How to Defend Against Cyber Attacks

Click here to view as PDF.

“One of the main cyber-risks is to think they don’t exist.”
–STEPHANE NAPPO, IBFS Global Chief Information Security Officer and Cyber Security Expert


INTRODUCTION

For many, the holiday season is a special time to pause and reflect on things that are important. It is a time to celebrate, show gratitude, and practice generosity with family, friends, and co-workers. While joyful in most cases, it can also be a very busy time of year, as people travel, attend holiday parties and buy gifts online.

This busyness also applies to the seasonal uptick in scams and malware delivered through email. Requests for contributions, infected links and documents, and additional cybersecurity threats tend to increase during the holiday season, as individuals shop online and make contributions to charities.

On November 19, the National Cybersecurity and Communications Integration Center (NCCIC) of the U.S. Department of Homeland Security issued an alert regarding malware campaigns and seasonal scams. Though not the most joyful topic – especially in the midst of a volatile week in the markets – we wanted to relay and expand on this important message, in the hope that our clients and readers might apply best practices this holiday season and avoid common scam and malware mistakes that can, unfortunately, lead to financial and reputational damage if necessary precautions are not taken.

Common Scam and Malware Traps

The NCCIC advises exercising caution when shopping online and using email. As the holiday season approaches and online shopping ramps up, so do the scam emails. Be very diligent with emails that claim to have information on recent orders placed online or come from suspicious-looking addresses. Here are some common things to look out for:

  • Poor grammar and spelling errors in emails that claim to come from major businesses. If the message is sloppy, it likely did not come from a legitimate company.
  • Sender addresses that don’t match the URL for the company that supposedly sent the email. For example, the “From:” line in a fake FedEx email we received gave an Italian email address for the sender, not a FedEx.com address.
  • Shipment emails that lack specifics about the sender or the package’s supposed contents.
  • Emails asking you to open an attachment in order to review an order. Never open an attachment in an unsolicited or questionable email.
  • Emails containing threats that a package will be returned to the sender and that you will be charged a fee for not responding to the message.

Precautions Worth Taking

In an effort to avoid these common traps, Evergreen recommends taking the following precautions regarding seasonal scam and malware campaigns:

  • Follow the NCCIC guidelines to prevent seasonal scams and malware attacks.
  • Make sure emails are from a trusted source and avoid suspicious links and attachments.
  • Vet requests for charitable donations, including researching the charity online, paying only by credit card or check (not cash or wire), and avoiding pressure tactics.
  • Monitor your accounts regularly and watch for any unexplainable charges to your accounts.

Actions to Take in the Event of a Security Breach

If you believe you are a victim of a scam or malware campaign, consider taking the following actions:

  • Contact your financial institution immediately and close any accounts that may have been compromised.
  • Enact a security freeze with the three major consumer credit bureaus.
  • Immediately change any passwords you might have revealed and avoid reusing passwords.
  • Report the attack to the police, and file reports with the Federal Trade Commission and the FBI’s Internet Crime Complaint Center.

The bottom-line to protecting yourself from online attacks is to stay vigilant when opening emails, buying online goods, and making contributions to charities. If the content-in-question looks fishy, too-good-to-be-true or comes from an unidentified source, it is best to avoid clicking on links, opening attachments or disclosing any personal information. Diligently following these guidelines will help ensure the 2018 Holiday Season is happy indeed.

Michael Johnston
Tech Contributor
To contact Michael, email:
mjohnston@evergreengavekal.com

Steve Conway
Operations Manager
To contact Steve, email:
sconway@evergreengavekal.com


OUR CURRENT LIKES AND DISLIKES

No changes this week.

LIKE *

  • Large-cap growth (select issues are looking more attractive after the recent correction)
  • Some international developed markets (especially Japan)
  • Cash
  • Publicly-traded pipeline partnerships (MLPs) yielding 6%-12% (accelerate accumulation due to the recent sharp sell-off)
  • Gold-mining stocks
  • Gold
  • Select blue chip oil stocks (also accelerate accumulation with crude prices down to $50)
  • Investment-grade floating rate corporate bonds
  • One- to two-year Treasury notes
  • Canadian dollar-denominated short-term bonds
  • Select European banks
  • Short-term investment grade corporate bonds (1-2 year maturities)
  • Emerging market bonds in local currency (start a dollar-cost-averaging process and be prepared to buy more on further weakness)
  • Mexican stocks (due to the recent severe selloff, we are adding back exposure to a Mexican REIT that we sold materially higher)

* Some EVA readers have questioned why Evergreen has as many ‘Likes’ as it does in light of our concerns about severe overvaluation in most US stocks and growing evidence that Bubble 3.0 is deflating. Consequently, it’s important to point out that Evergreen has most of its clients at about one-half of their equity target.
NEUTRAL

  • Most cyclical resource-based stocks (some are looking more attractive)
  • Mid-cap growth
  • Emerging stock markets; however, a number of Asian developing markets appear undervalued
  • Solar Yield Cos
  • Large-cap value (again, there appear to be a number of bargains in this style/category)
  • Canadian REITs
  • Intermediate-term investment-grade corporate bonds, yielding approximately 4%
  • Intermediate municipal bonds with strong credit ratings
  • US-based Real Estate Investment Trusts (REITs)
  • Long-term investment grade corporate bonds
  • Intermediate-term Treasury bonds
  • Long-term municipal bonds
  • Short euro ETF
  • Long-term Treasury bonds (due to the decisive upside break-out recently by longer treasury yields, close out positions for now and wait to re-enter should the yield approach 4%)

DISLIKE

  • Small-cap value
  • Mid-cap value
  • Small-cap growth
  • Lower-rated junk bonds
  • Floating-rate bank debt (junk)
  • US industrial machinery stocks (such as one that runs like a certain forest animal, and another famous for its yellow-colored equipment)
  • Preferred stocks
  • BB-rated corporate bonds (i.e., high-quality, high yield; in addition to rising rates, credit spreads look to be widening) * **
  • Short yen ETF (i.e., we believe the yen is poised to rally)
  • Dim sum bond ETF; individual issues, such as blue-chip multi-nationals, are attractive if your broker/custodian is able to buy them

* Credit spreads are the difference between non-government bond interest rates and treasury yields.
** Due to recent weakness, certain BB issues look attractive.

DISCLOSURE: This material has been prepared or is distributed solely for informational purposes only and is not a solicitation or an offer to buy any security or instrument or to participate in any trading strategy. Any opinions, recommendations, and assumptions included in this presentation are based upon current market conditions, reflect our judgment as of the date of this presentation, and are subject to change. Past performance is no guarantee of future results. All investments involve risk including the loss of principal. All material presented is compiled from sources believed to be reliable, but accuracy cannot be guaranteed and Evergreen makes no representation as to its accuracy or completeness. Securities highlighted or discussed in this communication are mentioned for illustrative purposes only and are not a recommendation for these securities. Evergreen actively manages client portfolios and securities discussed in this communication may or may not be held in such portfolios at any given time.

  • Categories