Mobile Safeguards for Investors

Accessing account information on the go can be a tremendous convenience as we keep our mobile phones at hand. However, safeguards are warranted to protect our accounts from fraud. In my role as Cornerstone’s Chief Compliance Officer, I remain alert to recommendations from the U.S. Securities and Exchange Commission (SEC) for reducing cyber risks. I am pleased to share with you the following content from an Investor Bulletin issued by the SEC’s Office of Investor Education and Advocacy.

Special Tips for Using Mobile Devices

Many mobile devices, such as smartphones, tablets, or laptops, have apps that allow users automatic access to their investment accounts. Unauthorized access to these mobile devices could compromise these accounts. If you have a mobile device that is linked to your investment accounts, consider the following tips:

• Secure your mobile devices. Turn on your mobile device’s password protection and automatic locking features. These features will automatically lock your mobile device after the device has been inactive for a specified period of time. Once locked, a user must enter a password before accessing the mobile device. Most mobile devices also feature biometric safeguards for accessing a locked device, such as fingerprint and facial recognition. 
• Turn off automatic Wi-Fi settings. Make sure your mobile device’s Wi-Fi settings will not automatically connect your mobile device to any available Wi-Fi connection. This will help protect you from security risks in public spaces.
• Enable remote location and device wiping apps. These apps allow you to locate a lost mobile device or remotely wipe all data from a lost or stolen mobile device.
• Install anti-virus or anti-malware protection. Just like your desktop computer, do not forget to protect your mobile devices from the growing number of virus and malware threats targeted at mobile devices. 

Update Your Devices and Check Your Privacy Settings

• Make sure the software and software application (apps) on all your mobile devices and computers remain up to date with the latest software fixes and security patches.
• Most software and apps have privacy settings for users which let you determine how much and what types of information are shared and stored. Always choose the least amount of data-sharing possible. For any software and apps (including internet browsers), make sure they do not automatically save your account username and password.

Always Use Caution with Links

Be extra careful before clicking on links sent to you. You should always verify that emails or text messages containing links regarding your investment accounts come from legitimate sources. Investors should confirm the legitimacy of the link by either going directly to the business’s website or calling the business with a confirmed telephone number.

Clicking on a malicious link could:

• Link to a website designed to trick you into providing sensitive account information that can be used to steal your money or identity.
• Cause malicious software (e.g., computer viruses, worms, Trojan horses, or spyware) to automatically infect your computer or mobile device and allow fraudsters to obtain sensitive account information.