Where is the next Cyber Security Threat?

Matt Loadwick
Post written: April 2026 • Post published: April 2026
2 min read

Fears emerging AI model could threaten the security of financial systems

We live in a world that’s still very much getting to grips with generative AI, a technology that may offer transformative possibilities for humanity. The potential opportunities are often promoted, from accelerating the curing of diseases, scientific discovery, or optimising global systems.

Of course, there are also threats posed by this emerging technology, particularly whilst it’s in its relative infancy, as we seek to understand its potential.

This week, finance ministers and central bankers across the world have expressed serious concerns about an emerging AI model – Claude Mythos (by Anthropic), due to its perceived potential to undermine the security of financial systems. The model has found vulnerabilities in major operating systems, and there are concerns that its ability to identify and exploit weaknesses in cyber-security systems are unprecedented.

Whilst it is understood that further testing is needed to better understand its capabilities, what is already known about Mythos has been sufficient to make it a major topic of concern at the International Monetary Fund (IMF) meeting in Washington DC earlier this week. One minister went as far as to compare the threats of the model to the ongoing situation at the Straits of Hormuz, where recent events have shone a light on the importance of this location to the stability of the global economy.

I am far from an expert in AI, and like many others I often find myself feeling like a powerless on-looker, excited by its opportunities, but also concerned by its threats. In financial services, we often focus on the opportunities of growth through investment, but stories such as this remind us about the equal importance of security and protecting what we have.

Amidst the threats, Anthropic have not yet released the model to the public. Major banks have instead been given access to the model to test it against their systems – providing reason for hope that vulnerabilities will be identified, and systems fortified to shore up the security of our increasingly interconnected global financial systems.

Here at Solomon’s, we have been researching and trialling a number of AI tools, but have yet to find any that we feel will enhance your experience as our clients; but we are still on the lookout! In terms of the security of our systems, we are very careful to ensure that any ‘tech’ we use has been robustly vetted by our IT team. We only deploy tools that have passed our due diligence checks to ensure the safety of your data and the integrity of our processes. If you have any questions or concerns on any of this, please do not hesitate to drop us a line.

Your Feedback & Any Questions:

Email to [email protected] with the blog Post Title in the Subject Line

Please share this with a friend

SHARE VIA EMAIL

BACK TO ALL BLOGS

WARNING ABOUT EMAIL & WEB SCAMS

TODAY’S BLOG

WARNING ABOUT EMAIL AND WEB SCAMS

I asked Steve Hayward to put together a piece for me about being safe on your computer. Here are his thoughts and top 10 tips to keep you safe at a time when more of us are working from home and criminals are ever industrious. Steve…

Let’s be honest – internet security is dull topic. We seldom hear about cybercrime and data theft anymore, largely because people are more tech aware and we have relaxed our vigilance because our email providers do such a good job of filtering out unwanted spam. Likewise, web protection is built into our browsers and so we seldom need to concern ourselves with malicious code, hidden redirects, and aggressive popups. However, we cannot afford be too complacent when using any internet service as people are still being scammed and defrauded in their thousands.

A sceptical awareness has never been more important now that we find millions of people either working from home or in isolation, with only our access to the internet to keep us feeling connected to others. Cybercriminals are creative and they are making every use of this new opportunity to identify our vulnerabilities. So, here are my top 10 simple rules and best-practices to live by when using the internet:

TOP TEN TIPS FOR GOOD PRACTICE

1) Be suspicious. Have a general scepticism bubbling away in the background with everything you do on the internet.

2) Always use strong passwords but don’t only rely on them. Never use the same password for every application and service you use. Keeping track of your passwords can be tough and so use a decent password manager. These applications generate strong passwords and store them for you in an encrypted vault. They will also manage other credentials and sensitive data, like financial card information. They will also sync across all your devices. Look for applications like LastPass, 1Password, Bitwarden, Dashlane, Keeper, or KeePassXC.

3) Always use two-factor or three-factor authentication and/or biometric security when it’s available. A simple username and password is not enough – especially for important services like online banking and buying and selling. The first tier of authentication is your username and password for that service; the second tier is an additional authentication, such as an SMS text message to your phone with a login code or PIN. Also, try to use services that require a fingerprint or face/voice recognition.

4) Phishing. This is the big one that still gets people because the emails seem genuine and may not be caught by a spam filter. A phishing email is used to get you to log on (or attempt to log on or perform a password reset or confirm your bank details) by pretending to be from a source you trust, such as your bank or a retailer. This is a good time to re-read best-practice #1. If you ever receive an unexpected email informing you of a security incident or one that’s asking you to reset your password or confirm a detail of any kind, ignore it and mark it as spam. Check the sender email address. Does it look genuine? You’ll often find that an email that pretends to be from Microsoft, will not be sent from the expected [email protected] email address (for example), but rather from something bizarre like [email protected]. I don’t know about you, but I’ve never heard of Blamfeutter from Russia – and neither have you. Delete it and mark it as spam. If ever in doubt, call the company that you believe may be trying to contact you.

5) Never open attachments unless you completely trust the sender. Even then, glance at the type of file you’ve been sent before you just click on it. Is it a Word document, an Excel spreadsheet, a JPG photo, or a PDF document? If so, then chances are it’s okay. Is it a document type you don’t recognise? If so, don’t open it. Check with the sender first.

6) Anti-virus. If you are using a PC at home, make sure you have a security suite installed. There are plenty of good free versions like AVG, Avast, Avira, and Bitdefender.

7) Public Wi-Fi is never secure. Be extremely sensitive about what you do from your laptop or phone via the Wi-Fi of your favourite coffee shop. NEVER do a financial transaction. NEVER log on to PayPal or any other internet banking system. Write documents and send emails, that is all.

8) Stop clicking the Unsubscribe option at the bottom of an unwanted email. You cannot guarantee where that hyperlink will take you. Simply mark the email as spam instead.

9) Facebook and other social-media. There are so many ‘interesting’ posts on Facebook that act as bait for your click. Your click will often be redirected and a hidden piece of code will be run that will cause you to ‘like’ a Facebook page without your consent or may lead you to survey sites that are profitable for the criminals involved. Facebook, Google, Amazon, and Twitter alone hold an enormous amount of your data. Criminals are very interested in getting hold of this data – especially when there is a good chance the email and password you use to log on will also be used by you for numerous other accounts elsewhere. They will also have access to your address, your family details, your mobile number, and (likely) your credit card, what you buy and when, your movements and whereabouts from moment to moment, and what you ate for supper last night.

10) Keep your software up-to-date. Turn on automatic updates so that your browsers like Chrome and Firefox get regular automatic security updates.

At Solomons we have a securely encrypted portal, this is the best way to communicate with us about anything that is data-sensitive. If you have not already done so, please register for our portal. We advise watching our short video first which is below.

Now head over to any page of our site, where it says CLIENT LOGIN (top right) or use this link:

CLICK HERE TO REGISTER FOR OUR PORTAL

Dominic Thomas
Solomons IFA

You can read more articles about Pensions, Wealth Management, Retirement, Investments, Financial Planning and Estate Planning on my blog which gets updated every week. If you would like to talk to me about your personal wealth planning and how we can make you stay wealthier for longer then please get in touch by calling 08000 736 273 or email [email protected]

GET IN TOUCH

Solomon’s Independent Financial Advisers
The Old Mill Cobham Park Road, COBHAM Surrey, KT11 3NE

Email – [email protected]
Call – 020 8542 8084

7 QUESTIONS, NO WAFFLE

Are we a good fit for you?

Take Survey

PRIVACY POLICY | DATA PROTECTION