Cybercrime is defined as criminal activity conducted over a computer network. This includes fraud, spam, identity theft, computer viruses, malware or spyware, phishing and other social engineering schemes.

In the past several years there has been a dramatic increase in not only the volume of cybercrime instances, but also in the level of sophistication of cyber criminals. According to Norton Security, cybercrime has now surpassed illegal drug trafficking as a criminal moneymaker and identity theft occurs once every three seconds worldwide.

Common Examples
Criminals committing cybercrime use a number of methods, depending on their skill-set and their goal.

Trojan Horse
A Trojan horse program which presents itself as a useful computer program, while it actually causes havoc and damage to computers. Increasingly, Trojans are often delivered to a victim through an email message where it masquerades as an image or joke, or by a malicious website, which installs the Trojan horse on a computer through vulnerabilities in web browser software. The Trojan then installs a keystroke logger or other malware which allows the hacker to steal private data such as internet banking and email passwords.

Phishing
Phishing, which is a process whereby hackers attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting victims. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by email spoofing or instant messaging and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.

Other Methods
Thieves have been known to dumpster dive; or rummage through trash looking for documents that contain personal information. Another example includes skimming, or the stealing of credit/debit card numbers through the use of a concealed data storage device that captures information when processing a credit card. Bogus job listings are another means of acquiring personal information whereby victims applying for the job submit resumes and applications that typically disclose their names, home and email addresses, telephone numbers, and even banking details.

Why Cybercrime is Dangerous
Once thieves have personal information, it can be used in many ways:

• Credit Card Fraud: Running up charges on credit cards
• Bank/Financial Institution Fraud: Draining accounts of funds or opening up fraudulent bank accounts and writing bad checks
• Utilities Fraud: Using stolen names to get phone services or utility services such as cable, electricity, and gas
• Medical Fraud: Getting medical treatment using stolen health insurance information
• Government Documents Fraud: Filing a bogus tax return using a stolen identification to receive a refund, or using a stolen social security number to obtain government benefits

How to Avoid Becoming a Victim
Fortunately, there are a number of ways to avoid becoming a victim of cybercrime.

Spam Blocker
Most Internet service providers offer a spam blocking feature to prevent unwanted messages, such as potentially fraudulent or phishing emails, from reaching the inbox.

Anti-Virus Software
Install and keep anti-virus/anti-spyware software on your computer updated. You should run a scan once-a-week to locate and eliminate any malware, spyware, or viruses.

Firewall Protection
A computer’s firewall protection feature is a digitally created barrier that prevents hackers from getting into your computer system. Though this feature can be turned off, it should always be kept on.

Encryption
Encryption software “garbles” data to make it unintelligible to anyone for whom it is not intended. Any information sent through unsecured email messages may be intercepted and stolen. Note that open WiFi hot spots—those that do not require a security code to access them—provide little to no protection for the data sent over them.

Secure Websites
Website addresses that start with “https” are considered secure (the “s” at the end stands for “secure.”) Those that have a TRUSTe or VeriSign seal are typically secure as well. Look for a closed padlock as a symbol for a secure website. Otherwise, the page is not a protected website and any data transmitted through it could be intercepted.

Protect Personal Identifiable Information
Do not keep personal or business information, passwords, or account numbers online. Be wary of providing name, address or other personal information on any unfamiliar websites. Moreover, Social Security numbers or bank/investment account information should be treated with great caution. Unsolicited emails or pop-up messages that ask for personal information should be ignored.

Avoid Scams
If it sounds too good to be true, then it probably is. Common scams, such as foreign lotteries, phony sweepstakes and similar methods are often used by cyber criminals to obtain personal information and money. Emails from unfamiliar senders should be deleted immediately without be opened. Moreover, the “unsubscribe” feature should not be used as this can tip off phishers that they have reached a valid email address.

Monitor Children’s Online Activity
Children should only have access to a computer located in a central area of the home. Parental control software is available that will limit the types of sites to which children can gain access. Additionally, browser and email activity should be checked regularly.

Tips for Avoiding Credit Card Fraud:

• Do not give out credit card number online unless the site is a secure and reputable. Sometimes a tiny icon of a padlock appears to symbolize a higher level of security to transmit data. This icon is not a guarantee of a secure site, but provides some assurance.
• Before using the site, check out the security/encryption software it uses.
• Make sure purchases are made from a reputable source.
• Before doing business with an individual or company for the first time, do some research to ensure they are legitimate.
• Obtain a physical address rather than simply a post office box and a telephone number, and call the seller to see if the telephone number is correct and working.
• Send an e-mail to the seller to make sure the e-mail address is active, and be wary of those that utilize free e-mail services where a credit card was not required to open the account.
• Be cautious when responding to special investment offers, especially through unsolicited e-mail.
• Be cautious when dealing with individuals or companies from outside your own country.
• Keep a list of all credit cards and account information along with the card issuer’s contact information. If anything looks suspicious, or a credit card is lost or stolen, contact the card issuer immediately.

How We Work to Protect You
Wire Transfer Requests
In our ongoing efforts to ensure assets are protected against fraudulent activity, we have updated our wire transfer procedures. In addition to initial verbal verification of authenticity by the Financial Advisor or Financial Associate of record, a second verification call by a separate Wintrust Wealth Management Verification Team is made to a phone number listed on the account. Only then will the wire of funds be approved.

Additionally, all verbal requests for address changes on accounts also require a verification call. A letter of the requested change is mailed out to the old address of record along with any new addresses on the account. A letter is also sent from the Wintrust Wealth Management home office for any requested phone number changes on the official account record. If you should have any questions or concerns regarding our safety procedures, please contact your Financial Advisor. The Wintrust Wealth Management Operations Support Team may also be contacted at 800.445.2233.

Encryption of Emails
Unprotected email poses a critical risk for sensitive information to be viewed by unauthorized persons. To help protect sensitive information, we encrypt any emails sent to our clients that contain such information.

This encryption process protects data from unauthorized viewing, and emails remains secure until the recipient is ready to open it. Your Financial Advisor can provide you with step-by-step instructions on how to use encryption.

Tips to Remedy Identity Theft
The Federal Trade Commission (FTC) provides a step-by-step guide on what to do in the event of identity theft. It can be found on their website at www.ftc.gov/idtheft. Some of the immediate steps that they recommend include:

Place an Initial Fraud Alert
There are three credit reporting agencies that keep records of credit history. It is important to notify one of these companies as soon as you suspect someone has stolen any of your personal information. The company you call is charged with notifying the remaining two companies on your behalf. Contact one of the following:

Equifax: 1.800.525.6285

Experian: 1.888.397.3742

TransUnion: 1.800.680.7289

Order Your Credit Reports
Placing an initial fraud alert entitles you to a free credit report from each of the three credit reporting companies noted above. You may want to stagger your credit report requests. For example, request one from Equifax, and then four months later request one from Experian, four months after that request one from TransUnion. This will allow you to monitor activity throughout the year.

Consider Requesting a Credit Freeze
You may want to contact the credit reporting companies to place a credit freeze on your credit file. A credit freeze means potential creditors cannot get your credit report. That makes it less likely an identity thief can open new accounts in your name. The cost to place and lift a freeze depends on state law. In many states, identity theft victims can place a freeze for free, but in others, victims must pay a fee, which is usually about $10. If you have a police report, you may be able to place or lift a freeze for free.

Putting a credit freeze on your credit file does not affect your credit score. If you place a credit freeze on your credit file, you can still get a copy of your free annual credit report as well as open a new account, apply for a job, rent an apartment, buy insurance, refinance your mortgage, or do anything else that requires your credit report. If you want a business, lender, or employer to be able to review your credit report, you must ask the credit reporting company to lift the freeze. You can ask to lift the freeze temporarily or permanently.

You Are Still the Best Defense
Remember to stay ever vigilant in the fight against cybercrime. Always use caution when you receive unexpected emails, especially those containing attachments or links to websites, even when they claim to be “secure.” If you receive a suspicious email allegedly from your bank or investment firm, for example, please call your local bank representative or Financial Advisor for clarification. Remember, Wintrust will never ask you for personal or account information in an email.

Always take the potential risk of becoming a victim of cybercrime and identity theft seriously, and be vigilant about guarding against it, but do not panic if it happens to you. There are resources out there to assist you in remedying the situation, and your Wintrust Wealth Management financial professional is always available to help you with any questions or concerns you may have. Stay alert, and remember, we are all on the front line in the war against cybercrime.