Protecting Your Digital World: Practical Cybersecurity Tips to Safeguard Assets

October is not just the month when leaves fall and pumpkins are carved—it’s also a good time to think about digital safety and implement changes to protect yourself in case of a fraudulent fright.

This Cybersecurity Awareness Month comes as cybercrimes resulted in record losses last year. In 2024, the FBI’s Internet Crime Complaint Center received nearly 860,000 complaints, with reported losses reaching $16.6 billion—up 33% from 2023.

A single breach can have significant financial, reputational, and personal consequences. To reduce these risks, it’s important to understand the most common cyberthreats and how to limit your exposure.

The core four

The Cybersecurity and Infrastructure Security Agency (CISA) focuses on four key practices as the foundation of cyber protection:

1. Recognize and report phishing: Avoid clicking on suspicious links or opening unexpected attachments. Verify requests directly with the source.
2. Use strong, unique passwords: A minimum of 16 characters, including numbers and symbols, ideally stored in a password manager, helps prevent unauthorized access.
3. Turn on multifactor authentication (MFA): MFA should be enabled on all sensitive accounts, with hardware keys offering the highest protection.
4. Keep software updated: Update software promptly. Install operating system, app, and firmware updates as soon as they become available to close known vulnerabilities.

Don’t take the bait—beware of phishing and spoofing.

Phishing and spoofing were the most common complaints reported to the FBI last year, with more than 190,000 cases reported.

Spoofing happens when a scammer tries to convince you that you’re interacting with a legitimate person or company by altering a known sender name, email address, or phone number to closely mimic the real thing.

Phishing uses spoofing techniques to lure you into a scam by getting you to share sensitive information that criminals can use to access your money. This could happen if you’re sent a link by text or email that appears to come from a legitimate company but instead takes you to a website where you enter personal information, such as your credit card details or Social Security number, which is then used to hack into your accounts.

To avoid becoming a victim:

• Never share your username and password.
• Be suspicious of unsolicited links: look carefully at the spelling of email addresses, the text within emails, and URLs to make sure they’re accurate without misspellings or discrepancies in font size or color.
• Confirm text messages you receive are legitimate by looking up company numbers and calling to verify that requests were made.
• Set up two-factor authentication on your devices.

Protecting high-net-worth households

Cybersecurity threats are becoming more sophisticated each year, and high-net-worth individuals are at increased risk. According to a 2024 JPMorgan report, one out of four family offices surveyed said they had been exposed to a cybersecurity breach or fraud. The combination of valuable assets, public visibility, and a wide digital footprint makes personal and family information especially vulnerable.

Because of this higher level of risk, consider extending protections beyond the basics:

• Isolate devices: Keep financial or business accounts on dedicated devices separate from general family use.
• Encrypt sensitive information: Ensure sensitive documents and communications are encrypted both in storage and during transfer.
• Back up critical data: Maintain secure backups of key files and test your ability to restore them in the event of ransomware or device failure.
• Secure home networks: Update router firmware, change default credentials, and use strong Wi-Fi encryption. Avoid public Wi-Fi for sensitive activity unless using a trusted VPN.
• Educate family members and staff: Many breaches begin with an uninformed assistant, household employee or even a child’s compromised device. Provide clear guidance on safe online behavior.
• Review cyber insurance coverage: As threats evolve, confirm that policies include protection against social engineering, ransomware, and other emerging risks.

Taking a proactive approach

Cybersecurity is not a one-and-done task—it’s an ongoing process that requires vigilance, adaptation, and hands-on support. By adopting layered defenses and fostering awareness among family and staff, you may significantly reduce your risk of being targeted.

At Marsh McLennan Agency Private Client Services, we specialize in helping clients who face unique exposures. Our team can help you assess vulnerabilities, build resilience, and recommend insurance coverage to help protect your assets in the event of a breach. Contact us today to learn more about how we can help safeguard your wealth, reputation, and digital security.