Category: Cyber-Security

Staying Safe Online – March 7, 2018

Don’t Share That!
Are you telling the bad guys useful information and might not even realize it or understand the implications?
Isn’t social media great? It allows you to interact with long lost friends and family not to mention your business network. “What’s the big deal? I posted my maiden name so my old friends can find me! Oh, and I’ve also helped my mom set hers up the same way. I even marked her as my mom, I also marked my aunt, cousins, kids, etc. as relatives.” Perhaps you took one of those fun surveys that ask you for personal information to share. Now everyone knows your favorite: store to shop, vacation destination, workplace, restaurant, teacher’s name, street you grew up on, first telephone number, color, as well as your dog’s name. Not to mention, you can easily boast about your excitement before boarding a flight to your awesome vacation and tag yourself when you get there!
Consider the treasure trove of information you’ve given the bad guys. You’ve given away a common security question’s answer; your mother’s maiden name. Additionally, you’ve also given someone trying to gain access to your personal data a good bit of telltale answers to likely security questions. Does everyone really need to know your favorite teacher’s name was Mr. Franklin, or your childhood street was Farmington Ave.? No. Regarding that big trip; most of your friends will ‘like’ your vacation status and photos just as much after you arrive home. Do you really want to tack up a big sign on the Internet that basically says: “I’m going to be 1,300 miles from home for the next 5 days …” for thieves to see? No.
It’s best to avoid sharing too much personal information with everyone, even if it appears as a harmless survey. Read closely, there’s usually something personally identifiable innocuously hidden amongst questions about your favorite food or color. Avoiding that “harmless repost” just might save your bank account from being compromised. Resist that temptation to tell everyone you’re just about to head to the Bahamas. That excitement isn’t worth coming home from vacation to find your personal property stolen, damaged, and ransacked.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – February 7, 2018

Several years ago, creating a cybersecure home was simple; most homes consisted of nothing more than a wireless network and several computers. Today, technology has become far more complex and is integrated into every part of our lives, from mobile devices and gaming consoles to your home thermostat and your refrigerator. Here are four simple steps for creating a cybersecure home.
Your Wireless Network
Almost every home network starts with a wireless (or Wi-Fi) network. This is what enables all your devices to connect to the Internet. Most home wireless networks are controlled by your Internet router or a separate, dedicated wireless access point. They both work the same way: by broadcasting wireless signals. The devices in your house can then connect via these signals. This means securing your wireless network is a key part of protecting your home. We recommend the following steps to secure it:
Change the default administrator password to your Internet router or wireless access point. (Whichever one is controlling your wireless network.) The admin account is what allows you to configure the settings for your wireless network.
Ensure that only people you trust can connect to your wireless network. Do this by enabling strong security. Currently, the best option is to use the security mechanism called WPA2. By enabling this, a password is required for people to connect to your home network, and once connected, their online activities are encrypted.
Ensure the password used to connect to your wireless network is strong and that it is different from the ad min password. Remember, you only need to enter the password once for each of your devices, as they store and remember the password.
Many wireless networks support what is called a Guest Network. This allows visitors to connect to the Internet, but protects your home network, as they cannot connect to any of the other devices on your home network. If you add a guest network, be sure to enable WPA2 and a unique password for the network.
Not sure how to do these steps? Ask your Internet Service Provider or check their website, check the documentation that came with your Internet router or wireless access point, or refer to their respective website.
Your Devices
The next step is knowing what devices are connected to your wireless home network and making sure all of those devices are secure. This used to be simple when you had just a computer or two. However, almost anything can connect to your home network today, including your smartphones, TVs, gaming consoles, baby monitors, speakers, or perhaps even your car. Once you have identified all the devices on your home network, ensure that each one of them is secure. The best way to do this is ensure you have automatic updating enabled on them wherever possible. Cyber attackers are constantly finding new weaknesses in different devices and operating systems. By enabling automatic updates, your computer and devices are always running the most current software, which makes them much harder for anyone to hack into.
The next step is to use a strong, unique password for each of your devices and online accounts. The key words here are strong and unique. Tired of complex passwords that are hard to remember and difficult to type? So are we. Use a passphrase instead. This is a type of password that uses a series of words that is easy to remember, such as “Where is my coffee?” or “sunshine-doughnuts-happy-lost”. The longer your passphrase is, the stronger. A unique password means using a different password for each device and online account. This way, if one password is compromised, all your other accounts and devices are still safe. Can’t remember all those strong, unique passwords? Don’t worry, neither can we. That is why we recommend you use a password manager, which is a special security program that securely stores all your passwords for you in an encrypted, virtual safe.
Finally, enable two-step verification whenever available, especially for your online accounts. Two-step verification is much stronger. It uses your password, but also adds a second step, such as a code sent to your smartphone or an app on your smartphone that generates the code for you. Two-step verification is probably the most important step you can take to protect yourself online, and it’s much easier than you think.
Sometimes, no matter how careful you are, you may be hacked. If that is the case, often the only way you can recover your personal information is to restore from backup. Make sure you are doing regular backups of any important information and verify that you can restore from them. Most mobile devices support automatic backups to the Cloud. For most computers, you may have to purchase some type of backup software or service, which are relatively low-priced and simple to use.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – January 10, 2018

The process of authentication, or proving who you are, is key to protecting your information, such as your email, social media, or online banking accounts. You may not realize it, but there are three different ways to prove who you are: what you know, such as a password, what you have, such as your driver’s license, and some part of you, such as your fingerprint. Each one of these methods has advantages and disadvantages.
Passwords Are No Longer Enough
Passwords prove who you are based on something you know. But if someone can guess or gain access to your password, they can then pretend to be you and access all of your information. Compromised passwords have become one of the leading causes for hacked accounts. This is why you are taught to use passphrases that are hard for others to guess, a different one for every account, and to never share your passwords with others. While this advice remains valid, passwords are no longer as effective. Luckily, there’s a simple and quick way to put you in control and keep your personal information safe. It’s called two-factor authentication.
What Is Two-Factor Authentication?
Two-factor authentication (also called two-step verification, multi-factor authentication, or 2FA) is far stronger than just using passwords by themselves. It works by requiring not one, but two different methods to prove you are who you say you are. A good example is your ATM card. When you withdraw money from an ATM machine, you are actually using two-factor authentication. To access your cash, you need two things: your ATM card (something you have) and your PIN number (something you know). If your ATM card is lost or stolen, others cannot withdraw your money without also knowing your PIN. A thief must have both
your ATM card and pin to make a withdrawal. Two-factor authentication uses the same concept.
How It Works
Two-factor authentication is widely available on most major banking, email, social networking, and other sites. In addition, most of these sites offer simple step-by-step instructions how to turn on two-factor authentication. Once you enable two-factor authentication, you can expect it to work like this. First, you log in to your account using your username and password, just as you always have. This is the first of the two factors–something you know. Then you will receive a unique code, often by text to your smartphone. You then enter that code into the login screen. This is the second of the two factors–you must have your phone to receive that code. Now your account is truly locked down. Even if a cybercriminal steals your password, they cannot access your account unless they also have your phone.
Instead of receiving the unique code via text messaging, you can install a special authentication app on your smartphone. This mobile app generates a unique code for you every time you want to log in. The advantage of using a mobile app is it is even more secure, since the code is generated through the app and not sent via text messaging. In addition, it is more convenient, since you do not need to be connected to a phone service to receive your unique code. The app is constantly generating new codes you can use to log in to your account.
While two-factor authentication may seem like more work at first, your personal information will be substantially more secure. Don’t wait until your accounts have been hacked; lock down your login by enabling two-factor authentication on your key accounts, such as email, banking, or social media, and enjoy a greater peace of mind knowing you are far more secure.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – November 22, 2017

 Shopping Online Securely
The holiday season is nearing, and soon millions of people around the world will be looking to buy the perfect gifts. Many of us will choose to shop online in search of great deals and to avoid long lines and impatient crowds. Unfortunately, this is also the time of year many cyber criminals create fake shopping websites to scam and steal from others. 
Fake Online Stores
While many online stores are legitimate, there are some fake websites set up by cyber criminals. Criminals create these fake websites by replicating the look of real sites or using the names of well-known stores or brands. They then use these fraudulent websites to prey on people who are looking for the best deal possible. When you search online for the absolute lowest prices, you may find yourself directed to one of these fake websites. When selecting a website to make a purchase, be wary of websites advertising prices dramatically cheaper than anywhere else or offering products that are sold out nationwide. The reason their products are so cheap or available is because what you will receive is not legitimate, may be counterfeit or stolen, or may never even be delivered. Protect yourself by doing the following:
When possible, purchase from websites that you already know, trust, and have done business with previously.
Verify the website has a legitimate mailing address and a phone number for sales or support-related questions. If the site looks suspicious, call and speak to a human. If you can’t get a hold of someone to talk to, that is the first big sign you are dealing with a fake website.
Look for obvious warning signs, like deals that are obviously too good to be true or poor grammar and spelling.
Be very suspicious if a website appears to be an exact replica of a well-known website you have used in the past, but its domain name or the name of the store is slightly different. For example, you may be used to shopping online at Amazon, whose website is But be very suspicious if you find yourself at websites pretending to be Amazon, such as
Type the store’s name or URL into a search engine and see what other people have said about the website in the past. Look for terms like “fraud.” “scam,” “never again,” or “fake .” A lack of reviews can also be a sign indicating that the website is very new and might not be trustworthy.
Before purchasing any items, make sure your connection to the website is encrypted. Most browsers show a connection is encrypted by having a lock and/or the letters HTTPS in green right before the website’s name.
Remember, just because the site looks professional does not mean it’s legitimate. If you aren’t comfortable with the website, don’t use it. Instead, find a well-known website you can trust or have safely used in the past. You may not find that absolutely amazing deal, but you are much more likely to end up with a legitimate product and avoid having your personal and financial data stolen.
Your Computer/Mobile Device
In addition to shopping at legitimate websites, you want to ensure your computer or mobile device is secure. Cyber criminals will try to infect your devices so they can harvest your bank accounts, credit card information, and passwords. Take the following steps to keep your devices secured:
If you have children in your house, consider having two devices, one for your kids and one for the adults. Kids are curious and interactive with technology; as a result, they are more likely to infect their own device. 
Always install the latest updates and run up-to-date anti-virus software. This makes it much harder for a cyber criminal to infect your device.
Your Credit Card
Regularly review your credit card statements to identify suspicious charges, especially after you used your cards to make many online purchases or used a new site. Some credit card providers give you the option of notifying you by email or text messages when charges exceed a set amount. Another option is to have one credit card just for online purchases. That way, if it is compromised, you can easily change the card without impacting any of your other payment activities. This is also why you want to use credit cards for all online purchases and avoid using debit cards whenever possible. Debit cards take money directly from your bank account, so if fraud has been committed, it can be far more difficult to get your money back. Finally, consider using credit cards that generate a unique card number for every online purchase, gift cards, or well-known payment services, such as PayPal, which do not require you to disclose your credit card number to the vendor.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – November 1, 2017

Staying Secure on Social Media
The number of scams and malware taking advantage of social media users and platforms is on the rise. Social media scams are easy to create and can target thousands of people at once due to how users interact with pages, posts, and contacts. Once your account is compromised, malicious actors can leverage it as a conduit to spread scams and malware to your network of friends or contacts. Facebook, Twitter, Linked In, and lnstagram are a few very common examples of social media sites where you or your account could be at risk. 
How to Identify and Prevent Attacks
Shortened URLs are a common tactic used by scammers to conceal where malicious links lead, since many social media sites have a character limit. A simple scam involves an email with links that are allegedly to posts you have been tagged in. The links will use a URL shortening services to hide the true link destination – a malicious site that can infect your device. To avoid this, do not click on shortened links in emails and social media messages you receive. Instead, copy and paste the shortened URL into a URL extender to see where you are really going and then choose to click or not. Additionally, never enter your login credentials in a website that you linked to from a social media post, message, or email. Malicious websites that look like the real thing are often used to steal login credentials to compromise accounts.
Fake coupons are another tactic scammers use commonly on social media platforms. The scammers create a fake coupon requiring you to click a link to download it and put the coupon on a malicious website that can infect your device with malware. Treat these with the same skepticism as other suspicious emails and messages.
Click baiting is another way a scammer can get your information or install malware on your computer. Click baiting is when there is a “teaser” to get you to click on the link. For instance, it might suggest a really interesting story (“you won’t believe what happened next”), challenge you (“I bet you can’t. .. ),” or promise a “giveaway” or “sweepstake.” With the sweepstakes and giveaways, the scammer creates a fake website giving away a product. They then post the link on social media, directing users to the website to take part in the giveaway. Once there, you may be prompted to enter information, thus exposing your personal data. The website may alternatively attempt to download malware onto your device.
One way to identify and avoid this type of scam is to look for spelling errors. Another way is to check and see if the website is affiliated with the company purportedly offering the giveaway. Additionally, ask yourself, is the prize too good to be true? Scammers frequently make the prize seemingly larger-than-life in order to attract as many people as possible.
Lastly, when using social media, avoid accepting friend requests from people you do not know. If accepted the scammers can use this to gain access to your personal information with the goal of stealing your identity. If you receive a direct message from someone that you do not trust, delete it. Finally, consider following the guidelines below on what information you should NOT share on social media:
Your date of birth- this is a piece of personally identifiable information that criminals can use in committing identity theft;
Your address and phone number- these are privileged pieces of information that you do not need to share on your profile in order to enjoy social media;
Answers to common “security questions” – if you proudly post pictures of your first new car, your high school sports memorabilia, etc., you are posting the answers to the security questions that are commonly used to validate who you are when accessing sensitive accounts or resetting passwords;
Location-based check in – these “check-ins” let everyone see that you are not at home and can make you a target!
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust


Forgot Password?

Join Us

Password Reset
Please enter your e-mail address. You will receive a new password via e-mail.