kind of
pay attention during the show and we go through this,
you're going to go, oh, yeah, I've seen that before.
Oh yeah, I've seen that before, And some of you
may even say, yeah, I clicked on that before or
I responded to that before. So the first one is phishing.
(05:25):
This is a type of cybercrime where attackers try to
trick you into revealing some sensitive information like usernames, passwords,
and credit card details, often by disguising themselves as a
trustworthy entity. In an electronic communication. They might send you
an email that looks like it's coming from your bank
or a popular online service, or even a government agency,
(05:48):
containing a link to a fake website that looks legitimate.
Once you enter your details, the attacker captures your information.
I'll give you two examples simply. I've gotten one from
what looked like bank, and I've gotten one from what
looked like Amazon. Now I've gone through pretty extensive training
on not clicking on anything and navigating to websites. In
(06:09):
a couple of those cases, I could immediately tell because
the logo was a little odd and they were asking
me to reset my password, which typically they don't send
you an email to do that unless in anyway. So
I was able to figure it out, but I will
tell you it's getting harder and harder, and so we're
not going to go into all the solutions for this,
but I can just tell you phishing so again, sending
(06:31):
out all these emails from sources that you and I
might think are credible, think Social Security Administration right, or
think the IRS. All of us would want to respond
to emails from those entities, but often they're actually not
from those entities. They're from cyber attackers. The next kind
is smishing SMI shing. This is similar to phishing, but
(06:54):
uses SMS text messages. You might receive a text message
claiming there's an issue with your bank account, onto a
package being delivered or a prize you've won, urging you
to click on a link or call a number, And
of course these links or the phone number leads to
a malicious website or a malicious you know a person
on the other end of the line to either download
malware or to obtain your Social Security number and date
(07:17):
of birth. I've gotten two of these just in the
last week, FYI, So this is not uncommon at all.
Text messages that come through like your bank account has
been hacked. Click here to reset your password. It's just amazing,
terribly amazing, but amazing. The next type is vishing. This
is voice phishing where attackers are using phone calls to
(07:37):
trick you. They might impersonate bank representatives, tech support or
government officials like the irs. They'll use social engineering tactics
to create a sense of urgency or fear. By the
way social engineering would be Hey grandma, this is your
your grandson Jimmy, And you go, what do you mean social? Like,
(07:59):
how would they know that? Well, listen, our world is
so social. Somebody can just go online, look you up
on Facebook, see that your your grandson is Jimmy, and
then call and impersonate Jimmy and say they're in Ghana
in jail and you need to wire ten thousand dollars
at this bank account right now. So again, really tricky
stuff that you have to watch out for. The next
(08:21):
one is malware. This is a broad term for malicious
software is designed to damage, disable, or gain unauthorized access
to computer systems. Examples include viruses, worms, trojans, spyware, and ransomware.
If malware gets onto your device, it can record key strokes,
including passwords. It can steal files, take control of your computer,
(08:42):
or even encrypt your data and demand a ransom for
its release. So this often comes in the form of
an email comes in, you click on it, it downloads
a program, and then you know your computer is infected.
And finally, the one that people hear about the most,
although it's it's actually these other ones that I just
mentioned are becoming more common, but the one we've heard
(09:03):
historically about the most is identity theft. This occurs when
someone steals your personal identifying information like your name, social
Security number, data, birth or financial account numbers, and they
use it to commit fraud. This could involve opening new
credit cards in your name, filing fraudulent tax returns, making
unauthorized purchases, or even getting medical services. So there's the
(09:26):
most the five most common types of cybersecurity that we
are running into. And again back to what I said before,
I'm betting if you are listening closely right now as
a listener, you have touched personally at least one, if
not two, three, or four of those, and so just
continue paying attention because we're going to talk about different
(09:47):
ways to mitigate that risk.
Speaker 1 (09:49):
Cute and funny names, but really serious stuff, that is
for sure. As we talked this morning with CJ. Claus
and Eric Schwartz, our retirement planning professionals from Class Financial,
the website class financial dot com, that's Klaas Financial dot com.
They're telephone number six oh eight four four two five
six three seven. No charge for the initial get to
know you appointment tech Loss Financial. It will be complementary
to you again their number six oh eight four four
(10:11):
two five six three seven. So, Eric, why is you
know personal data such such a big target for cyber criminals?
Speaker 2 (10:20):
Yeah, Sean, financial data is a it's a prime target
for cyber criminals, and I think the most obvious reason
is probably just that financial information is often directly related
to our money, So our bank accounts, our investment accounts,
credit cards, all these things allow criminals to steal funds,
make unauthorized purchases, or even open new lines of credit
(10:43):
for their own benefit. And for this reason, there's a
really high value on the dark web for stolen financial
credentials personal data, and they can be sold to other
criminals who then use them for various fraudulent activities. All
this stuff just makes it a really lucrative business for
the initial attackers. The other piece of this is all
(11:05):
of our devices, all of our you know, accounts with
different stores, and our financial lives. They are all interconnected.
And you know, a breach in one service, like say
an online shopping site where you've you've saved your credit
card information, I think we can all say we're probably
guilty of this, that that can potentially expose information that
(11:28):
could be used to access all sorts of other financial accounts. Right,
so I think probably at least every other week, maybe
maybe once a month if it's a good month, I'm
getting some sort of email from a credit monitoring service
saying your information was in a was in a data breach, right,
and you just pretty much become immune to it after
(11:49):
a while because there's nothing. You know, it's like, well
what am I going to do? Change? Change my password
every week? So you know, even beyond your financial accounts,
if your if your emails impromised, all these things can
be used to find ways to access your personal financial information.
And finally, this is unfortunately one of the biggest risks
(12:10):
is ourselves. So the human element, despite you know, technology
advancements and security, we remain a significant vulnerability to our
own financial security. CJO is talking about fishings, mishing and wishing.
These these words are are they sound crazy, but like
(12:31):
you said, they're they're dangerous on and you know, just
curiosity and fear. Attackers know all of these things are
are ways that they can gain access to us and
take advantage of our vulnerabilities. So you know, just a
lapse in judgment can lead to a lot of information
getting shared.
Speaker 1 (12:49):
It's it's pretty it's scary stuff as you see some
of these some of these techniques, and I always think
with like criminals, like if only they would just supply
themselves to like the legitimate world, they'd probably be wildly
successful because the amount of work and effort and cunning
that they put into this stuff is it's pretty amazing.
Speaker 3 (13:08):
And definitely, Sean, I thought the exact same thing. Yeah,
oh my gosh, you're brilliant. It just applies us to
a reasonable, non malicious trade and you could be wildly successful.
Speaker 1 (13:18):
But yeah, I don't get it. It's a it's a
scary world out there and you want to protect yourself
and really great information this week. This is like many
of the shows that we do here on Money in Motion,
when you want to share with folks as well. You
can always listen back to the podcast share it from
Cossfinancial dot com. That website class financial dot com. That's
Klaas financial dot com. They're telephon number six oh eight
(13:40):
four four two five six three seven. No charge for
the initial gets know you appointment tech lots Financial. It
will be complimentary to you again their number six oh
eight four four two five six three seven. Into our
conversation with c Jen Eric. We will do that next
as Money in Motion with cost Financial continues right here
on thirteen ten. Wiba talking about scams out there this
(14:00):
morning with our retirement, specifically cybersecurity with our retirement, playing
professionals from class financial really important topic. Don't forget if
you miss any part of the show, you can always
listen back at classfinancial dot com. So we left off
talking about some of those some of those reasons why
financial targets are our prime for cyber criminals. Are there
specific red flags that folks should be you should be
(14:23):
looking looking for, Eric.
Speaker 2 (14:25):
Yeah, we're going to talk about just a few of
them here, just things to be aware of when you're
doing anything online or over the phone. The first one,
you want to be very very leary of is urgent language.
So scammers will often try to create a sense of
panic or urgency so they can bypass your critical thinking.
Phrases like your account will be suspended immediately, or action
(14:48):
required within twenty four hours, your funds are at risk.
All of these things are just meant to make us
not stop and think and just you know, respond to
whatever the individual is asking for. So just just slow down,
especially when it has to do with with your your
bank or or your investment accounts. Often you're not going
(15:10):
to get a call from those institutions saying we need
to we need to move immediately like yesterday, right, They're
they're generally going to be much more measured, and so
watch out for that urgent language. The other thing you
want to look out for, especially in emails and text messages,
are going to be suspicious suspicious links, So always be
wary of those before clicking. Hover your mouse over the
(15:33):
link if you're on a desktop computer, or hold your
finger down on it on a mobile device, and that'll
show you the actual URL where it's going to take
you if you click on it. And if that doesn't
match a legitimate website of the organization that it actually
claims to be from. So you know, if you're say
your bank is uw Credit Union, if it's not taking
(15:53):
you to UWCU dot org slash something, it's almost certainly
a scam. Okay. So even if it looks similar to
something you've received from them before, small misspellings or even
extra characters here here and there, those can be giveaways
as well. Just be really cautious of links that you're
that you're sent unprompted and finally, unsolicited requests for personal information. Okay.
(16:18):
So legitimate organizations, especially your bank, government agencies, they will rarely,
if ever ask you to provide sensitive information like your
full social Security number, your password, or your pins via email,
text or just a random a random phone call. So
if you receive a request like that, that is a
major red flag. I feel like every time I get
(16:41):
I get a text message from a website I'm trying
to sign into, it says do not give anyone this code.
So heed those warnings and if you're unsure, always contact
the organization directly using a phone number from their verified,
verified website.
Speaker 1 (16:56):
Really scary stuff. And c J. Let's talk a little
bit then about the per prevention side of this, what
should folks know and what more importantly, what should you
be doing when it comes to protecting your money from
these crooks?
Speaker 3 (17:09):
Yeah, good question, Sean. So we don't want to focus
on the scary stuff for too long. Otherwise people will,
you know, dig a hole and bury themselves. So let's
talk about some things you can do to safeguard your
finances digitally, because there are quite a quite a few
things you can do to safeguard yourself. Number one would
just be around strong unique passwords. So a strong password
(17:31):
is long, it's at least twelve to sixteen characters. It
uses a mix of uppercase and lower case letters, numbers,
and symbols. The unique part is equally critical. Never reuse
passwords across different accounts. If one service you use suffers
a data breach and you've used the same password elsewhere,
criminals can use that leaked credential information and get into
(17:52):
other websites. So again, strong unique passwords. Now here's what
somebody's going to say to me. And I know this
because I'm going through this with my mother right now.
I wish if she was listening, she could call it
and testify. But CEJ, I won't remember them, right, I
need to use one of three because then I can
(18:13):
remember them. Well, that's where secure encrypted password storage managers
comes in, So this is an indispensable resource. These are
tools like last pass or one password, or bitwarden, or
even built in browser password managers, although the built in
browser password managers are generally a little less secure. But
(18:35):
the idea of this is to say, no, no, no,
we get it. We totally get it that. Ultimately, if
you're gonna have unique usernames and passwords for every single website,
there's no way your brain can store that information and
we don't.
Speaker 1 (18:48):
Expect it to.
Speaker 3 (18:49):
What we would say is get a secure encrypted password
storage manager like the ones I mentioned before, last Pass,
one Password, Bitwarden and save those unique passwords on there.
Not to mention, listen, everybody, good websites will require you
to reset your credentials aka you're using name or password
every few months because they want to reduce the likelihood
(19:11):
of a data breach where suddenly they get current usernames
and passwords ripped down from their website. So I cannot
encourage you enough strong unique passwords number one, but number two,
purchase one of these secure encrypted password storage managers so
that you're not so anxious about remembering all of them. Now,
(19:33):
the next topic, or the next kind of way to
safeguard yourself would be around multi factor authentication. This is huge.
Multi factor authentication is also sometimes called two FA or
two factor authentication. It adds an extra layer of security
beyond just a password. It typically requires you to provide
(19:55):
two or more verification factors to gain access to an account.
So even if a criminal somehow gets your password, they
still can't log in without this second factor. So it's
important to have think of it this way. If I
have a key or a lock, and somehow a criminal
gains access to that key or that lock on my door,
(20:20):
that's scary, right, They pop open the lock and they
walk into the house and they steal my valuable stuff.
But what if I had two locks or two keys,
what's the probability that that same person gets access to
both of those access points? Well, guys, for the listeners,
it goes down dramatically, and it's not just cutting in
(20:40):
half your risk, It actually cuts your risk down by
like eighty percent. So the two FA the two factor authentication,
also known as multi factor authentication, is a huge way
to reduce that risk. Now, this often comes in the
form of like you getting a texted code, so you
put in your username and password and then you get
a text message on your phone. It can also come
(21:01):
into things like physical tokens, so they have like a
physical item that generates a new numeric number that you
have to enter in or a smartphone app that again
is generating new numbers. So there's also like biometric two
factor authentications like fingerprint scans or facial scans. I know
(21:24):
Apple iPhones and different devices have that function. But the
idea of this is that when you add in a
second layer of security, it just dramatically reduces the risk.
And I know, again I've sat with my mother recently
on this. I know this can be an area of
frustration because people go, my goodness, if I didn't have
to use my using him in password. Now I've got
(21:46):
to have this cell phone sitting around all the time
for the text messages. Well, it's either that or your
stuff gets stolen, right like kind of pick your poison.
And I get it that it's frustrating. I totally empathize,
but we've all got to get over that because this
is just an extra layer of security to make sure
that your critical information is not getting taken by hackers.
Speaker 1 (22:07):
What about software there CJ.
Speaker 3 (22:09):
Yeah, so software developers constantly find and fixed security vulnerability,
so this would be bugs or weaknesses in their operating systems.
Thanks you know, Windows, Mac, iOS, Android, Linux, and then
web browsers do the same, Chrome, Firefox, Fari and these
different applications. So one thing you should be doing is
updating these apps. Another thing that I often run into,
(22:32):
both with my folks and then with clients that we know,
is they'll say, I never do any of those app
upgrades or the or the Windows upgrades or the iPhone
upgrades because you know, little things move around and I
don't know where they are. And on the one hand,
I get it.
Speaker 1 (22:49):
I'm there with.
Speaker 3 (22:49):
You, like it's frustrating when a new update is coming
out constantly and things look different and function differently. But
what you're missing is it's not just about the look
and the functionality behind in the screen. Behind the scenes,
they're adding in patches, security patches from threats that they've seen.
So I would encourage you keep your operating systems, your
(23:10):
your programs, your apps, keep them up to date. If
there is an update to be downloaded.
Speaker 1 (23:17):
Downloaded, great, goodvice, great great program as always, don't forget
you and listen back today's show also great one you
want to share sad on over to Classfinancial dot com.
That's Gloss Klaas Financial dot com. Can subscribe listen right online.
They're telephone umber at Loss Financial six oh eight four
four two five six three seven. No charge for the
ininanitial get to know your appointment to at Coss Financial.
It will be complementary to you again their number six
(23:39):
oh eight four four two five six three seven. More
of money in motion with Coss Financial comes your way
next right You're on thirteen ten WIBA talking with our
retirement planning professionals from Class Financial, CJ. Closs and Eric
Schwartz talking this week about cybersecurity and just got a
couple of minutes in the program. I do want to
make sure we talk about things like you know, I
know a lot of folks do like online banking and
(24:00):
other things from your phone. Are there some things Eric,
that folks should be thinking about when it comes to
security of those devices.
Speaker 2 (24:07):
Yeah, Sean, that's a really good point and a good
question as well. So just a few considerations in this
area Number one, When you are accessing your banking information,
use the official banking apps only. Okay, So when you're
on your smartphone and you're wanting to access your checking account,
(24:27):
bound savings account, or make a transfer, whatever it might be,
make sure you're using the most up to date application
because this is going to have the most robust security features,
it's going to undergo regular security audits, and it's designed
to protect your data. Okay. And if you're trying to
access your bank information through like a mobile browser, so
(24:50):
like you just pull up Safari your Chrome on your phone,
that is not that that's not as secure or up
to date as the app in many cases, and it
can expose you to risks. Beyond that, unofficial apps might
be malicious fakes that are designed to steal your login credentials,
while outdated browsers or insecure browser settings could really just
make you vulnerable to phishing. So make sure you're using
(25:13):
the official banking apps and they are up to date.
The second one here is avoid public Wi Fi when
you're doing sensitive transactions. So public Wi Fi networks like
those in coffee shop, airport, hotel. They're very convenient and
nice to have, but they are often unsecured or they
(25:33):
have weak security protocols. We always get this warning I
think too when you log onto a public website, I
feel like I do where it says, you know, be
careful what you share on this network. This means that
the data that's transmitted over these networks can be easily
intercepted by malicious actors who might be quote unquote eavesdropping
(25:53):
on the network. So when you perform sensitive transactions like
logging into your bank account, or making online purchases, or
even just checking your investment portfolio, your your logging credentials,
and your financial details can be vulnerable. If you are
on a public Wi Fi, it's best to use your
cellular data connection for these activities and that will provide
(26:15):
you with a more secure and private connection. If you
do need to use a public Wi Fi source, consider
using a reputable virtual private network or a VPN that's
going to add some additional encryption to your to your
internet traffic. Finally, keep your phone locked and encrypted. Okay,
(26:35):
so this refu this refers to securing your physical smartphone device.
When we say locked, we mean make sure that you
have a strong password, pin fingerprint, or you know facial
recognition to keep your phone secure and prevent unauthorized access
if it is lost or stolen. When we say encrypted,
(26:56):
we mean that most modern smartphones are often built with
in device encryption, and when your phone is encrypted, all
the data on it, like your photos, your messages, your
financial application data, it's scrambled and unreadable without the correct
decryption key okay, which is all tied into your lockscreen,
(27:18):
password and pin. So if your phone falls into the
wrong hands, if it's locked and it's encrypted, it acts
as a much stronger barrier against data theft. And without
that protection, someone could potentially access your your financial applications,
your personal information, or any other sensitive data that's stored
on your device. So ensure that you have these features
(27:38):
enabled and configured correctly.
Speaker 1 (27:40):
A lot of great information this week, don't forget. You
can listen back to this on previous shows podcasts all
at Cossfinancial dot com. That's also a great place to
get to know the team at COSS Financial again the
website cossfinancial dot com. That's k l Aasfinancial dot com.
Telph number six so eight four four two five six
three seven No charge for that initial get to know
your appointment dech Lots Financial. It will be complimentary to
(28:01):
you again their number six oh eight four four two
five six three seven. You want to hold on to
that teleph number as well. It's time now for the
Class Quiz question of the week. It works like this.
In just a moment, I'll ask you the class quiz
question of the week. You will then have thirty minutes
for in today's program to call the Class Financial Office
right here in Madison at six oh eight four four
two five six three seven. If you are the first
caller with the correct answer, win this week's prize, which
(28:22):
is a twenty five dollars gift card to Amazon. This
week's coloss quiz question of the week is this true
or false? Multi factor authentication, which is sometimes called two
factor authentication is like having two locks on your door
instead of only one. True or false telephone number six
oh eight four four two five six three seven. First
(28:43):
call with correct answer whin this week's prize again the
twenty five dollars gift card to Amazon. No forgot as well.
That's Class Financial Office right here in Madison. CJ.
Speaker 2 (28:50):
Eric.
Speaker 1 (28:50):
It's always informative, always great chatting with both of you guys.
Have a great day, Thanks Sean, Thanks Sean, Take care guys.
Doctor Greer comes you way next year at thirteen ten
Wiba
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
The Joe Rogan Experience
The official podcast of comedian Joe Rogan.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Special Summer Offer: Exclusively on Apple Podcasts, try our Dateline Premium subscription completely free for one month! With Dateline Premium, you get every episode ad-free plus exclusive bonus content.