Security & Fraud Awareness

As our reliance on the internet and digital devices for business and personal use increases, so do opportunities for criminals seeking to steal information for financial gain. Cyber criminals and fraudsters are also becoming more savvy in their attempts to lure people into clicking suspicious links, downloading email attachments, or “connecting” on social media, which are often gateways to stealing sensitive information. Fraudsters may pose as legitimate organizations, like Goldman Sachs, and create fraudulent websites, send emails, or make phone calls to solicit monetary payments. These scams are complex as the perpetrators often use genuine real employee names and replicate proprietary documentation.

SAIGON ASSET MANAGEMENT (SAM) places great importance on cybersecurity and fraud prevention and has programs and technical controls in place to protect client accounts and information. To help improve your personal cybersecurity posture, we offer the following information about cyber threats and guidance to help protect you, your family, and your employer from falling victim to a cyber-attack or fraud scam.

Understanding Cybersecurity Threats

Any organization or individual can be a target of cyber criminals. Here are some of the most common tactics and types of attacks employed by these actors:

Malicious Emails and Websites

An unsuspecting e-mail from your bank or favorite retailer may secretly be an attempt to steal your identity or personal information. “Phishing” is a common tactic of cyber criminals that relies on “spoofed” e-mails or fraudulent websites (that look and feel like a well-known website) to collect personal and financial information or infect your machine with malware and viruses. Criminals use this stolen information to commit identity theft, credit card fraud and other crimes. Phishing can also occur by telephone and is becoming increasingly prevalent on social media and professional networking sites.

When you click a malicious link, you may unknowingly install malware on your device. Malware refers to software that is intentionally designed to cause damage to a digital device. The most common form of malware is a virus, which is typically designed to give the criminals who create it some sort of access to the nfected devices. Ransomware is another type of malware that is becoming increasingly prevalent. Ransomware accesses a victim’s files, locks and encrypts them and then demands the victim to pay a ransom to get them back. Ransomware is like the “digital kidnapping” of valuable data – from personal photos and memories to client information, financial records and intellectual property. Any individual or organization could be a potential ransomware target.

Credential-based Attacks

If you use the same username and password combination across different websites or services, you are particularly susceptible to this cybercrime technique where stolen account credentials are used to gain unauthorized access to a user’s various other online accounts. Credential stuffing attacks can often go unnoticed until funds are transferred.

Social Media Impersonation

Criminals are increasingly using social media to build relationships with victims and ultimately steal data. Typically, these actors create fake accounts that appear (and claim) to be official accounts for an individual or organization. Social media impersonation can also refer to the takeover of real accounts. These accounts can be used for phishing activities or causing an individual or a company reputational damage.

How You Can Protect Yourself

Establish Secure Email Protocols: Emails continue to be a common entry point for hackers for performing online fraud. Do not click on links or open attachments from suspicious-looking emails. Expand your communication protocol to verify sensitive information, such as wire instructions, in person or by telephone. Generally, Goldman Sachs will never send wiring instructions via email.

Employ Password Management: Use lengthy, unique, and complex passwords — a great first step toward stopping bad actors. In fact, cybersecurity best practices suggest utilizing long, memorable, and hard-to guess passwords such as a favorite song lyric. Avoid reusing passwords. Consider using a password application, such as LastPass, Password or Dashlane to help manage multiple complex passwords.

Lock Down Social Media: Periodically review and adjust social media account settings to better control who can view the content posted. Hackers and social engineers frequently obtain critical information about a target from social media sources. When posting, always consider how that information can be used against you.

Protect Critical Data: Know where all your sensitive personal information is stored. Ensure that your sensitive data is always stored encrypted, to prevent someone from viewing it if your device gets lost or stolen. Also consider having a second encrypted backup of your sensitive data, whether on a flash drive stored in a safety deposit box or in the cloud using a reputable service such as Dropbox, iCloud, or Google Drive.