Cyber Security: Think Before You Click

Cyber Security: Think Before You Click

by | Oct 19, 2021 | Cybersecurity

If you are concerned about your cyber security – and you should be – it’s essential to know the biggest threats to you right now.  So, what is cyber security anyway?  And how can you protect yourself?

Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. Global cyber threat continues to increase at a rapid pace.  Most, but not all, cybercrime is committed by hackers who want to make money.  As the result of the COVID-19 pandemic, Cybercrime, which includes everything from embezzlement to data hacking and destruction, is up 600%.

Types of Cyber Threats:

Malware, short for “malicious software”, refers to any intrusive software developed by cybercriminals or hackers to steal data and damage computers and computer systems.  Malware is often activated when a user clicks on a malicious link or attachment, which leads to installing dangerous software.  There are several types of malware:

  • Virus: A self-replicating program that attaches itself to clean files and spreads throughout a computer system, infecting files with malicious code.
  • Trojans: A type of malware that conceals its true content to fool a user into thinking it’s a harmless file. Cybercriminals trick users into uploading Trojans onto their computer where they can collect data or cause damage.
  • Worms: Malicious software that spreads copies of itself from computer to computer within a network. Worms exploit vulnerabilities in your security software to steal sensitive information and corrupt files. A worm is different from a virus, however, because a worm can operate on its own while a virus needs a host computer.
  • Spyware: A program that secretly records what a user does, so that cybercriminals can make use of this information. Spyware is often used to steal personal or financial information.
  • Ransomware: Malicious software which locks down a user’s files and data with the threat of erasing it unless a ransom is paid.
  • Adware: Unwanted software that displays advertisements on your screen. Adware collects personal information from you to serve you with personalized ads. While adware is not always dangerous, it can redirect your browser to unsafe sites and can even contain Trojans and spyware.
  • Rootkits: Malicious software that is extremely difficult to spot and also very hard to remove. A rootkit allows someone to maintain control over a computer without the computer owner knowing about it.  Once a rootkit has been installed, nothing on your computer is secure.

Where does malware come from?

The most common sources of malware are malicious websites, email attachments, and shared networks.

  • Phishing: E-mails that appear to be from a legitimate company asking for sensitive information. Phishing attacks are often used to trick people into handing over personal information or credit card data.
  • Shared Networks: A malware infected computer on your shared network can spread malware onto all devices on the network.
  • Malicious Websites: Some websites may install malware onto your computer – usually through advertisements on popular sites (malvertising) or malicious links.

How to Prevent Malware – 7 Things You Should Start Doing Now:

  1. Install Anti-virus Software: Anti-virus software will scan your computer to detect and clean the malware and provide enhanced protection against newly created viruses.
  2. Regularly Update Software: Keep your software updated to stop attackers gaining access to your computer through vulnerabilities in outdated systems.
  3. Install a Firewall: A firewall blocks all unauthorized access to or from a private computer network.
  4. Use Secure Authentication Methods: Use strong passwords with at least 8 characters, including an uppercase letter, a lowercase letter, and a number or symbol. You should also enable multi-factor authentication, such as a security question in addition to a password.
  5. Don’t Open Emails From Unknown Sources: Hackers often send emails with links that are sure to send malware your way and hack into your important information. It is better to delete the email than to suffer the consequences of opening it.
  6. Avoid Using Unsecure WiFi Networks in Public Places: On an unsecure network, a cybercriminal can intercept communication between two individuals to steal data.
  7. Maintain Regular Backups of Your Data: Backups do not secure your network from attacks but they help when you face a malware attack.

Jeh Johnson, former U.S. Secretary of Homeland Security, stated “Cyberattacks of all manner and from multiple sources are going to get worse before they get better.  In this realm and at this moment, those on offense have the upper hand.  Whether it’s cyber-criminals, hacktivists, or nation-state actors, those on offense are ingenious, tenacious, agile, and getting better all the time.  Those on defense struggle to keep up.”

It is imperative that you protect yourself and your family from cybercriminals.  With technology increasing, criminals don’t have to rob stores or banks, nor do they have to be outside to commit a crime – they have everything they need on their lap.  Their weapons are no longer guns, they attack with a computer mouse and passwords.

Spam and Phishing

Spam and Phishing

by | Oct 12, 2021 | Cybersecurity

Malicious Email

A malicious email can look just like it comes from a financial institution, an e-commerce site, a government agency or any other service or business.

It often urges you to act quickly, because your account has been compromised, your order cannot be fulfilled or there is another urgent matter to address.

If you are unsure whether an email request is legitimate, try to verify it with these steps:

  • Contact the company directly – using information provided on an account statement, on the company’s official website or on the back of a credit card.
  • Search for the company online – but not with information provided in the email.

Spam

Spam is the electronic equivalent of junk mail. The term refers to unsolicited, bulk – and often unwanted – email. Here are ways to reduce spam:

  • Enable filters on your email programs: Most internet service providers (ISPs) and email providers offer spam filters; however, depending on the level you set, you may end up blocking emails you want. It’s a good idea to occasionally check your junk folder to ensure the filters are working properly.
  • Report spam: Most email clients offer ways to mark an email as spam or report instances of spam. Reporting spam will also help to prevent the messages from being directly delivered to your inbox.
  • Own your online presence: Consider hiding your email address from online profiles and social networking sites or only allowing certain people to view your personal information. 

Phishing

Phishing attacks use email or malicious websites (clicking on a link) to collect personal and financial information or infect your machine with malware and viruses.

Spear Phishing

Spear phishing involves highly specialized attacks against specific targets or small groups of targets to collect information or gain access to systems. For example, a cybercriminal may launch a spear phishing attack against a business to gain credentials to access a list of customers. From that attack, they may launch a phishing attack against the customers of the business. Since they have gained access to the network, the email they send may look even more authentic and because the recipient is already customer of the business, the email may more easily make it through filters and the recipient maybe more likely to open the email.

The cybercriminal can use even more devious social engineering efforts such as indicating there is an important technical update or new lower pricing to lure people.

Spam & Phishing on Social Networks

Spam, phishing and other scams aren’t limited to just email. They’re also prevalent on social networking sites. The same rules apply on social networks: When in doubt, throw it out. This rule applies to links in online ads, status updates, tweets and other posts. Here are ways to report spam and phishing on major social networks:

Tips for Avoiding Being a Victim

  • Don’t reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following links sent in email.
  • Before sending or entering sensitive information online, check the security of the website.
  • Pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
  • If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email. Check out the Anti-Phishing Working Group (APWG) to learn about known phishing attacks and/or report phishing.
  • Keep a clean machine. Keep all software on internet-connected devices – including PCs, smartphones and tablets – up to date to reduce risk of infection from malware.

What to Do if You Are a Victim

  • Report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity.
  • If you believe your financial accounts may be compromised, contact your financial institution immediately and close the account(s).
  • Watch for any unauthorized charges to your account.
  • Consider reporting the attack to your local police department, and file a report with the Federal Trade Commission or the Internet Crime Complaint Center.

Protect Yourself With These STOP. THINK. CONNECT.™ Tips

  • When in doubt, throw it out: Links in email, tweets, posts and online advertising are often how cybercriminals try to compromise your information. If it looks suspicious, even if you know the source, it’s best to delete or – if appropriate – mark it as junk.
  • Think before you act: Be wary of communications that implores you to act immediately, offers something that sounds too good to be true or asks for personal information.
  • Make your passphrase a sentence: A strong passphrase is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). On many sites, you can even use spaces!
  • Unique account, unique passphrase: Having separate passphrases for every account helps to thwart cybercriminals. At a minimum, separate your work and personal accounts and make sure that your critical accounts have the strongest passphrases.
  • Lock down your login: Fortify your online accounts by enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device. Your usernames and passphrases are not enough to protect key accounts like email, banking and social media.

Additional Resources

Originally posted on Stay Safe Online

The ABC’s of Medicare

The ABC’s of Medicare

by | Oct 7, 2021 | Medicare, Retirement

Trying to figure out Medicare can be one of the most frustrating aspects of retirement.  Even the savviest of retirees struggle with figuring out when to enroll and which parts to enroll in – there’s Part A, Part B, Part C, Part D, Medigap plans and so on. And, what in the world is a donut hole, anyway?

What is Medicare?

Medicare is the government health care program for people 65 and over as well as some younger people with disabilities.  Medicare’s coverage plays an important role in containing medical costs as you age. Medicare is a different program than Medicaid, which offers health and other services to eligible low-income people of all ages.

Types of Medicare

  • Part A covers inpatient hospital stays, skilled nursing facility stays, some home health visits, and hospice care. Generally, you don’t have to pay premiums if you or your spouse paid Medicare taxes for at least 10 years.
  • Part B covers doctor visits and other medically necessary services and supplies. That includes preventive services or health care to prevent illness, as well as ambulance services, durable medical equipment and mental health coverage. Part B comes with a monthly price tag – the standard premium was $148.50 in 2021.
  • Part C or Medicare Advantage is a type of health plan offered by private insurance companies that provides the benefits of Part A and Part B and often Part D as well. These bundles plans may have additional coverage such as vision, hearing, dental care and may even include perks such as gym memberships or transportation to doctor’s appointments. Medicare Advantage plans have an annual limit on out-of-pocket costs.  Medicare Advantage plans are typically HMOs or PPOs.
  • Part D is the prescription drug benefit that covers most outpatient prescription drugs. It is a separate plan provided by private Medicare approved companies, and you must pay a monthly premium.  Unless you have creditable drug coverage and will have a Special Enrollment Period, you should enroll in Part D when you first get Medicare. If you delay enrollment, you may face gaps in coverage and enrollment penalties.  Most plans with Medicare prescription drug coverage (Part D) have a coverage gap (called a “donut hole”).  That means that after you and your drug plan have spent a certain  amount of money for covered drugs, you have to pay all costs out-of-pocket for your prescriptions up to a yearly limit.  Once you have spent up to the yearly limit, your coverage gap ends and your drug plan helps pay for covered drugs again.
  • Medigap or Medicare Supplement Insurance is an additional health insurance policy you can buy from a private insurer to help pay some of the costs not covered by Medicare Part A and Part B, including deductibles, coinsurance and health care if you travel outside the U.S. Medigap policies do not cover prescription drugs, dental, vision, hearing aids, private nursing care or long-term care. There are 10 types of Medigap plans available in most states.

When to Sign Up for Medicare

For most people, signing up for Medicare occurs during a 7 month initial enrollment period(IEP).   The IEP starts 3 months before you turn age 65 and continues for 3 months after your birthday. You may be eligible sooner if you have a disability, End-Stage Renal Disease (ESRD), or ALS (also called Lou Gehrig’s disease).

During the IEP, you can sign up for Medicare Part A.  Even if you are still working after you turn 65, you should consider signing up for Part A now.  If you’ve worked and paid Medicare taxes, it comes at no cost to you and covers hospital services.

You can join, switch, or drop a Medicare Health Plan or a Medicare Advantage Plan (Part C) with or without drug coverage during these times:

  • Initial Enrollment Period – When you first become eligible for Medicare, you can join a plan.
  • Open Enrollment Period – From October 15 – December 7 each year, you can join, switch, or drop a plan.
  • Medicare Advantage Open Enrollment Period – From January 1 – March 31 each year, if you’re enrolled in a Medicare Advantage Plan, you can switch to a different Medicare Advantage Plan or switch to Original Medicare (and join a separate Medicare drug plan) once during this time.

Let’s be honest, no one gets too excited about enrolling in Medicare, but the more you know, the easier it is.  Being prepared for life’s unexpected twist and turns and keeping up with your health care is more important than ever.  By understanding the ABC’s of Medicare, you are empowering yourself for your future!

Other Helpful Resources Include:

Understanding Medicare’s Options: Parts A, B, C and D

What is Medicare?

An Overview of Medicare

Johnson & Dugan Named Mployer Advisor Top Employee Benefits Consultant

Johnson & Dugan Named Mployer Advisor Top Employee Benefits Consultant

by | Oct 4, 2021 | Employee Benefits, Johnson & Dugan News

 

Johnson & Dugan recognized as a 2021 Top Employee Benefits Consultant for the San Francisco Bay Area by Mployer Advisor

Redwood City, CA September 30, 2021 – Johnson & Dugan Insurance Services, an independent employee benefits consultant, is recognized by Mployer Advisor, an independent platform for employers to research, review and evaluate insurance brokers, as a Top Employee Benefits Consultant Award for 2021 for San Jose, California. Mployer Advisor’s Top Employee Benefits Consultant Award recognizes brokers for demonstrating market-leading competencies in several areas.

“Who an employer chooses as their insurance advisor has significantly more impact on the quality and cost of a benefit plan than who they chose as the carrier. We are proud to honor these firms who have demonstrated a wide range of experience in combination with positive employer feedback on service and quality,” said Brian Freeman, CEO of Mployer Advisor.

“I am personally very proud of this industry recognition. We have always strived to provide strategic benefit plans, tailored to each employer partner, with the highest customer satisfaction,” comments Michael Johnson, CEO. “Our team serves over 180 organizations in the Northern California region.  We have seen a significant need for our services as organizations continue to reemerge after the pandemic”, Michael Johnson continued.

To determine award winners, Mployer Advisor analyzes each brokerage based on historical data to gauge the range of business experience across employer sizes, industry experience and products, combined with employer ratings and reviews of insurance brokerages across several platforms. Results are a snapshot of Mployer Advisor’s matrices and proprietary M Score on May 31, 2021.

About Johnson & Dugan:

Since 1983, Johnson & Dugan’s highest priority has been to make it easy for any company to expertly plan and administer their employee benefits plans.

Unlike other employee benefits consulting firms, J&D does not deliver one-size-fits-all solutions — our team works with each client to deliver the right mix of expertise, products, services and support based on the scope of their needs — with the flexibility necessary to adapt to organizational changes.

Contact: info@johnsondugan.com

About Mployer Advisor:

Mployer Advisor is changing the way employers search, evaluate and select insurance advisors. Our goal is to connect employers and employees to great benefits and insurance. We do this by providing employers with actionable data to easily evaluate and select the best advisor for a company’s unique needs. Mployer Advisor provides independent ratings of insurance advisors to support employers. The rating is our opinion and should be one of many factors, including when selecting a consultant. An insurance brokerage cannot pay to influence their Mployer Advisor rating. Most brokerages have a profile on Mployer Advisor. Only highly rated brokerages are allowed to advertise on the platform. To learn more about Mployer Advisor visit https://mployeradvisor.com.

Open Enrollment: Looking Backward to Plan Forward

Open Enrollment: Looking Backward to Plan Forward

by | Sep 21, 2021 | Employee Benefits, Open Enrollment

When the autumn leaves fall and the weather turns cooler, we know it’s time to start thinking of open enrollment. Open enrollment season can be a confusing time. As you begin your research into which plan to choose or even how much to contribute to your Health Savings Account (HSA), consider evaluating how you used your health plan last year. Looking backward can help you plan forward to make the most of your health care dollars for the coming year.  Here’s what you need to know about your workplace benefits to maximize them:

1).  Know the Open Enrollment Dates

It is up to you to make sure you take advantage of the open enrollment period. Be sure you know when your company has open enrollment because it can be your only time to adjust benefits for the coming year.

2).  Evaluate Your Current Benefits

Before open enrollment starts, review the benefits you currently are receiving. Your pay stub can be an excellent resource to find this information; you should be able to find the benefits you are paying for under the deductions or withdrawals section.  Standard deductions might include medical insurance, dental insurance, 401(k) contributions, life insurance, vision insurance, long- term disability insurance, health savings account or flexible spending account contributions, and accidental death and dismemberment insurance.  Review those deductions to make sure you know what you’re paying for and whether you actually used the benefits.

3).  Ask These Questions to Decide What Benefits You Need

Everyone’s situation is different, but most employees should have at least medical, dental and vision insurance and make contributions to a 401(k) or similar workplace retirement savings account.

When evaluating your benefits package, consider what your needs will be or what life changes you can expect for the coming year:

  • Do you have a medical condition that requires ongoing care such as diabetes or heart disease?
  • Are you trying to get pregnant or are expecting a baby?
  • Are you getting married (or divorced)?
  • Is your child turning 26 and can no longer be covered under your health insurance?
  • Does your significant other have coverage, or will you need to include your partner in your health coverage?
  • Are you on track for retirement, or do you need to save more? Don’t forget to take advantage of your company match in your retirement account. This is free money for the future.

All of these are essential questions to ask yourself during the open enrollment season because they can make a difference in what benefits you choose to elect.  As you browse the different options, analyze the type of treatment and the amount of treatment you have received in the past. You cannot foresee every expense but focusing on the trends will help you make a sound decision.

4). Compare Out-of-Pocket Cost

Much like health networks, out-of-pocket costs are crucial when choosing the right plan for you and your family. Most health benefits summaries should highlight the amount you will pay in out-of-pocket expenses, including the pocket limit.

Your goal in comparing out-of-pocket costs is to narrow down the plans that pay a higher percentage of your medical expenses and offer higher monthly premiums. These types of plans are suitable for you if:

  • You need emergency care frequently
  • You are planning to have surgery soon
  • You often see a primary care physician
  • You have a pre-existing condition or have been diagnosed with a chronic disease like cancer or diabetes
  • Your household income is sufficient to cover the monthly premiums

5).  Do the Math

People focus on the monthly premium, but you also need to look at the deductible. For instance, if you have a choice between a lower silver plan premium of $345 a month for a plan with a $5,500 deductible, and a higher gold plan premium at $465 a month with a $1,750 deductible, you’re better off with the second plan if you anticipate needing more than $1,500 in medical care. With the second plan, your total annual cost for the premium and deductible comes to $7,330, a $2,310 savings over the lower premium plan.

6).  Look at Out-of-Pocket Costs

The deductible is just one out-of-pocket expense; you also have copayments and coinsurance. The three together are your maximum out-of-pocket costs. Under the Affordable Care Act, the maximum out-of-pocket limit is $8,550 for a single person and $17,100 for a family policy.

7).  Utilize Tax-Free Benefits

Flexible spending accounts (FSAs), health savings accounts (HSAs), and dependent care spending accounts provide wonderful tax advantages because contributions are made with before-tax income.  They can be used to pay for deductibles, prescriptions and health-related costs that are not covered by your insurance (braces, eyeglasses, etc.). At the end of the year, you lose any money left over in your FSA so it’s important to plan carefully and not put more money in your FSA that you think you’ll spend.  However, with an HSA, funds roll over from year to year which makes it a great way to save for future medical costs.

8).  Review the Provider List

Most health plans today have “in-network” providers. If you see those doctors and visit those hospitals, you pay less out of pocket than if you go outside the network. So, if you want to keep your own doctor and go to a certain hospital, make sure they’re on the provider list.

When it comes to choosing the best workplace benefits plan for you, education is your most significant defense against making substantial financial mistakes, including not taking full advantage of your employer’s benefits.  If you have questions about any of the benefits offered, ask your HR department for help or clarification.  And remember, looking backward on your past habits and expenses can be an important tool to help you plan forward for next year.