Top of main content
Two kids using a gadget.

When everything becomes digital

Cybersecurity
Cybersecurity

When everything becomes digital

Jun 26, 2020

Staying cyber-vigilant in the age of COVID-19.

It's not surprising: in the face of this global pandemic, home internet activity has risen at an unparalleled rate. Since government-mandated quarantines took effect, remote working has become the new 'norm' and we have turned to video communication, digital classroom use, online shopping, streaming and gaming to meet our family's everyday needs. But with greater internet use comes greater risk.

Increasing internet use and an ever-expanding digital footprint expose your personal data and privacy to potential cyber-attack. Forbes estimates that home internet usage has increased by up to 70 per cent, and an MIT Technology Review cites that COVID-19 is driving the most rapid expansion of the Internet in decades.1 Cyber criminals have even unearthed old scams and repackaged them for the COVID age to lure vulnerable users, with common attacks involving impersonation of the World Health Organization (WHO), the Centers for Disease Control and Prevention (CDC), and US Government stimulus programs amongst others. Google alone states that they block an average of 18 million phishing and malware emails a day related to COVID-19 as of April 2020, and closer to 100 million phishing emails in total.2

With COVID-19, families have turned to video communication, digital classroom use, online shopping, streaming and gaming to meet their everyday needs. But the increased internet use means greater risk.

The cost to consumers

Cyber criminals continue to be motivated by the significant profits they reap when their attacks are successful. According to the Federal Trade Commission, US consumers have already lost USD25 million to 'COVID-19 themed' fraud and identity theft incidents through May 2020.3 And these figures will likely continue to increase. Consider the FBI's Internet Crimes Report which recorded USD3.5 billion in losses to cyber-crime in 2019 alone.4 Wealthy individuals and those in high profile industries are at a higher risk of fraud and identify theft due to the prominence of their online profiles, frequent international travel, highly digitized home environments, and the broad network of service providers that provide assistance to them and their families. A study by Camden Wealth and Schillings identified that 28 per cent of family offices in 2018 were victims of cyber-attacks, a number expected to have risen in 2019.5

The cost to businesses

Businesses also remain frequent targets of cyber criminals, and for them, the costs of recovery can be staggering. IBM estimates that globally, data breaches alone cost companies an average of nearly USD4 million in 2019. In the U.S. the average cost was more than double that, at USD8.19 million.6 According to Coveware, a ransomware negotiation and remediation firm, high ransoms pushed the average ransom payment in Q4 2019 to USD84,116, doubling the prior year's average. The global research firm Cybersecurity Ventures estimates that annual global cyber-crime costs could reach USD6 trillion by 2021 — representing a figure more profitable than the combined global trade of all major illegal drugs.7

Top 10 Tips

Making cybersecurity a top priority

You can take steps to help safeguard your reputation, personal data, and privacy.

Here are our top 10 tips to follow, both on and off the internet:

  1. Wi-Fi Safety

    Home Wi-Fi networks with weak, unchanged or reused passwords are continuously under threat. Make them strong, and change them periodically. Public Wi-Fi and unsecured private networks like those you see in airports and hotels for example, are vulnerable and frequently targeted — it's best not to use them.
  2. Children and Online Education

    Where children have had to rely on their own computers for educational purposes, they may be running them without the latest software installed or without having been scanned for malware or viruses. Also, not all security software provides an unbreakable stronghold; it's best to use verified and official software to enhance security measures, such as a VPN connection to classified servers or encrypted FTP SharePoint.
  3. Password Managers and 2FA

    It can be difficult to juggle so many passwords in the name of safety — consider a password generator and manager to keep track, and turn on two-step verification (2FA) for every available platform you use. Using additional security questions for your accounts helps prevent fraudsters from impersonating you in a log-in attempt.
  4. Video Communication

    The communication platforms we are relying on more than ever are in high demand, and are vulnerable to malicious attacks. Some are safer than others; try to use platforms that offer password protection to keep communications private and prevent intruders.
  5. Monitor Accounts and Set Up Alerts

    Keep a close eye on your accounts and portfolios. It's useful to set up a real-time dashboard that can actively monitor your information and alert you to any unusual transactions.
  6. Use Encrypted Email

    Consider purchasing or upgrading to an encrypted email system. This will help to prevent data leakage from your email communications and may offer other features to block phishing attempts and malware attachments.
  7. Avoid Emailing Highly Sensitive Information

    As suggested above, email is not the most secure form of communication for especially sensitive transactions that involve bank or investment account details.
  8. Be Wary of Urgent Requests

    Don't fall prey to scammers. They use tactics that are designed to scare you and convince you that you have to act quickly on a threat or opportunity. Always check the source of the information first, whether that means calling your bank or other advisors to verify the request or determine if it's a scam. It's not likely your bank will change your account details at short notice or ask you to disclose your password or other details by email. Be wary of these kinds of communication and always verify account information or instructions in person or via phone, using your usual contact numbers.
  9. Be Wary of Unexpected, Unfamiliar Opportunities

    Scrutinize investment opportunities from unfamiliar sources, and be sure to vet and verify the authenticity of these opportunities. Even officiallooking email links can lead you to malicious or duplicate sites designed to harvest your personal details or dupe you into false investments.
  10. Have a Recovery Plan

    Back up your data regularly, and know in advance whether or not you would pay a ransomware demand if your personal information or data are hijacked. More often than not, stolen information is either deleted or otherwise irretrievable, even after paying the ransom.

    Despite even the best intentions and practices, something can go wrong. Cyber criminals are constantly using new techniques and technologies to find vulnerabilities and stage their next attack. The best defense is being proactive using the tips above, backing up your data, and introducing additional security — such as a cyber insurance policy designed for individuals and families of significant wealth. To find out more about the kinds of insurance that are available within the industry, contact your Relationship Manager. At HSBC Private Banking‚ we are committed to helping you keep your data and your assets safe in every area of your digital life.

1https://www.forbes.com/sites/markbeech/2020/03/25/covid-19-pushes-up-internet-use-70-streaming-more-than-12-firstfigures-reveal/#34b7b9823104; https://www.technologyreview.com/2020/04/07/998552/why-the-coronavirus-lockdownis-making-the-internet-better-than-ever/
2
https://cloud.google.com/blog/products/identity-security/protecting-against-cyber-threats-during-covid-19-and-beyond
3https://www.ftc.gov/system/files/attachments/coronavirus-covid-19-consumer-complaint-data/covid-19-daily-publiccomplaints-050520.pdf
4https://www.fbi.gov/news/stories/2019-internet-crime-report-released-021120
5https://www.forbes.com/sites/francoisbotha/2018/11/10/why-family-offices-need-to-prioritize-cybersecurity/#1903523d601a
6https://www.ibm.com/security/data-breach
7https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/




This communication is produced by HSBC Private Banking, a division of HSBC Bank USA, N.A.

 

Where your location of residence differs from that of the HSBC entity publishing this communication, please refer to the Cross Border disclaimer at https://www.privatebanking.hsbc.com/disclaimer/cross-border-disclosure/.

 

This communication is provided to you for informational purposes only and is not a recommendation, offer or solicitation to purchase or sell any service, product, security, commodity, currency or other instrument. This communication does not consider your specific objectives, circumstances or needs, does not provide legal or tax advice, and does not identify or define any or all of the risks that may be associated with the purchase of products or services described herein. The information contained herein should not be construed as investment advice or a recommendation to purchase the products or securities described herein. Prior to making a financial or investment decision, you should conduct such investigation and analysis regarding the products described herein as you deem appropriate and to the extent you deem necessary obtain independent advice from competent legal, financial, tax, accounting and other professionals. No person is authorized to use this communication for any purpose other than the purpose stated above.

 

The information contained in this communication is derived from a variety of sources we believe to be reliable; however, we cannot guarantee its accuracy or completeness, nor shall we be liable for any incidental or consequential losses or damages including but not limited to errors (including errors of transmission), inaccuracies, omissions, changes in market factors or conditions, or any other circumstances beyond our control. The information, analysis and opinions contained herein constitute our present judgment which is subject to change at any time without notice.

 

HSBC Private Banking is the marketing name for the private banking business conducted by the principal private banking subsidiaries of the HSBC Group worldwide. In the United States, HSBC Private Banking offers banking services through HSBC Bank USA, N.A., trust services through HSBC Bank USA, N.A., Delaware trust services through HSBC Bank USA, N.A. – Delaware Trust Office and HSBC Trust Company (Delaware), N.A., securities and brokerage services through HSBC Securities (USA) Inc., member NYSE/ FINRA/SIPC and an affiliate of HSBC Bank USA, N.A., and traditional insurance products through HSBC Insurance Agency, (USA) Inc. affiliate of HSBC Bank, USA, N.A. HSBC Bank USA, N.A. is a Member FDIC. Private Banking may be carried out internationally by different HSBC legal entities according to local regulatory requirements. Some services are not available in certain locations.

 

Investment and insurance products are: Not a deposit or other obligation of the bank or any affiliates; Not FDIC insured or insured by any federal government agency of the United States; Not guaranteed by the bank or any of its affiliates; and are subject to investment risk, including possible loss of principal invested.

 

HSBC Private Banking does not provide legal, tax or accounting advice. Please consult with your professional advisors before making any financial decisions.

 

Copyright © 2024 HSBC Bank USA, N.A.
ALL RIGHTS RESERVED

Listening to what you have to say about services matters to us. It's easy to share your ideas, stay informed and join the conversation.