Padlock on laptop

Cyber Security: Being aware and staying vigilant

Chay Fox, Operations Director
15/02/2024
Padlock on laptop

Over recent years, we have seen how clients now manage their finances in a way that best fits their lifestyle thanks to the move to online financial services.

However, while trying to make our lives easier, these technological developments have made us all more susceptible to fraud and have given rise to new opportunities for cybercriminals.

These individuals and groups have successfully evolved their tactics to keep up with emerging financial technology. Following a survey from Saltus Wealth index of 2,000 people with assets of £250k+, 41% of respondents were found to have been victims of financial crime in the past year alone.

While Crowe Financial Planning (FPUK) have implemented measures to protect client finances from this risk, cyber attackers will take the opportunity to exploit even minor gaps in security systems and protocols.

Impact on client wellbeing

The frequency of sophisticated phishing schemes and malware attacks is one reason why there are more and more threats to the wellbeing of clients. In fact, research by Saltus recently discovered that the most common method for cyber criminals to infiltrate accounts was online shopping scams, with 24% of victims being targeted in this way.

This is followed by investment scams (20%), and pension scams (15%). By falling victim to cyber criminals, individuals lost almost £13,000 on average.

Beyond the immediate financial losses incurred, the process of retrieving lost funds can be costly, time-consuming and stressful. Funds also remain uninvested until such time that they are retrieved. Especially in volatile markets, clients' inability to capitalise on these investment opportunities could increase their portfolio risk and chance of potential losses.

Practical tips 

To minimise this risk, below are three key pieces of guidance we feel are best practice for our clients to be aware of.

  1. Secure connections

    Many of the hacking attempts we witness today are aimed at gaining access and control of a client's email account. If successful, criminals can read the entirety of clients' correspondence and imitate them, they could gain access to other websites, including those where clients' banking or investments are held.

    To tackle the relatively low level of security offered by email interactions, Crowe Financial Planning will be sending a separate communication to all clients later this month to outline our plans to reduce the risk of cyber security in how we share key information with you. For additional protection, we would also recommend not using public WiFi but instead to wait for access to a secure WiFi network or to use your mobile data.

  2. How to spot email phishing

    The first step in how to spot email phishing comes with understanding what a phishing email is.

    The most accurate definition of a phishing email is an email sent to a recipient with the objective of making the recipient perform a specific task. The attacker may use social engineering techniques to make their email look genuine and include a request to click on a link, open an attachment, or provide other sensitive information, such as login credentials.

    Socially engineered phishing emails are the most dangerous. They are constructed to be relevant and appear genuine to their targets. The recipient is more trusting of the email and performs the specific task requested in the email. The results can be devastating. If the recipient clicks on a link to a malware-infected website, opens an attachment with a malicious payload, or divulges their login credentials, an attacker can access a network undetected.

    Emails demanding urgent action

    Emails threatening a negative consequence, or a loss of opportunity unless urgent action is taken, are often phishing emails. Attackers often use this approach to rush recipients into action before they have had the opportunity to study the email for potential flaws or inconsistencies.

    Emails with bad grammar and spelling mistakes

    Another way to spot email phishing is bad grammar and spelling mistakes. Many companies apply spell-checking tools to outgoing emails by default to ensure their emails are grammatically correct. Those who use browser-based email clients apply autocorrect or highlight features on web browsers.

    Inconsistencies in email addresses, links and domain names

    Another way to spot phishing is by finding inconsistencies in email addresses, links and domain names. Does the email originate from an organisation that you correspond with often? If so, check the sender’s address against previous emails from the same organisation. Look to see if a link is legitimate by hovering the mouse pointer over the link to see what pops up. If an email allegedly originates from (say) Google, but the domain name reads something else, this likely to be a phishing attack.

    Emails requesting login credentials, payment information or sensitive data

    Emails originating from an unexpected or unfamiliar sender that requests login credentials, payment information or other sensitive data should always be treated with caution. Spear phishers can forge login pages to look similar to the real thing and send an email containing a link that directs the recipient to the fake page. Whenever a recipient is redirected to a login page or told a payment is due, they should refrain from inputting information unless they are 100% certain the email is legitimate.

    Too good to be true emails

    Too good to be true emails are those which incentivise the recipient to click on a link or open an attachment by claiming there will be a reward of some nature. If the sender of the email is unfamiliar or the recipient did not initiate the contact, the likelihood is this is a phishing email.

  3. Introduce strong software controls

    Crowe Financial Planning would recommend that you only use strong passwords that are at least 12 characters long, and include upper and lowercase letters, numbers, and symbols. This password should not be repeated across different accounts and should be stored within password management software. Where possible, you should enable two-factor authentication to add another layer of protection.

    Please also remember to regularly update your operating systems, browsers, apps, and security solutions whenever an upgrade becomes available. Downloading antivirus software and firewalls also minimises the occurrence of successful hacking and malware.
Meet our Financial Planning team
Helping secure your future financial objectives.

Disclaimers

Crowe Financial Planning UK Limited is authorised and regulated by the Financial Conduct Authority (‘FCA’) to provide independent financial advice.

The information set out in this publication is for information purposes only and is based on our understanding of legislation, whether proposed or in force, and market practice at the time of writing. It does not constitute advice to undertake a particular transaction. Appropriate professional advice should be taken on specific issues before any course of action is pursued. Any advice provided by a Crowe Consultant will follow only after consideration of all aspects of our internal advice guidance.

Past performance is not a guide to future performance, nor a reliable indicator of future results or performance. The value of investments, and the income or capital entitlement which may derive from them, if any, may go down as well as up and is not guaranteed; therefore, investors may not get back the amount originally invested.

The Financial Conduct Authority does not regulate Trusts, Tax or Estate Planning.

Please be aware that by clicking onto any links to third party websites you will be leaving the Crowe Financial Planning website. Please note that Crowe Financial Planning is not responsible for the accuracy of the information contained within the linked sites.

Related insights

Clear Filter
loading gif
Worker with grinder
Why is Business Protection so important?
Having the right protection in place helps your business work through disruptions and stay financially stable.
lady in the office with windows
Protecting your business: The benefits of key person cover
We explain the importance of investing in Key person cover and how you can protect your business.
glass bubble in hand
Navigating economic uncertainty
Understand how a recession can impact your investments. Gain insights into navigating economic challenges and safeguarding your finances.
mountains and lake
Net Zero – The what, the why and the how
Net Zero will start to trickle through to our investments as the underlying holdings and businesses start to focus more on sustainability.
Padlock on laptop
Cyber Security: Being aware and staying vigilant
With cybercriminals using increasingly sophisticated tactics, how can you stay secure? Read our key pointers around how to stay vigilant.
paper boat in water
How financial planning adds value
We look at some of the expected and unexpected outcomes from engaging with a Financial Planner through ‘structural benefits’ and ‘wellbeing benefits’.
Worker with grinder
Why is Business Protection so important?
Having the right protection in place helps your business work through disruptions and stay financially stable.
lady in the office with windows
Protecting your business: The benefits of key person cover
We explain the importance of investing in Key person cover and how you can protect your business.
glass bubble in hand
Navigating economic uncertainty
Understand how a recession can impact your investments. Gain insights into navigating economic challenges and safeguarding your finances.
mountains and lake
Net Zero – The what, the why and the how
Net Zero will start to trickle through to our investments as the underlying holdings and businesses start to focus more on sustainability.
Padlock on laptop
Cyber Security: Being aware and staying vigilant
With cybercriminals using increasingly sophisticated tactics, how can you stay secure? Read our key pointers around how to stay vigilant.
paper boat in water
How financial planning adds value
We look at some of the expected and unexpected outcomes from engaging with a Financial Planner through ‘structural benefits’ and ‘wellbeing benefits’.