One young beautiful young teenage girl using ATM machine and smart phone in the city


GT Communications


In recent years, there have been a number of innovative threats and expanding field of targets-and there are no indications that cybercriminals would slow down in 2023. Watch out for these trends and adopt these cybersecurity best practices to help protect yourself wherever you are.

1. Social engineering attacks are getting even more sophisticated.

  • Phishing attacks are no longer just simple emails mimicking communications from legitimate services. Cybercriminals are doing their research and sending highly convincing messages through varying messaging platforms, often supported by target information they've gathered from data breaches. For example, a cybercriminal can combine data from a compromised e-commerce retail site with information from social media to create customized, targeted attacks.
  • Cybercriminals also try to vish (a combination of the words “voice” and “phishing” conducted via telephone) by obtaining personal information or convincing you to install remote access tools that then deploy malicious software to gain entry into your network and data. “Vishers” can use the information and trust developed on these calls to launch effective cyberattacks, such as phishing.
  • Criminals are incorporating artificial intelligence (AI) in more polished phishing campaigns. Chatbots can be used to create full and convincing natural language phishing messages or fake job advertisements to support fraudulent campaigns. As language and video AI models advance, scammers could also be able to impersonate real people in real time with deepfakes, tricking victims into providing their financial and personal information.  This is why it’s imperative to independently validate all requests for information, money or potential access to personal information.

2. Lucrative ransomware attacks could be used by more threat groups.

  • Ransomware groups are using innovative phishing tactics to gain a foothold within target companies. New extortion tactics and threats could be part of this year's push for more ransom payments.
  • Cybercriminals are also expanding the targets of their attacks to small and mid-size to large institutions.

 3. Supply chain attacks, data breaches and DDoS (Distributed Denial of Service) attacks could remain a threat.

  • Cybercriminals are finding ways to breach standard multi-factor authentication (MFA) technologies. Businesses and individuals using weak authentication methods are left vulnerable to data breaches and the loss of consumer information.
  • Open source code repositories are a valuable legitimate resource for technology teams, but cybercriminals have been known to upload malicious packages into such repositories as well. They want targeted developers to inadvertently download malicious code and infect downstream organizations.
  • World events have further complicated the threat landscape. Geopolitical conflict is acting as a catalyst for polarization of the criminal underground and an increasing number of attempts that include DDoS attacks.
  • As businesses are now so interconnected and reliant on one another for information and services, supply chain attacks or self-propagating malware that spreads beyond its intended target are also possible.

To help protect yourself from these potential threats, you can incorporate these practices into your day-to-day.

  • Keep your devices and your apps up-to-date. When using any software or application, it's always important to apply security patches and updates as soon as they become available. This ensures identified vulnerabilities are remediated in a timely manner. 
  • Choose unique passwords and use multifactor authentication. Longer passwords are harder to break than shorter ones. Consider creating a passphrase and turn on multifactor authentication wherever it's available.
  • Be smart about social media. Don't share too much personal information on your social media accounts, and review the privacy controls.
  • Don't get phished. No matter how creative the phishing scam, common sense is your best defense. If something seems suspicious or doesn't feel right, then it probably isn't. Familiarize yourself with signs you should look out for in suspicious emails – and how to report them. You can always report phishing scams to the U.S. Federal Trade Commission.
  • Back up your data. Use cloud based services or external hard drives to copy your important data to a separate location.

The information is provided for educational and informational purposes only and is not intended, nor should it be relied upon, to address every aspect of the subject discussed herein. The information provided is intended to help you protect yourself from cyber fraud. It does not provide a comprehensive list of all types of cyber fraud activities and it does not identify all types of cybersecurity best practices. You, your company or organization are responsible for determining how to best protect against cyber fraud activities and for selecting the cybersecurity best practices that are most appropriate to your needs.


Connect with a Wealth Advisor

Our Wealth Advisors begin by getting to know you personally. To get started, tell us about your needs and we’ll reach out to you.

Connect now



This material is for informational purposes only, and may inform you of certain products and services offered by J.P. Morgan’s wealth management businesses, part of JPMorgan Chase & Co. (“JPM”). Products and services described, as well as associated fees, charges and interest rates, are subject to change in accordance with the applicable account agreements and may differ among geographic locations. Not all products and services are offered at all locations. If you are a person with a disability and need additional support accessing this material, please contact your J.P. Morgan team or email us at for assistance. Please read all Important Information.

Any views, strategies or products discussed in this material may not be appropriate for all individuals and are subject to risks. Investors may get back less than they invested, and past performance is not a reliable indicator of future results. Asset allocation/diversification does not guarantee a profit or protect against loss. Nothing in this material should be relied upon in isolation for the purpose of making an investment decision. You are urged to consider carefully whether the services, products, asset classes (e.g. equities, fixed income, alternative investments, commodities, etc.) or strategies discussed are suitable to your needs. You must also consider the objectives, risks, charges, and expenses associated with an investment service, product or strategy prior to making an investment decision. For this and more complete information, including discussion of your goals/situation, contact your J.P. Morgan representative.

NON-RELIANCECertain information contained in this material is believed to be reliable; however, JPM does not represent or warrant its accuracy, reliability or completeness, or accept any liability for any loss or damage (whether direct or indirect) arising out of the use of all or any part of this material. No representation or warranty should be made with regard to any computations, graphs, tables, diagrams or commentary in this material, which are provided for illustration/reference purposes only. The views, opinions, estimates and strategies expressed in this material constitute our judgment based on current market conditions and are subject to change without notice. JPM assumes no duty to update any information in this material in the event that such information changes. Views, opinions, estimates and strategies expressed herein may differ from those expressed by other areas of JPM, views expressed for other purposes or in other contexts, and this material should not be regarded as a research report. Any projected results and risks are based solely on hypothetical examples cited, and actual results and risks will vary depending on specific circumstances. Forward-looking statements should not be considered as guarantees or predictions of future events.

Nothing in this document shall be construed as giving rise to any duty of care owed to, or advisory relationship with, you or any third party. Nothing in this document shall be regarded as an offer, solicitation, recommendation or advice (whether financial, accounting, legal, tax or other) given by J.P. Morgan and/or its officers or employees, irrespective of whether or not such communication was given at your request. J.P. Morgan and its affiliates and employees do not provide tax, legal or accounting advice. You should consult your own tax, legal and accounting advisors before engaging in any financial transactions.

Legal Entity and Regulatory Information.

J.P. Morgan Wealth Management is a business of JPMorgan Chase & Co., which offers investment products and services through J.P. Morgan Securities LLC (JPMS), a registered broker-dealer and investment adviser, member FINRA and SIPC. Insurance products are made available through Chase Insurance Agency, Inc. (CIA), a licensed insurance agency, doing business as Chase Insurance Agency Services, Inc. in Florida. Certain custody and other services are provided by JPMorgan Chase Bank, N.A. (JPMCB). JPMS, CIA and JPMCB are affiliated companies under the common control of JPMorgan Chase & Co. Products not available in all states.

Bank deposit accounts and related services, such as checking, savings and bank lending, are offered by JPMorgan Chase Bank, N.A. Member FDIC.

This document may provide information about the brokerage and investment advisory services provided by J.P. Morgan Securities LLC (“JPMS”). The agreements entered into with JPMS, and corresponding disclosures provided with respect to the different products and services provided by JPMS (including our Form ADV disclosure brochure, if and when applicable), contain important information about the capacity in which we will be acting. You should read them all carefully. We encourage clients to speak to their JPMS representative regarding the nature of the products and services and to ask any questions they may have about the difference between brokerage and investment advisory services, including the obligation to disclose conflicts of interests and to act in the best interests of our clients.

J.P. Morgan may hold a position for itself or our other clients which may not be consistent with the information, opinions, estimates, investment strategies or views expressed in this document.  JPMorgan Chase & Co. or its affiliates may hold a position or act as market maker in the financial instruments of any issuer discussed herein or act as an underwriter, placement agent, advisor or lender to such issuer.