Sound Investments for a prosperous planet

The Most Important Tasks for Cybersecurity

• Phishing uses emails and links.
• Smishing uses text messages or common messaging apps.
• Vishing uses voice calls and voice mails to obtain sensitive information.

Imagine we’re out camping. It’s dark and cold, and we’re huddled around a dwindling campfire. With a look over my shoulder, I ask you to lean in close. I have a ghost story to tell you, but this one is real. Really real, like, scary real—happened to a friend of mine.

According to Statista, the global cost of cybercrime is expected to surge from $8.44 trillion in 2022 to $23.84 trillion by 2027. You’re about to get phished. Boo! Scared? Okay, if not scared, hopefully you’re at least concerned enough to take action.

Now imagine your financial advisor and all his/her colleagues, every bank employee you’ve ever met, all the employees of the Charles Schwab Corporation, and every three-piece-suit-wearing employee of the Securities Exchange Commission literally down on their knees begging you to listen: Please, please, please protect yourself from cybercrime. Learn how to avoid phishing.

“Don’t become one of these statistics.”

The New York Times’ Wirecutter is the best resource I’ve found. Start at step one and work your way down the list.


  1. Use long, unique passwords.
  2. Enable two-factor authentication everywhere.
  3. Allow automatic updates.
  4. Encrypt your computer & phone.

Check out the rest of the steps at Wirecutter, which also has tailored articles to help you “secure your Mac” and to “secure your Windows PC.” Search the quoted phrases to find the articles or type this directly into your browser:

After you’ve secured your tech base, so to speak, the next important task is to secure yourself from the psychological tricks that hackers are using. These types of attacks attempt to obtain access to financial statements, credit card numbers, or induce you to send cash. Phishing uses emails and links. Smishing uses text messages or common messaging apps. Vishing uses voice calls and voicemails to obtain sensitive information.

More than half of the 600,000 attacks in 2022 were one of these variations. These types of attacks are more difficult to block because they play off natural human emotions: fear, care for others, and embarrassment.

For example, find and watch Mark Rober on YouTube. His video, “Pranks Destroy Scam Callers—GlitterBomb Payback” is an educational and hilarious explanation of the international crime syndicate and how these scammers fool people like “Miss Bessie” into handing over $20,000 of their savings.

It’s tough to give an overview of how these scams work as they’re continually evolving, but basically, they’re trying to trick you into taking action.

Here’s a Scenario

  • Perhaps you receive an email that Amazon is completing your automated purchase of a $450 laptop. You read this and think, “What!?! I didn’t order a laptop, I’m getting hacked!” (Fear, outrage)
  • Conveniently, the fake Amazon email has a phone number that you can call. (Take action)
  • The helpful rep on the other end of the phone walks you through how to stop the charge by asking you to type in the amount of the purchase, but oops, you accidentally entered the wrong number and now the poor rep is going to get in trouble, what can you do? (Embarrassment, kindness)
  • Well, how about sending him $10,000 in gift cards, would that help? (Kindness, take action)

Yes, this is how one version of the scam goes. And yes, people you know have fallen for this. If someone claims to be from a company you know, they probably aren’t. If the person wants you to download software to your computer or phone, don’t. If the person asks you to approve a transaction, don’t. If it sounds too good to be true, guess what? It is.

The current most common smishing (text) scam is the IRS calling to check on your refund or pester you for not paying your taxes. Obviously, this scam starts from a collective fear of screwing up with the IRS. It adds urgency and an easy supposed solution, with the hackers walking away with thousands of your hard-earned dollars.

Personally, I also receive a bunch of calls about “connecting me with the $225,000 business loan I asked about.” Which I didn’t ask about, of course.

Imagine again all these finance and IT professionals, the holes in the knees of our pants growing larger by the day, begging you, please, heed these warnings and protect yourself. We’ll all be better off.

Scroll to Top