Cybersecurity awareness: 4 spooky stories that could haunt your money

Cybersecurity awareness: 4 spooky stories that could haunt your money


Does the thought of someone charging hundreds or thousands of dollars to your credit card without your knowledge send shivers up your spine? What about the notion of someone taking out a loan in your name? Those haunting scenarios are unfortunately becoming more common. That’s why cybersecurity awareness is more important than ever.

What is cybersecurity awareness?

Cybersecurity awareness is about staying educated regarding different cybersecurity threats. To help the public stay informed about cybersecurity issues, the United States government declares each October to be Cybersecurity Awareness Month. While this month certainly plays an important role in boosting public awareness, cybersecurity awareness should be something we are mindful of year-round.

Easy ways to demonstrate cybersecurity awareness all year include:

  • Using strong passwords and keeping them secure
  • Turning on multi-factor authentication (MFA)
  • Recognizing common phishing signs and reporting them
  • Updating software regularly across all of your devices

Another important component of cybersecurity awareness is learning more about the security practices of the different companies you work with in person and online. As you click on different websites, it’s possible to leave digital breadcrumbs that an identity thief can use to steal your information and wreak havoc on your finances.

To help you see why cybersecurity awareness is important all year, let’s explore four real-life scenarios.

1. Mind your passwords

Remembering all of your unique passwords requires a lot of mental bandwidth. As a result, many people use online password managers. Kelan Kline of The Savvy Couple was no different. Kline was recently subject to a data breach, and both Kline’s personal and business passwords were compromised. Kline says it was incredibly unsettling to worry about who may have been able to gain access to his accounts.

Cybersecurity awareness takeaway

Kline realized that he and his wife should change their passwords regularly. He took the data breach as an opportunity to change and strengthen his passwords. Additionally, he made sure to turn on multi-factor authentication features. Multi-factor authentication prompts users to enter security tokens that they receive via text or email or use biometric factors, such as face scans.

Kline says MFA is important because even if someone used one of his compromised passwords, he still had another line of defense.

2. Be cautious of links & social scams

When we have issues with brands and the services they provide, many of us take to social media to voice our complaints. That’s exactly what CPA Anne Lyse Ngatta from Dream of Legacy did when she was double charged by an airline.

After tweeting out her complaint, the airline responded (or so she thought). Ngatta says that someone responded to her complaint, asking her to follow up first in messages and then by phone. She says, “Luckily, my scam radar was on, and I didn’t click the link they sent. If I had, they probably would have access to my information or phone.”

Cybersecurity awareness takeaway

This experience on X, formerly known as Twitter, reminded Ngatta of two important cybersecurity measures. Always be cautious when dealing with links. Make sure you trust the sender, and when in doubt, don’t click it.

Additionally, know that social media can sometimes be rife with scammers. Ngatta says that when she went back to her original post, she noticed that the impersonator who contacted her was using a slightly different account with an extra “.” in the handle.

3. Use multi-factor authentication

Do you do any kind of online banking? Turn on your multi-factor authentication. Just ask Jim Wang of Wallet Hacks why MFA (sometimes called two-factor authentication, or 2FA) is so important.

Wang recalls that he started getting 2FA text messages plus a phone call from his brokerage company Wang asked for a follow-up phone call. He says he learned “my account was flagged for repeated unauthorized logins and would be locked until it could be sorted out.” Thankfully, the scammer never accessed his account, but this was enough of a reminder for him to always use MFA.

Cybersecurity awareness takeaway

In addition to using multi-factor authentication, Wang’s spooky story taught him something else: Don’t reuse usernames. He knew not to recycle passwords. But he also realized that if someone had his username for one account, they could likely gain access to others.

4. Safeguard financial details

What started out as a suspected spam call got a whole lot worse for Larry Ludwig. Ludwig says, “I got a call from my brokerage firm that my account was hacked and needed to verify my information.”

Though he initially wanted to believe this was a scam call, he later learned his account was compromised. An identity thief was able to log in, change his account information, and initiate a transfer. Thankfully, “these events were flagged by my brokerage firm, who then proceeded to call me the following Monday morning,” Ludwig says. Though he doesn’t know exactly how this happened, he suspects it happened when he submitted all of his financial details to a mortgage broker a few weeks earlier.

Cybersecurity awareness takeaway

Ludwig encourages everyone to turn on multi-factor authentication and also look into other security features that are available with any financial institution you use.

Final thoughts

With so much of our financial lives are conducted online, cybersecurity isn’t just something to be mindful of during the spookiest time of year. Maintain your awareness year-round by protecting your passwords through tools like multi-factor authentication and being cautious about links on social and email.




Andy Hill, AFC®


Andy Hill, AFC®, is the award-winning family finance coach behind Marriage, Kids, and Money, a platform dedicated to helping young families build wealth and happiness.

Author is not a client of Empower Advisory Group, LLC, and is compensated as a freelance writer.

The content contained in this blog post is intended for general informational purposes only and is not meant to constitute legal, tax, accounting or investment advice. You should consult a qualified legal or tax professional regarding your specific situation. No part of this blog, nor the links contained therein is a solicitation or offer to sell securities. Compensation for freelance contributions not to exceed $1,250. Third-party data is obtained from sources believed to be reliable; however, Empower cannot guarantee the accuracy, timeliness, completeness or fitness of this data for any particular purpose. Third-party links are provided solely as a convenience and do not imply an affiliation, endorsement or approval by Empower of the contents on such third-party websites.

Certain sections of this blog may contain forward-looking statements that are based on our reasonable expectations, estimates, projections and assumptions. Past performance is not a guarantee of future return, nor is it indicative of future performance. Investing involves risk. The value of your investment will fluctuate and you may lose money.

Certified Financial Planner Board of Standards Inc. (CFP Board) owns the certification marks CFP®, CERTIFIED FINANCIAL PLANNER™, CFP® (with plaque design), and CFP® (with flame design) in the U.S., which it authorizes use of by individuals who successfully complete CFP Board's initial and ongoing certification requirements.