Cybersecurity & You

Cybersecurity and the security and protection of your personal data are a top priority for LASERS. In addition to our own security measures in place, we encourage all of our members to practice personal data security as well.

In today’s digital age, it is essential to have a basic understanding of best practices to protect your accounts from online attackers. Check out our latest cybersecurity news, how to report fraud, and external resources below.

How LASERS Protects Your Data

Cybersecurity and the security and protection of your personal data is a top priority. Considering the increase in data breaches, it is an ideal time to reassure you about the rigorous measures LASERS has in place to protect your personal data. Here are some of the mechanisms in place at LASERS to help safeguard your data:

  • Limited Employee Access: At LASERS, member information is only accessible to employees with a legitimate business reason to access this information. Our ‘least privilege’ policy ensures minimal internal exposure of your personal data, minimizing the risk of internal breaches.
  • Data Encryption: We use a secure encryption process for all information transmitted to and from LASERS. This transforms your data into secure code that can only be interpreted by authorized systems, adding an essential layer of protection.
  • Frequent Security Audits and Assessments: LASERS regularly conducts internal and external audits to ensure our systems meet or exceed industry security standards. We continuously assess and improve security measures to keep up with evolving threats.
  • Employee Training: Our staff is our first line of defense. Every member of the LASERS team receives ongoing training in data security and privacy to ensure they are aware of best practices and emerging threats.
  • Advanced Security Measures: Our security measures include physical and technological tools designed to prevent unauthorized access to your information. We utilize state-of-the-art IT infrastructure designed to protect sensitive data. These measures include robust firewalls, anti-virus protection, and real-time monitoring of our systems. Our systems are regularly updated to keep them secure from the latest threats and vulnerabilities.

We encourage all of our members to practice personal data security as well. This includes regularly changing your passwords, avoiding suspicious emails or links, and monitoring your personal accounts for any irregular activity.

Answers to FAQs

Passwords play a crucial role in securing our digital lives.

  • Use unique strong passwords and a password manager. If one site is compromised, you don’t want those credentials to allow access to other sites.
  • Use  multi-factor authentication (MFA) wherever possible. If a password is compromised, the bad actor would still need the other factor to access your account.
  • Use Authentication Apps rather than texts. It is possible for your texts to be compromised, but an Authentication App makes it that much harder for the bad guys. Don’t forget to have your Authentication Apps backed up!

Click with caution! Being in a hurry can cost you.

  • Do not click on links in emails or open attachments from unfamiliar senders. Never just assume. Hover over the link to see where it is really taking you.
  • Be careful when entering personal information on unfamiliar websites. Password Managers help here, they will not offer to fill the password at a strange site.
  • Always look for secure internet sites (make sure it starts with HTTPS://).
  • Use an antivirus and malware program on your computer and it is up to date.

Cybersecurity extends to your smartphone.

  • Getting a call from a number you don’t recognize? Let it go to voicemail. They will leave a message if it is important.
  • If you do answer and the caller is trying to rush you or scare you, take your time to validate what they are telling you. Never give them ANY personal information or access to anything.
  • Most SMS (text) based attacks use something you want to click on as bait – a prize, a way to save money, anything they can use to entice you to click the malicious link.

A VPN, or virtual private network, can help protect your online privacy and security by encrypting your data and hiding your IP address. This can help prevent others from monitoring your activity, such as your ISP, hackers, or other online snoops. VPNs can also help you bypass internet restrictions, such as firewalls at work or school, or internet censorship in certain countries.

Public Wi-Fi can be dangerous because it is often unsecured and vulnerable to attack.

Here are some of the risks:

  • Malware: Hackers can use public Wi-Fi to install malware on your device without you knowing. Malware can harm your device or steal your information.
  • Data breaches: Hackers can exploit vulnerabilities in unsecured networks to gain access to your device’s stored information.
  • Session hijacking: Attackers can eavesdrop on unencrypted messages, including session IDs and login details, to access sensitive accounts.
  • Identity theft: Online criminals may set up similar Wi-Fi networks to trick you into connecting to them.
  • Snooping: Other people on the same network can eavesdrop on your connection and sniff your traffic.

The public library is a much better option than using a business’s free Wi-Fi offering. However, an even better option is to use your phone as a hot spot so you are in control of the internet connection.

Using your phone as a hot spot allows you to browse with your own private cellular data, rather than using a public Wi-Fi connection. This will help ensure that there are no bad actors with access to your data.

Your cell phone’s hot spot is comparable to your home internet, it is normally just a little slower.

  • Romance scam: Criminals pose as interested romantic partners on social media or dating websites to capitalize on their elderly victims’ desire to find companions.
  • Tech support scam: Criminals pose as technology support representatives and offer to fix non-existent computer issues. The scammers gain remote access to victims’ devices and sensitive information.
  • Grandparent scam: A type of confidence scam where criminals pose as a relative—usually a child or grandchild—claiming to be in immediate financial need.
  • Government impersonation scam: Criminals pose as government employees and threaten to arrest or prosecute victims unless they agree to provide funds or other payments.
  • Sweepstakes/charity/lottery scam: Criminals claim to work for legitimate charitable organizations to gain victims’ trust. Or they claim their targets have won a foreign lottery or sweepstake, which they can collect for a “fee.”
  • Home repair scam: Criminals appear in person and charge homeowners in advance for home improvement services that they never provide.
  • TV/radio scam: Criminals target potential victims using illegitimate advertisements about legitimate services, such as reverse mortgages or credit repair.
  • Family/caregiver scam: Relatives or acquaintances of the elderly victims take advantage of them or otherwise get their money.

AI voice scam works by utilizing artificial intelligence to replicate voices. With deep learning algorithms, it’s easy to impersonate someone’s voice, making fraudulent calls appear genuine. Scammers exploit this technology to trick individuals into disclosing sensitive information or sending money.

Awareness if half the battle. Here are some helpful tips to keep yourself safe:

  • Recognize scam attempts and end all communication with the perpetrator.
  • Search online for the contact information (name, email, phone number, addresses) and the proposed offer. Other people have likely posted information online about individuals and businesses trying to run scams.
  • Resist the pressure to act quickly. Scammers create a sense of urgency to produce fear and lure victims into immediate action. Call the police immediately if you feel there is a danger to yourself or a loved one.
  • Be cautious of unsolicited phone calls, mailings, and door-to-door services offers.
  • Never give or send any personally identifiable information, money, jewelry, gift cards, checks, or wire information to unverified people or businesses.
  • Take precautions to protect your identity if a criminal gains access to your device or account. Immediately contact your financial institutions to place protections on your accounts, and monitor your accounts and personal information for suspicious activity.

Report Fraud Immediately

LASERS takes a proactive approach to combating fraud affecting our System. Fraudulent activity is unacceptable. If you suspect any retirement-related fraud, please report it to LASERS using the options below. 

Report an Individual | Report an Agency

Protect Yourself from Phishing Attacks

Phishing attacks are very common and, unfortunately, are one of the most dangerous forms of cybersecurity threats.

View tips to help keep you safe from phishing.

Glossary of Terms

  • Cybersecurity: Measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack.
  • Data Breach: A security incident where information such as passwords, email addresses, social security numbers, and credit card details are accessed without authorization and often used to commit crimes such as identity theft and fraud.
  • Encryption: The process by which organizations protect data from unauthorized use or access by scrambling it to make it unreadable.
  • Malware: Software that is designed to interfere with a computer’s normal functioning and that can be used to commit cybercrime.
  • Phishing: The practice of tricking Internet users (as through the use of deceptive email messages or websites) into revealing personal or confidential information which can then be used illicitly.
  • Ransomware: A malware designed to deny a user or organization access to files on their computer.
  • Virus: A type of malicious software, or malware, that spreads between computers and causes damage to data and software.
  • Vishing: The fraudulent practice of making phone calls or leaving voice messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as bank details and credit card numbers.

External Resources