We no longer support this browser. Using a supported browser will provide a better experience.

Please update your browser.

Close browser message


Three Cybersecurity Trends to Watch Out for in 2023

Sophisticated phishing, vishing and ransomware campaigns could be aimed at a widening field of targets – but there are things you can do to protect yourself.

In recent years, there have been a number of innovative threats and expanding field of targets-and there are no indications that cybercriminals would slow down in 2023. Watch out for these trends and adopt these cybersecurity best practices to help protect yourself wherever you are.

1. Social engineering attacks are getting even more sophisticated.

  • Phishing attacks are no longer just simple emails mimicking communications from legitimate services. Cybercriminals are doing their research and sending highly convincing messages through varying messaging platforms, often supported by target information they've gathered from data breaches. For example, a cybercriminal can combine data from a compromised e-commerce retail site with information from social media to create customized, targeted attacks.
  • Cybercriminals also try to vish (a combination of the words “voice” and “phishing” conducted via telephone) by obtaining personal information or convincing you to install remote access tools that then deploy malicious software to gain entry into your network and data. “Vishers” can use the information and trust developed on these calls to launch effective cyberattacks, such as phishing.
  • Criminals are incorporating artificial intelligence (AI) in more polished phishing campaigns. Chatbots can be used to create full and convincing natural language phishing messages or fake job advertisements to support fraudulent campaigns. As language and video AI models advance, scammers could also be able to impersonate real people in real time with deepfakes, tricking victims into providing their financial and personal information. This is why it’s imperative to independently validate all requests for information, money or potential access to personal information.

2. Lucrative ransomware attacks could be used by more threat groups.

  • Ransomware groups are using innovative phishing tactics to gain a foothold within target companies. New extortion tactics and threats could be part of this year's push for more ransom payments.
  • Cybercriminals are also expanding the targets of their attacks to small and mid-size to large institutions.

 3. Supply chain attacks, data breaches and DDoS (Distributed Denial of Service) attacks could remain a threat.

  • Cybercriminals are finding ways to breach standard multi-factor authentication (MFA) technologies. Businesses and individuals using weak authentication methods are left vulnerable to data breaches and the loss of consumer information.
  • Open source code repositories are a valuable legitimate resource for technology teams, but cybercriminals have been known to upload malicious packages into such repositories as well. They want targeted developers to inadvertently download malicious code and infect downstream organizations.
  • World events have further complicated the threat landscape. Geopolitical conflict is acting as a catalyst for polarization of the criminal underground and an increasing number of attempts that include DDoS attacks.
  • As businesses are now so interconnected and reliant on one another for information and services, supply chain attacks or self-propagating malware that spreads beyond its intended target are also possible.

To help protect yourself from these potential threats, you can incorporate these practices into your day-to-day.

  • Keep your devices and your apps up-to-date. When using any software or application, it's always important to apply security patches and updates as soon as they become available. This ensures identified vulnerabilities are remediated in a timely manner.
  • Choose unique passwords and use multifactor authentication. Longer passwords are harder to break than shorter ones. Consider creating a passphrase and turn on multifactor authentication wherever it's available.
  • Be smart about social media. Don't share too much personal information on your social media accounts, and review the privacy controls.
  • Don't get phished. No matter how creative the phishing scam, common sense is your best defense. If something seems suspicious or doesn't feel right, then it probably isn't. Familiarize yourself with signs you should look out for in suspicious emails – and how to report them.
  • Back up your data. Use cloud based services or external hard drives to copy your important data to a separate location.

The information is provided for educational and informational purposes only and is not intended, nor should it be relied upon, to address every aspect of the subject discussed herein. The information provided is intended to help you protect yourself from cyber fraud. It does not provide a comprehensive list of all types of cyber fraud activities and it does not identify all types of cybersecurity best practices. You, your company or organization are responsible for determining how to best protect against cyber fraud activities and for selecting the cybersecurity best practices that are most appropriate to your needs.



This material is for informational purposes only, and may inform you of certain products and services offered by J.P. Morgan’s wealth management businesses, part of JPMorgan Chase & Co. (“JPM”). Products and services described, as well as associated fees, charges and interest rates, are subject to change in accordance with the applicable account agreements and may differ among geographic locations. Not all products and services are offered at all locations. If you are a person with a disability and need additional support accessing this material, please contact your J.P. Morgan team or email us at accessibility.support@jpmorgan.com for assistance. Please read all Important Information.


Securities-based lines of credit are extended at the discretion of JPMorgan Chase Bank, N.A. (“Chase Bank”) and Chase Bank has no commitment to extend a line of credit or make loans available to you under a line of credit. Any loan extended under a securities-based line of credit is subject to credit approval by Chase Bank and, if approved, the terms and conditions contained in definitive loan documentation governing the line of credit. Proceeds from a securities-based line of credit cannot be used to purchase, carry or trade securities. A line of credit collateralized by the securities in your investment account(s) involves certain risks and may not be suitable for all borrowers. Chase Bank assigns values to these securities and, at any time and without notice to you, may increase or decrease these values or change the eligibility of these securities as collateral. A decline in the value of these securities collateralizing your securities-based line of credit (whether due to a market downturn, market volatility or otherwise) directly impacts the amount of credit available to you and may require you to provide additional collateral and/or pay down your line of credit in order to avoid the forced sale of these securities by Chase Bank. The securities in your account may be sold to meet a collateral shortfall, and Chase Bank may sell your securities without contacting you. Some or all of the securities sold to meet a collateral shortfall may be sold at prices higher than their initial cost, which may result in adverse tax consequences. You should consult your tax advisor to fully understand the tax implications associated with pledging securities in connection with a loan. Please review these and other risks in more detail with your advisor, and make sure to read your line of credit documentation carefully so that you fully understand your obligations and the risks associated with this opportunity. An exercise of remedies by Chase Bank in connection with your securities-based line of credit may a ect the performance of your investment management or investment advisory account(s), and may cause such accounts to no longer conform to applicable investment guidelines. When selling securities, Chase Bank is not required to act in accordance with any fiduciary duty Chase Bank and its a liates might otherwise have as your investment manager or investment advisor. It is important to note that Chase Bank and its a liates may earn more if you borrow against your securities and other assets rather than liquidate assets to meet your cash needs. The Secured Overnight Financing Rate (“SOFR”) is a broad measure of the cost of borrowing cash overnight collateralized by U.S. Treasury securities. The SOFR is published by the Federal Reserve Bank of New York and is determined based on certain transactions in the U.S. dollar Treasury repo market. Since the SOFR is an overnight rate, it is published every Banking Day, but is e ective for the Banking Day prior to the date of publication. Refer to your definitive loan documentation for a definition of “Banking Day.” Because the SOFR is administered by the Federal Reserve Bank of New York, the Bank has no control over its determination, calculation or publication, and the Federal Reserve Bank of New York may alter the methods of calculation, publication schedule, rate revision practices or availability of the SOFR at any time without notice. The SOFR is a floating interest rate option, and changes in the SOFR can lead to a higher or lower cost of borrowing.


Check the background of Our Firm and Investment Professionals on FINRA's BrokerCheck

To learn more about J. P. Morgan’s investment business, including our accounts, products and services, as well as our relationship with you, please review our  J.P. Morgan Securities LLC Form CRS and  Guide to Investment Services and Brokerage Products.

This website is for informational purposes only, and not an offer, recommendation or solicitation of any product, strategy service or transaction. Any views, strategies or products discussed on this site may not be appropriate or suitable for all individuals and are subject to risks. Prior to making any investment or financial decisions, an investor should seek individualized advice from a personal financial, legal, tax and other professional advisors that take into account all of the particular facts and circumstances of an investor's own situation. 

This website provides information about the brokerage and investment advisory services provided by J.P. Morgan Securities LLC (JPMS). When JPMS acts as a broker-dealer, a client's relationship with us and our duties to the client will be different in some important ways than a client's relationship with us and our duties to the client when we are acting as an investment advisor. A client should carefully read the agreements and disclosures received (including our Form ADV disclosure brochure, if and when applicable) in connection with our provision of services for important information about the capacity in which we will be acting.


Equal Housing Opportunity logo

J.P. Morgan Chase Bank N.A., Member FDIC. Not a commitment to lend. All extensions of credit are subject to credit approval.

Investments in alternative investment strategies is speculative, often involves a greater degree of risk than traditional investments including limited liquidity and limited transparency, among other factors and should only be considered by sophisticated investors with the financial capability to accept the loss of all or part of the assets devoted to such strategies.

Borrowing with securities as collateral involves certain risks, including the possibility that you may need to deposit additional securities and/or cash in the account to meet a maintenance call, and that securities in the account may be sold to meet the maintenance call.  Proper management of your account and a thorough understanding of the conditions that may affect your investments will assist you in effectively using the margin lending program.​

J.P. Morgan Wealth Management is a business of JPMorgan Chase & Co., which offers investment products and services through J.P. Morgan Securities LLC (JPMS), a registered broker-dealer and investment adviser, member FINRA and SIPC. Insurance products are made available through Chase Insurance Agency, Inc. (CIA), a licensed insurance agency, doing business as Chase Insurance Agency Services, Inc. in Florida. Certain custody and other services are provided by JPMorgan Chase Bank, N.A. (JPMCB). JPMS, CIA and JPMCB are affiliated companies under the common control of JPMorgan Chase & Co. Products not available in all states.

Please read additional Important Information in conjunction with these pages.