Wealthy urged to improve digital hygiene in fight against cyber crime

Wealthy individuals and their families are often targets for cybercriminals who seek to steal their money, identities, intellectual property and corporate data through a range of hacking campaigns, warn bankers, lawyers and security specialists. 

But by taking steps to improve their digital hygiene, such as regularly updating software, passwords and hardware, they can stay one step ahead of hackers and safeguard their money online. 

This is crucial as cybercriminals increasingly launch sophisticated and targeted attacks against wealthy individuals and their families, according to Nicola Thorpe, partner at international law firm Charles Russell Speechlys. 

“In a world where so much information is publicly available, wealthy families are having to look closely at their own cyber security systems,” she says.

“The threats include, but are not limited to, the interception and unauthorised use of personal and financial data, compromising the security of online transactions and potential breaches of confidential family or business information.”

Access to large sums of money and sensitive data makes high-net-worth individuals ideal victims for cyber crime, warns Annabelle Bryde, head of UK private bank wealth management & crown dependencies at Barclays Private Bank.

She adds that cybercriminals may view wealthy individuals as easy targets due to their public profile and typically having fewer cyber security precautions than corporations. 

She says cybercriminals continue to use common methods such as phishing, ransomware and identity theft, but many are also using artificial intelligence technology. 

Hackers think wealthy people present “lucrative opportunities for financial theft, extortion, and in some cases even identity theft” and are employing a range of methods to achieve these aims, according to Tom Gaffney, a cyber security expert at global cyber security and privacy company F-Secure.

He points to phishing attacks to access financial accounts and sensitive information, ransomware attacks for encrypting data and extorting victims, and social engineering for tricking victims into sharing personal and financial details. 

Criminals could even break into the personal residences of wealthy individuals and their families by targeting smart home devices, he adds. 

Publicly available information about wealthy people can aid cyber criminals in launching social engineering attacks, stealing personal identities and creating AI-generated videos of their victims, known as deep fakes, according to Chris Harris, a cyber security specialist at French tech giant Thales.

“Wealthy individuals with substantial funds are also more likely to pay ransom demands, thereby encouraging cybercriminals to employ ransomware attacks,” he adds. “Mitigating reputational damage from the exposure of sensitive or personal information will often take priority over financial loss for these often-high-profile individuals.”

As these threats increase, steps to improve cyber security can be as simple as implementing multi-authentication to ensure only authorised users can access online accounts, regularly updating software and installing antivirus programmes on devices, according to Jake Moore, global cyber security adviser at cyber security firm ESET.

With attacks becoming increasingly targeted in nature, Moore also advises high-net-worth individuals to understand and mitigate social engineering techniques. An example would be a cyber criminal phoning a victim and using verifiable information to make the call seem convincing, such as pretending to be a banking adviser. 

“This faux authentication can quickly let a target’s guard down, effectively handing the attacker the keys to their castle,” says Moore. “Impressive manipulation tactics are constantly improving and can often leave people stunned at how easily they were influenced.”

But Moore says zero-trust security models, which promote the principle of never trusting and always verifying users, can “force people to do their due diligence and further checks to prove verification”. 

Maya Prabhu, managing director and head of wealth advisory for Europe Middle East and Africa at JPMorgan Private Bank, advises wealthy family offices to create a list of policies to strengthen their online security. 

This can include steps such as regularly changing passwords, refraining from sharing personal information with AI programs such as ChatGPT and using virtual private networks when connecting to public WiFi networks, she explains. 

“There is also merit in including guidance on who to call and what action to take should any online issues arise, to ensure a quick resolution and minimise any possible impact on the family’s wealth,” she adds. 

Considering that many youngsters now own smartphones, tablets and other gadgets, Prabhu believes wealthy families should instil good cyber hygiene in their children.

“The conversation should begin with the basics for younger children, such as not using their birthday as a password and not purchasing things without permission, but should evolve into a more in-depth conversation around safety and rules as they grow up,” she says.

Kevin Barrett, managing director of private and commercial banking at Arbuthnot Latham, recommends wealthy individuals regularly monitor their online accounts, limit sensitive information access and perform regular data backups to “fortify their defences against online threats and ensure the security of their wealth and personal information”.

“The more money you have, the more of a target you become,” he concludes. “And we regularly advise clients to remain vigilant against potential threats of financial fraud, identity theft, ransomware attacks, data breaches, physical security threats, espionage, insider threats, reputational damage, and extortion.”