Cybersecurity
1 minute read
How to spot impersonations, scams and deepfakes
Trending Insights
-
02
No one likes to manage dozens or even hundreds of ever-changing passwords. No surprise, then, that one frustrated private equity chief operating officer (COO) simply refused. Instead, he used a single password for most of his accounts, both personal and professional.
What happened next should come as no surprise, either: In a hack unrelated to his work, cybercriminals captured his password. Then they used that password to breach the COO’s personal email, work email and eventually his entire company.
Cue ransomware attack. The firm’s environment was shut down, and employees were unable to work for weeks. Not to mention the financial and reputational costs. Accepting a small personal inconvenience upfront could have prevented the breach and its ripple effects.
Preventing cyberattacks goes beyond implementing appropriate security technology. Your business, including your people and your processes, may be vulnerable as well. Often, cybercriminals are looking for footholds in your devices, where they can sit quietly, gather information and learn how you operate before launching a larger attack.
Many families with significant wealth, businesses and family offices find themselves largely unprepared.
Cyberattacks, automated bots, AI deepfakes, supply chain software vulnerabilities, ransomware—today’s cybercrime landscape is much more sophisticated than it was just a few years ago. This is true for businesses of all sizes, not just the large organizations whose cyberbreaches make the news.
In fact, 75% of cyberattacks target small and medium businesses.1 That’s partly because they lack the robust defenses of larger organizations, and partly because many business owners mistakenly believe being in the cloud ensures security. Once a cybercriminal gains access to an organization, they’ll attempt to move laterally in an effort to extract valuable data and generally wreak havoc.
High-net-worth individuals and families, investment offices, family offices and private businesses are particularly attractive targets for cybercriminals due to their perceived wealth, significant resources and extensive digital footprints. In our 2024 Global Family Office Report, 24% of family office respondents said they had been victims of cyberattacks. Of family offices with more than USD 1 billion in assets, 40% said they had suffered a breach.
Yet our research finds family offices are largely unprepared. Only 39% require staff to undergo cybersafety training, and only 34% have hired a cyberdefense provider.2 Nearly a quarter—23%—have no cyber protections in place.
Like other crooks/thieves/burglars, cybercriminals look for the weak link. Often, that’s people. Hackers use social engineering in all its forms—email and text phishing, QR code manipulation and voice manipulation—to seize information that would otherwise be protected. Maintain a skeptical mindset toward any request for money or information about your organization, and verify any request via another channel.
While artificial intelligence (AI) can provide efficient productivity gains, it can also present security risks.
AI platforms and tools can retain everything you input. This makes it crucial to implement guardrails that will safeguard business data and personal data. If you’re utilizing a public AI tool to read and review resumes and not using an enterprise license, every piece of that data read—names, addresses and other potential proprietary information—are being ingested into a Large Language Model (LLM) platform that you do not control.
To be cybersafe with AI:
There’s no foolproof way to protect your business from cybercriminals. But there are steps every business owner, high-net-worth individual and family office can take to mitigate risk, and to limit damage should a breach occur.
Given the rapidly changing landscape of cyberthreats and their increasing severity, it’s far better to invest a modest amount in an assessment and prevention than to pay an exorbitant amount—in cash, reputation and headaches—in a ransomware or extortion attack that could have been avoided.
Protecting your assets and your information is our priority. J.P. Morgan is committed to providing safe, resilient services to our clients and partners within an ever-evolving threat landscape. For more information and resources to better secure yourself, your family and your business, please contact your J.P. Morgan team.
1The 2024 Sophos Threat Report (https://news.sophos.com/en-us/2024/03/12/2024-sophos-threat-report).
22024 Global Family Office Report, J.P. Morgan Private Bank, April 2024.
We can help you navigate a complex financial landscape. Reach out today to learn how.
Contact usLEARN MORE About Our Firm and Investment Professionals Through FINRA BrokerCheck
To learn more about J.P. Morgan’s investment business, including our accounts, products and services, as well as our relationship with you, please review our J.P. Morgan Securities LLC Form CRS and Guide to Investment Services and Brokerage Products.
JPMorgan Chase Bank, N.A. and its affiliates (collectively "JPMCB") offer investment products, which may include bank-managed accounts and custody, as part of its trust and fiduciary services. Other investment products and services, such as brokerage and advisory accounts, are offered through J.P. Morgan Securities LLC ("JPMS"), a member of FINRA and SIPC. Insurance products are made available through Chase Insurance Agency, Inc. (CIA), a licensed insurance agency, doing business as Chase Insurance Agency Services, Inc. in Florida. JPMCB, JPMS and CIA are affiliated companies under the common control of JPMorgan Chase & Co. Products not available in all states.
Please read the Legal Disclaimer for J.P. Morgan Private Bank regional affiliates and other important information in conjunction with these pages.
Bank deposit products, such as checking, savings and bank lending and related services are offered by JPMorgan Chase Bank, N.A. Member FDIC.
Not a commitment to lend. All extensions of credit are subject to credit approval.