A look at cyber security threats and protection from cyber criminals

Jeff Lampinski, head of our Global Security and Fraud team, speaks to the growing cyber security threats and what our clients can do to protect themselves from cyber criminals.


Maria Bruno: Thank you for joining us today. I’m Maria Bruno, and I’m joined by Jeff Lampinski, head of our Global Security and Fraud team. Jeff, welcome.

Jeff Lampinski: Thanks for having me.

Maria Bruno: Jeff, it seems we’re hearing more and more about large-scale security breaches in the news. Should our clients be concerned?

Jeff Lampinski: The answer is whether it would be cybercrime, cyber threats, or cyber security, collectively, we should all be sensitive to the threat, whether we work at Vanguard or a Vanguard client or a client to any banking institution. The threat to our identity is real. The threat to our data, whether it be corporate data or personal data, is real; and it is ever increasing in sophistication. Vanguard invests substantial sums in its people, in processes, and in its technology in best defending against the cyber security and ever evolving cyber security threat environment. But, in the end, the most effective cyber defense is a true partnership between Vanguard and its clients. And just like any healthy relationship, it requires work; sometimes hard work on the part of both parties to that relationship. So our clients do have a very critical role in helping best protect their data and their assets.

Maria Bruno: Jeff, what are some of the things that our clients can do to protect themselves from hackers?

Jeff Lampinski: As we speak here today, more than 10,000 malware variants will emerge around the globe. That’s why it’s critically important that our clients continually update their antivirus and antimalware programs. Now Wi-Fi connections. Never do online banking through a non-secure Wi-Fi service. Wi-Fi services can be spoofed. The free airport Wi-Fi service may not be, in fact, the airport Wi-Fi service. You may be surrendering your credentials to a cybercriminal. Never use the same password for all of your banking institutions. Use a unique password for each banking institution. And never make use of your email password as a banking password. Email passwords are entirely too easily compromised. Social media, we all love social media but we all overshare information on social media. So be very cautious in how much you share on your social media sites. Social media provides fraudsters with a treasure trove of personal information on our clients that they can and do use against them for malicious phishing attacks and other social engineering tactics. And, finally, phishing. We all know what phishing emails look like. They’re unsolicited, there’s a sense of urgency to them, never click on a link or open an attachment in an unsolicited email from Vanguard. Never surrender your user ID, your password, your security questions, security answers, your email address, and certainly not your email password.

Maria Bruno: What does Vanguard offer in terms of additional layers of security to help protect their accounts?

Jeff Lampinski: The first is sign up for a security code. So accept an SMS text to your personal cell phone with a one-time security code each time you log into vanguard.com. That security code is then something only you know and has come to your personal device, something you have. That’s very strong and powerful for protecting against account takeovers. Consider subscribing to account activity alerts through either email or through an SMS text and get a message regarding every transaction against your account or any change to your security profile, your security questions, your security answers, or your password. Those are critical security events that you should know about at the time they occur. Consider subscribing to voice verification and use your voice as your password when calling in to Vanguard. Your voice is very much like a fingerprint. So that voice profile can be used by you in authenticating when dialing directly into Vanguard. If practical, consider restricting access to vanguard.com to a single device. Now if you travel frequently, you carry multiple devices, you might want to log in through a laptop versus your cell phone, it may not be practical. But if it is, I would strongly urge clients to consider restricting access to a single device.

Maria Bruno: Jeff, thank you. That was really good information.

Jeff Lampinski: Thank you for having me.

Maria Bruno: For more information on how Vanguard keeps your account information safe and what you can do, please visit our security center at vanguard.com/security. © 2016 The Vanguard Group, Inc. All rights reserved.