Featured entries from our Journal

Details Are Part of Our Difference

Embracing the Evidence at Anheuser-Busch – Mid 1980s

529 Best Practices

David Booth on How to Choose an Advisor

The One Minute Audio Clip You Need to Hear

Tag: Sheriff Schiffer

Summer cyber cleanup – email is guilty until proven innocent

In today’s digital landscape, knowing what cyber risks to avoid and which red flags to look for are essential to protect you from evolving cyber threats. We’re sharing our top ways to protect yourself this summer.

3 steps you can take today to protect your email 

  • Enable two-factor authentication. This is our top bang-for-your-buck recommendation: easy with a big security benefit. Two-factor authentication adds an extra layer of security to protect you even if your password gets compromised. For those of you who use Gmail – here is a link that shows you how to set it up.
  • Don’t share private personal information. Opt for a good old-fashioned phone call if you ever need to share passwords, social security numbers, or bank details. Our team can help you create secure links if you need to share these over written communication.
  • Have a long, strong, and unique password. We’ve said it before, and we’ll say it again – keeping your email (and banking) passwords ~15 digits long and unique from other passwords are simple ways to protect yourself. Why? Criminals will grab the username and password combinations from retailers and test them at banks and email providers. Unique passwords help prevent this technique from working. Here is an independent review of good password managers that can help you store your info securely.

A discussion of email security would be deficient without a mention of phishing. We think this is so important we’re highlighting three additional tips to help you identify phishing when you encounter it. What is phishing? Email phishing is a cyber-attack where scammers attempt to trick you into revealing your private information through email. They often use a combination of social engineering or malicious links to get you to share information. This is, unfortunately, becoming more common, and it’s important to know how to protect yourself.

3 tips to spot a “phish” in your inbox

  • Suspicious email addresses. Phishing emails often mimic legitimate organizations but have slight variations or misspellings in the sender’s address. Check if the email matches the official domain, and be cautious of misspellings or unexpected differences.
  • Urgent language and misspelled words. Phishing emails use urgency to create panic and pressure you into immediate action. They may threaten account closure or penalties. Beware statements like “Your account will be deactivated in 24 hours” or “Legal action will be taken if you don’t respond soon.” Misspellings are easy to spot and often indicate a phish.
  • Requests for sensitive information, suspicious links, or attachments. Phishing emails ask for sensitive details like passwords or credit card numbers, which legitimate organizations rarely request via email. Avoid sharing personal information through email unless you’ve verified the request independently. When you see an email that you think is a phish, we recommend calling the institution directly to verify (using a phone number you look up instead of the phone number in the suspicious email).

At HIG, we work daily in the background to protect your information by raising awareness within our team, identifying vulnerabilities, evaluating security controls, and fostering a security culture. We have developed a comprehensive cybersecurity program that includes quarterly phishing testing of our team to fortify our internal defenses for your protection. Curious to learn more? Give me a call at 314-448-4023.

Ways to Help Protect your Financial Data in 2023

To kick the year off on the right foot, we wanted to share some of the most effective measures you can take this year to protect your financial data. Some of our list will be reminders you’ve heard before, and others will be new ideas. Here are our suggestions as you tighten up your personal protection plan for 2023:

  1. Enable Two-Factor Authentication: We know it can be a pain, but two-factor authentication adds an extra layer of security by requiring a second form of verification (e.g., a code sent to your phone) and your password. It’s worth it.
  2. Use anti-virus and anti-malware software: Make sure that your device has anti-virus and anti-malware software installed and that it is kept up to date.
  3. Don’t use public Wi-Fi: Public Wi-Fi networks are often unsecured, making them easy targets for hackers. Avoid using public Wi-Fi networks for sensitive financial transactions. An alternative to using public Wi-Fi is using your cellphone hotspot for a secure connection.
  4. Be wary of phish!: Scammers often use phishing emails and text messages to trick people into giving away their personal information. Be wary of unsolicited messages, and never click on links or enter personal information into a website unless you are sure it is legitimate. Treat email as guilty until proven innocent.
  5. Secure your device: Use a 6-digit passcode or biometric (fingerprint) to lock your mobile device, don’t share your device with anyone, and only install apps from the official app store.
  6. Use a password manager: A password manager can help you create and manage strong, unique passwords for all your accounts, making it easier to protect your personal information.
  7. Use strong, unique passwords: Use a strong, unique password for all your financial accounts and change them regularly. Avoid using easily guessable information such as your name, kids’ birthdate, or pet names.
  8. Avoid communicating sensitive information over email: Share sensitive information like logins, account numbers, and birthdates only in secure portals or using safe links.  

By taking these steps, you can help keep yourself protected while online. If you are curious about how we protect your information here at Hill Investment Group, call me at 314-448-4023.

It’s 9am – Do You Know Where Your Money Is?

One of our team members recently received a check from a past employer. Why? A class-action suit. His former employer was found misbehaving – managing their employees’ retirement plans for their gain rather than for their employees’. As a result, the firm paid up, returning a small portion of inappropriate fees and lost returns. What a joke! This kind of dirty dealing is way too common, and at HIG, we invite you to rage against this machine. Vote with your wallet, choosing ONLY independent, fiduciary advice. Check out this list of the 10 Most-Fined Financial Services Firms. What you see may surprise you!

Featured entries from our Journal

Details Are Part of Our Difference

Embracing the Evidence at Anheuser-Busch – Mid 1980s

529 Best Practices

David Booth on How to Choose an Advisor

The One Minute Audio Clip You Need to Hear

Hill Investment Group