Money Matters with Greg
Needing guidance on finances, or just curious about investments? Join CEO and Owner of Farrall Wealth, Greg Farrall, as he dives into all things relating to money and often interviews interesting people he is fortunate enough to call his friends.
Thanks for listening! Please share, review, and subscribe!
Securities and advisory services offered through LPL Financial, a registered investment advisor. Member FINRA/SIPC.
Money Matters with Greg
Episode 172: Ten Practical Ways To Prevent Cyber Theft Before Year-End
Holiday shopping is a gold rush for fraudsters, and we’ve seen firsthand how fast a quiet click can turn into sleepless nights. After helping a client recover from a bank account hit, we pulled together a clear, end-of-year cyber checklist to protect your money, your identity, and your family’s peace of mind. No jargon, no scare tactics—just the high-leverage moves that actually work.
We start with the most effective layer: freeze your credit at all three bureaus for yourself, your spouse, and your kids so new-account fraud can’t start in your name. Then we lock down logins with multi-factor authentication on email, banking, and cloud accounts, using authenticator apps instead of SMS. We pair that with password managers and auto-updates on phones, laptops, and even routers to close the software doors criminals use. From there, we turn on transaction alerts for withdrawals, new payees, and new-device logins, giving you instant visibility when something’s off.
Security meets savings as we audit six months of statements to cancel forgotten subscriptions and catch sneaky $19 and $99 renewals. We scan and secure tax records, shred old files, and reduce your exposure on data-broker sites like Spokeo and BeenVerified to cut spear-phishing down to size. Finally, we build a 15-minute family breach plan: who calls the bank, where freeze PINs are stored, and which backup card and cash sit outside your wallet. Along the way, we break down the most common attacks you’ll face—phishing, business email compromise, credential stuffing, ransomware, account takeovers, malware, fake invoices, romance scams, and SIM swaps—plus how to spot them fast.
If you only do three things today, do these: freeze credit, turn on MFA, and set transaction alerts. Those steps stop or blunt most financial fraud we see. Subscribe for more Money Matters insights, share this with someone who needs a cyber tune-up, and leave a review with the first action you’re taking—what will you lock down tonight?
Securities and advisory services offered through LPL Financial, a registered investment advisor. Member FINRA/SIPC.
The opinions voiced in this podcast are for general information only and are not intended to provide specific advice or recommendations for any individual. To determine which strategies or investments may suit you, consult the appropriate qualified professional before deciding.
Good afternoon and welcome to Money Matters with Greg. I am Greg Farrell, CEO and owner of Farowealth. It's a wealth management firm here locally in Valparaiso, Indiana, and serving clients nationally in uh 24 states. And we talk money on the show. We have guests on the show quite often. And you can find the show on podcasting anywhere you pod, as well as 103.1 FM WVLP, where we are broadcasting Thursdays at 1 o'clock and then replayed on Saturdays at 1 o'clock as well. I'm a licensed financial advisor and we work with clients on a number of things that I try to bring to this audience as much as possible to just help you with your money, invest your money, save some money, and then also bring on some experts that would be helpful in some way to you. We have had mortgage brokers, uh realtors, uh looking forward to a number of different people coming on in here. We've booked uh coming up here in the next month or so. So very excited to have our 172nd episode today. And today, I wanted to get into uh year-end stuff. We did a year-in planning conversation just uh a few weeks ago, talked about uh a number of different things you can do before the year end, uh tax loss harvesting, um, making sure that you're uh um you can uh prefund uh your mortgage. You can certainly get the deduction uh in this year in 2025, just a number of different things. You can certainly check that out. Um that is episode 171, and you can get that again anywhere you pod. Um uh money matters with Greg. We also have a YouTube channel and all socials. Uh, you can find us uh at Farowealth and at Money Matters with Greg. Um anyway, let's get to it. I wanted to wish everybody uh obviously a happy Thanksgiving. I hope you were able to spend a ton of time with your family and friends, eat some good food, and laugh a lot. That's really, really important to be able to have humor in your lives. And I certainly hope that uh everyone had a great time and is looking forward to the holiday coming up here as we go into year end. One of the things that we see, and this just recently happened to a very close friend and client, their family was hit by cyber attack that ended up losing money. Money was stolen from their accounts, they had identity theft, they had to change their accounts, they had to go through just a massive amount of stress. And uh to the point where uh they've really it it's become uh it's paralyzing. I mean, it's real, it's real paralysis for sure. And um it really does affect not only the core family, but everyone around it as well. And I saw them go through this and just uh wasn't anything that for accounts that we have or anything else, it was their bank accounts that they have at a local bank uh was attacked. So ultimately everything was restored, but it was just a ton of work and a ton of stress. So I want to talk about cyber attack prevention tips today. I've got 10 for you today, and then also kind of wanted to go into some of the types of the types of risk that are out there. So, one tips on how you can prevent and prevention on cyber attack, because as we know uh we're shopping a lot here. I hear going to the holidays, uh, your family's shopping a lot. You know, your kids have social security numbers that can be stolen, your address, name, any PII and personal information is at risk. And you really need to be aware of all things around you and be aware of your surroundings and some of the things you're not even you didn't even know. So um hopefully today we're able to kind of bring to you some things that will help you along the way. So with that being said, really here's my David Letterman's uh top 10. If you remember David Letterman and you're old enough to know that, uh he had a show where he always did his top 10 that were always really funny. Uh really wanted to tailor this towards small businesses, small business owners and individuals, uh, to just sort of easily explain some of the things you can do before December 31st to avoid becoming a cybercrime statistic. One of the things you can do, number one, would be to freeze your credit. Uh, you can freeze your credit on your spouse and your kids too. Uh that takes 10 minutes per even each bureau, Equifax, Experian, uh, TransUnion. It's free. And it's probably the most simple, most effective way to stop identity theft for a new account fraud. You can always release that credit hold before you apply for anything else, but at least you know you're doing it, not someone else, which is very, very important. So you can do it online today. You can go to Equifax, Experian, TransUnion, and just Google any of those sites and um get to work on that. It's really the safest way to make sure that no one is starting an account with your name on it in any way or taking on any debt as well. You know, they can apply for mortgages if uh, you know, if they have the right information. Number two, be simple multi-factor authentication or MFA, everywhere that matters really as a priority. Your email or your financial life really dies if your email is hacked. Banking, brokerage logins, your Apple, your Google account, your Microsoft account. Use the authenticator app. Uh, you can use Google Authenticator, uh, Microsoft Authenticator Authy as well is another app that works really well. Um, not SMS if possible, just because that can be hacked as well. So it would replace any existing, any remaining passwords that were unused or weak and get a password manager if you don't have one. Bitwarden is free and uh excellent. Uh one password or LastPass is one that we use for sure if you want to if you want to pay for anything. They have uh free programs as well, but you can at least get through your monthlies. It's sort of a like a year-in type New Year's resolution to stop reusing passwords across sites, update your most important devices, your your iPhone, your laptop, your type, your tablet, even your router. All of these install and on a new pending update. So old software as well, it kind of opens a door into these type of devices. So set everything to auto-update going forward, uh, which is another way to think about things. And then you can switch to pass keys where available on Google, Apple, Microsoft, PayPal, all have, and many banks have pass keys as well. We're seeing uh multiple different you know uh things that slow you down, but the pain and the suffering of having those things stolen is gonna slow you down even further. Many banks now support uh those pass keys, passwordless logins, fingerprint. I know Apple, and that's our network, uh, is all fingerprint uh as well. So just trying to make it easier for you with fingerprints is so much easier than having to go through the whole pass key, everything else. And um, so just highly recommend doing it. Next is setting up an account alert on every financial account, text or email alert for any withdrawal or transfer over one dollar. That certainly helps. I know I have clients that put uh alerts on whether their account balances go below a certain number for sure. You can easily put a uh an alert on a withdrawal or a transfer of over a dollar to be alerted so you at least know what's going on. So, and then you also get an alert for a new paye added login from a new device. Um takes about two minutes per account and catches fraud almost instantly. So um that's really huge, too. I don't know what number I'm on, but uh I'm gonna keep on going here. Uh again, the show's Money Matters for Greg. I'm Greg Farrell, CEO and um owner of Faro Wealth. It's a wealth management firm here locally in Valparaiso, serving clients uh nationally. Today we're talking about cyber attack risk and the things that you can do. We're on WVLP FM 103.1 on Thursdays at one o'clock, and then also broadcasting uh a replay on Saturdays at one o'clock, and you can also get us anywhere you pod. Hope you're listening. Like the podcast if you can, follow us along, and hopefully we can save you some money moving along here. Next thing as far as cyber attack risk that I highly recommend is the shred or lock up old tax returns. Financial docs. I uh the IRS requires uh you hold on to your tax returns for seven years. Um you can scan those uh and then shred them. You can scan them, put them inside of your cloud or inside of your uh virtual uh vault uh if you have it. Uh identity thes still dig through trash and stolen mail. So buy a$30 cross-cut shredder and move old files to a lock cabinet. Um, it's really the best way to do it. Next thing is to check your credit card for free trial. Auto renewals. These are all you want to go through through the last six months of statements. Checking this credit card, it sort of alerts you if anyone else is gonna uh apply for a credit card for these auto renewals. So make sure that you at least check and then you go through the last six months of statements to make sure that you haven't been hit with any sort of auto renewal for any sort of uh one thing's for subscriptions. We see tons of people uh paying a number of things that they didn't even know they were paying. So um that's really helpful. Next, you want to go through and you want to cancel and get refunds for anything you forgot about, um, Adobe, newspapers, gym apps, uh, with these subscriptions. Uh, scammers love hiding$19 and$99 charges anywhere. Um, and you want to make sure that you are not getting hit for these things. So that's why we recommend six months of statements, go back uh and just see what it what is this charge? I don't even know. And usually there's on the on the on the charge there's a 1-800 number. You can Google that number, uh, find out if it's real. You can call the number if you if you if you really want to. Um, but um it's very rampant for these$19,$9,$99 charges that you don't even it really doesn't affect your life and you don't pay attention to. So highly recommend you just double check. It doesn't take long just to kind of go through your personal statement and just see what's if if anything's being hit. You can remove your personal info from uh data broker sites if you go to delete me or privacy duck or just Google Remove Me from search sites. Uh that certainly helps. Um at a minimum, hit the big ones. So Spokio, Ben Verified, and Telius is another that really helps. Takes an afternoon to, but really, you know, takes a little time, but really cuts down on the fishing that looks legit. Fishing is a type of, we're gonna get into that in a second, exactly what that is. But it is what it is. It's P uh P-H-I-S-H-I-N-G, not fishing like I love to do with fly fishing. It's fishing for for information and making sure that they ultimately keep on getting more information and ultimately can apply for things with that information unbeknownst to you. And then what happens if we get hacked is the next talk with the family, is I recommend is having a plan. Uh, we always talk on this show about making a plan and working the plan and a financial plan, but what about as a family? What do we do? So decide, you know, over the holidays when you're talking about this stuff, maybe bring up the fact that, hey, you know, what happens if we as a family get hacked and three kids, they can easily get hacked. You could have a five-year-old have their identity stolen. So, you know, who calls the bank first? Where's the credit freeze info saved? These sorts of things are really, really important. Um, do you have a small amount of cash and a backup credit card that's not in your wallet in case everything gets frozen and your entire financial world gets hit? This 15-minute conversation really saves days of panic later. That's just my top 10. I'm really to just go through the cyber attack tips that uh hopefully will help you and give you some ideas that will sort of just like knock things out. If you do three things from this list uh before the ball drops on Times Square, uh that's 10, right? That's a lot. It might be too much. We'd like to swim in the shallow end of the pool before we get in the deep end, right? And just maybe accomplish one or two things. So I would go with number one, number two, and number six, which was freeze your credit first. Um, you can do this for you and your family, and that makes you feel real good uh knowing that that's done. Again, you can always open it up if you're going to for a car loan or a credit card yourself or anything else. Take the credit off, um, as well as uh even internet services uh are going to check your credit. So um you can always turn it back on and then turn it off and feel safe at night. So that's probably number one. Next would be uh turning on the multi-factor authorizations, that's uh that's number two, turning on with your email and banking for sure. And then of course you set up transaction alerts uh with your bank as well, and that's number six. So if you set up the transaction alerts that that medley uh or that trio of three different things to do, really set up that's probably close to 95% of most financial nightmares that you hear about every week. Feel free to grant, you know, you can you can brand it Greg's year-in cyber lockdown checklist or your very own. You're you know, you're welcome. Hopefully it helps with some ideas here that can help you avoid any sort of cyber attack during these uh during these holidays and the holiday shopping season. The show's Money Matters with Greg. I'm Greg Farrell, CEO and president of Feral Wealth. It's a wealth management firm, independent wealth management firm, uh working with clients all over the nation. If you have any questions or need anything from us, uh and also I have some topics, uh, I'm Greg at faralwealth.com. Um you can also find us on any socials, uh the YouTube channel as well. Um so Facebook, LinkedIn, uh X, and uh Instagram uh at Faralwealth. You can find us uh on all of those. Um next uh and then we're broadcasting here at uh station identification 103.1 FM here at WVLP. Uh the show airs at one o'clock on Thursdays and then Central Time and then uh one o'clock on Saturdays. You can also get uh that on uh TuneIn Radio as well. Just look up WVLP if you have subscription to TuneIn Radio. So you can get us anywhere. Also, WVLP.org is uh international, obviously, so you can listen to us on the web. So we talked finance here, we talked money matters and how it might help you. And that's where I really want to go into the last things is sort of sort of common attack cyber attack types that is sort of a rundown on attacks that eventually hit everyday people and small businesses in 2025, happens all the time. So the most common attacks and sort of a rough order or frequency for individuals and small businesses, one would be phishing. That uh I mentioned before. It includes smishing and fishing, which is video as well, and anything to do with uh gathering, any sort of information to go. You have fake emails, texts, phone calls, tricking you into link at clicking links or giving info. Example is your Chase account is locked. Please click here to verify. Business email compromise is the next one, any sort of what they call back B E C. But a hacker breaks into or spoofs your email and asks your bookkeeper, spouse, or to your client to wire money. Average loss for small businesses is$100,000 or even higher. So really want to be make sure you're careful for that and also let your bookkeeper know or your accountant know that you want to verify any transfers before and need authorization verbally, and then make sure that that is actually a real person and not an AI. That is really important. So that is another, that's probably one of the two top two. And then you do credential stuffing is another one. It's called password reuse attacks. Basically, crooks taped usernames and passwords leaked from some random site years ago, and they try them on your bank and PayPal and everywhere everywhere else. And this is why multi-factor authorization is so important. Unique passwords are just non-negotiable anymore. You have to do it. So that is another huge cost as well. And then the next one would be ransomware. Your files get encrypted and you're asked to pay Bitcoin to get them back. This hits uh a lot of small medical offices, law firms, accountants, especially hard where they need the data back. Basically, the data is held ransom, and that's why it's called ransomware. And so the fee can be sizable, it can also be pretty minimal, but it is gonna be an issue uh for sure. You know, is having to come up with those funds to be able to get your data back is is pretty brutal, and it really stops uh stops business for sure and stops your financial life quickly. The next scam would be a tech support refund gift card scam. It's a pop-up or a collar says your computer has a virus. We're issuing you a refund. Please log in here, or click click this link, and then it ends up with them draining your account or making you buy gift cards for them to get the virus removed or any sort of bank account. So that is we see that quite often. It's not, again, a huge dollar amount, but it can be and it can add up uh for sure. Another thing that is uh to be aware of is called ATO. It's called an account takeover. Um, they get into your bank, your brokerage, your Venmo, or your crypto account. Usually there's usually because there wasn't multi-factor authorization. And they drain or drain or transfer uh before you notice, and that's what happened to one of our clients. Um, they notice pretty quickly, but it was already gone. Is a huge thing. An ATO is an account trying to take over. Next would be just simple malware. You have Trojans, Keyloggers, info stealers. You download a fake invoice, PDF, or crack software, and it quietly steals passwords and banking cookies that are on your computer. So be aware of any malware and make sure you're running your antivirus software and malware software on a regular basis. Set your uh software to update frequently and remove and scan frequently as well. I'd say at least once a week, if not once a month, if not more. Uh you know, whatever you decide to do. You could even do it daily if you really wanted to. These fake invoice and these vendor email attacks, they look like a legitimate bill from a supplier you actually use, but the payment goes to the hacker's account. So this is really important. We had an insurance company that was taking collections, and the client has always sent it a certain way, but they were told to send it a different way, and they did that before the insurance group could actually get to them to tell it. So they actually sent a huge premium bill, payment to, you know, in an erroneous place. It can happen. Um, you know, these are very calculated and very technical and very efficient hackers and uh criminals. So just trying to make sure that you are thinking about all those things as much as possible. So when you see a legitimate bill from a supplier but it looks a little off, it probably is. The last, one of the last ones is a romance, or it's called pig butchering scams. Someone you meet online grooms you for weeks, months, then asks for money and gets you to invest in fake crypto platforms, or uh, you know, sending them money uh in some way with Venmo or or or Rosel or whatever it might be. This is the number one way Americans lose money online, um, is romance and what's called pig butchering scams. Um, so obviously just be aware. And then the last one is uh sim swapping. This is a little bit less rare or less less than an occurrence and more seldom, I guess the best way to put it is a hacker convinces you your convinces your cell carrier to port your phone number to their sim, and then it ultimately moves over. So this instantly bypasses all SM and uh based multi-factor authorization uh author authentication and takes over every account tied to your phone number. So that's really big as well for sure. And again, if you have multi-factor on, it won't happen. Or if you have an encryption password encryption software, that won't happen either. So I hope that helps. Those are just top 10 tips on cyber attack risk, and then a list of the most common attacks that are out there and what they are and how they how they occur. I know everyone out there feels as though they've got things in a good spot. And if you don't, please do. Um the thing I've seen is the people that are attacked are just every day, just like you, your neighbors, your friends. They knew they shouldn't have clicked that link or they shouldn't have done this or whatever it might be, and then it gets real scary. So trying to prevent that here during the holidays as we uh walk our way through through the month of December. I want to thank everybody for being here. The show's Money Matters with Greg. I'm Greg Farrell, CEO and owner and financial advisor of Farrell Wealth. And um, again, trying to help you with your money, add some value to you and your family, save you some money, make you some money as long as well. With some of the topics we have. This is a 172nd episode, which I can't believe. And uh, we are very excited this week. I want to just give a quick plug as I wear my IU vest. Again, going into the Big Ten Championship undefeated. Uh, here we go. Going to play Ohio State on December 6th. So hopefully uh we'll see a victory down in Indianapolis uh this Saturday. And the next episode I make, we'll have we'll have a victory. Thoughts and prayers for that for sure. Um again, 103.1 FM WVLP broadcasting here at uh one o'clock on Thursdays, and then again on Saturdays. You can also catch us anywhere with your pod as well, uh, YouTube channel, social media, you name it. And uh email me, Greg at farowalt.com, with any questions or anything, any topics you want to talk about. I want to thank you for the time. Thanks for being here. Have a wonderful holiday if you don't catch you in the next uh episode and uh be well. Catch you. See ya bye.
SPEAKER_01:Thanks for tuning into Money Matters with Greg. We hope you gained some valuable insights today. Remember, your financial journey is personal, but you don't have to go it alone. If you enjoyed the show, be sure to subscribe and share. Until next time. Here's to making your money work for you. Securities and investment advisory services offered through LPL Financial, a registered investment advisor, member FINRA SIPCU.
