Cyber Security Update

Over the last few months, it is likely that each of us knows someone who has been – or have ourselves been – the target of a cyber threat. Attacks such as the WannaCry virus in May, the Equifax breach disclosed in early September, the breach of the SEC’s electronic data gathering system disclosed last week, or the impersonation scams propagating in our own email boxes are a sign of the times.


GMAG takes cyber security very seriously and we have established internal systems and procedures to help safeguard the assets and personal information of our clients.


Our approach is very straightforward:

  • We work hard to understand the current and emerging environments that affect us and our clients.
  • We adjust our processes as needed, based upon what we are seeing and what we can control.
  • We keep our clients informed.


As part of our efforts to protect our clients, we maintain policies which are designed to:

  • Safeguard our clients’ assets by verifying with whom we are communicating relating to account requests such as money movement.
  • Safeguard our clients’ information by providing or receiving account information in a secure manner, and only that information which we have authority to receive.


When it comes to cyber security, our best advice for our clients is to:

  • Be aware of the activity in your accounts – monitor your account activity regularly and report suspicious activity.
  • Protect your information – change your passwords regularly, never send social security numbers, financial account numbers, or your user id’s and passwords in email, unless the email is encrypted.
  • Be aware of illegitimate emails – make sure emails you receive have originated from a legitimate source.  Impersonation scams (email spoofing) forge email headers so that the message appears to have originated from someone or somewhere that you trust so that you will open them.  Take a close look at the spelling of sender emails addresses and website names imbedded in emails.  If you are unsure, do not respond, forward, or open attachments in the email.  Instead, phone the person or organization first to confirm the communication is legitimate.
  • Familiarize yourself with GMAG’s “How to Respond to a Data Breach” guide. In this publication, there are practical steps for clients to take including ordering credit reports, freezing credit files, and reporting fraudulent activity.




Given the scope of the recent Equifax breach, we suggest you monitor the latest information available on Equifax’s website: You can find out if your personal information was exposed on this website and sign up for one year of free credit monitoring and other services from Equifax.


For more information, you can also visit the Federal Trade Commission’s website dedicated to the Equifax breach: The Equifax Data Breach: What to Do.


We are all in this together. GMAG is watchful and protective over your assets and information and we very much want you to be as vigilant and mindful.


Please let us know if we can connect you with any further resources.