In the past several years there has been a dramatic increase in not only the volume of cybercrime instances, but also in the level of sophistication of cyber criminals. According to Norton Security, cybercrime has now surpassed illegal drug trafficking as a criminal moneymaker and identity theft occurs once every three seconds worldwide.

Common Examples
Criminals committing cybercrime use a number of methods, depending on their skill-set and their goal.

Trojan Horse 
A Trojan horse program which presents itself as a useful computer program, while it actually causes havoc and damage to computers. Increasingly, Trojans are often delivered to a victim through an email message where it masquerades as an image or joke, or by a malicious website, which installs the Trojan horse on a computer through vulnerabilities in web browser software. The Trojan then installs a keystroke logger or other malware which allows the hacker to steal private data such as internet banking and email passwords.

Phishing 
Phishing, which is a process whereby hackers attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting victims. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by email spoofing or instant messaging and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.

Other Methods 
Thieves have been known to dumpster dive; or rummage through trash looking for documents that contain personal information. Another example includes skimming, or the stealing of credit/debit card numbers through the use of a concealed data storage device that captures information when processing a credit card. Bogus job listings are another means of acquiring personal information whereby victims applying for the job submit resumes and applications that typically disclose their names, home and email addresses, telephone numbers, and even banking details.

Why Cybercrime is Dangerous
Once thieves have personal information, it can be used in many ways:

• Credit Card Fraud: Running up charges on credit cards
• Bank/Financial Institution Fraud: Draining accounts of funds or opening up fraudulent bank accounts and writing bad checks
• Utilities Fraud: Using stolen names to get phone services or utility services such as cable, electricity, and gas
• Medical Fraud: Getting medical treatment using stolen health insurance information
• Government Documents Fraud: Filing a bogus tax return using a stolen identification to receive a refund, or using a stolen social security number to obtain government benefits

How to Avoid Becoming a Victim
Fortunately, there are a number of ways to avoid becoming a victim of cybercrime.

Spam Blocker 
Most Internet service providers offer a spam blocking feature to prevent unwanted messages, such as potentially fraudulent or phishing emails, from reaching the inbox.

Anti-Virus Software 
Install and keep anti-virus/anti-spyware software on your computer updated. You should run a scan once-a-week to locate and eliminate any malware, spyware, or viruses.

Firewall Protection 
A computer’s firewall protection feature is a digitally created barrier that prevents hackers from getting into your computer system. Though this feature can be turned off, it should always be kept on.

Encryption 
Encryption software “garbles” data to make it unintelligible to anyone for whom it is not intended. Any information sent through unsecured email messages may be intercepted and stolen. Note that open WiFi hot spots—those that do not require a security code to access them—provide little to no protection for the data sent over them.

Secure Websites 
Website addresses that start with “https” are considered secure (the “s” at the end stands for “secure.”) Those that have a TRUSTe or VeriSign seal are typically secure as well. Look for a closed padlock as a symbol for a secure website. Otherwise, the page is not a protected website and any data transmitted through it could be intercepted.

Protect Personal Identifiable Information 
Do not keep personal or business information, passwords, or account numbers online. Be wary of providing name, address or other personal information on any unfamiliar websites. Moreover, Social Security numbers or bank/investment account information should be treated with great caution. Unsolicited emails or pop-up messages that ask for personal information should be ignored.

Avoid Scams 
If it sounds too good to be true, then it probably is. Common scams, such as foreign lotteries, phony sweepstakes and similar methods are often used by cyber criminals to obtain personal information and money. Emails from unfamiliar senders should be deleted immediately without be opened. Moreover, the “unsubscribe” feature should not be used as this can tip off phishers that they have reached a valid email address.

Monitor Children’s Online Activity 
Children should only have access to a computer located in a central area of the home. Parental control software is available that will limit the types of sites to which children can gain access. Additionally, browser and email activity should be checked regularly.

How We Work to Protect You
Wire Transfer Requests 

In our ongoing efforts to ensure assets are protected against fraudulent activity, we have updated our wire transfer procedures. 

All verbal requests for address changes on accounts also require a verification call. A letter of the requested change is mailed out to the old address on record along with any new addresses on the account by LPL Financial. A letter is also sent from LPL for any requested phone number changes on the official account record. If you should have any questions or concerns regarding our safety procedures, please contact your financial advisor.

Encryption of Emails 
Unprotected email poses a critical risk for sensitive information to be viewed by unauthorized persons. To help protect sensitive information, we encrypt any emails sent to our clients that contain such information.

There are two tools that are used when sharing documents securely. The Vault in LPL AccountView is an online portal that is used to safely store important files and access them from anywhere. In addition, Egnyte is a cloud storage and file sharing solution that ensures secure file sharing and collaboration.

This encryption process protects data from unauthorized viewing, and emails remains secure until the recipient is ready to open it. Your financial advisor can provide you with step-by-step instructions on how to use encryption.

You Are Still the Best Defense
Remember to stay ever vigilant in the fight against cybercrime. Always use caution when you receive unexpected emails, especially those containing attachments or links to websites, even when they claim to be “secure.” If you receive a suspicious email allegedly from your bank or investment firm, for example, please call your local bank representative or financial advisor for clarification. Remember, Wintrust will never ask you for personal or account information in an email.

Always take the potential risk of becoming a victim of cybercrime and identity theft seriously, and be vigilant about guarding against it, but do not panic if it happens to you. There are resources out there to assist you in remedying the situation, and your Wintrust Wealth Management financial professional is always available to help you with any questions or concerns you may have. Stay alert, and remember, we are all on the front line in the war against cybercrime.