Category: Cyber-Security

Staying Safe Online – March 13, 2019

Search yourself online
You most likely have heard how important it is to protect your privacy and the information you share online. To demonstrate this, we are going to try something new; we are going to show you how to research yourself and discover what information is publicly known about you. The process is called OSINT, a fancy way of saying Open Source Intelligence. This means researching public resources online to see how much information you can learn about a computer IP address, a company, or even a person like yourself. Keep in mind, cyber attackers are using these very same tools and techniques. The more attackers can learn about you, the better they can create a targeted attack. This concept has existed for years, but the latest online tools make it so much simpler to accomplish.
You will not find all the information on a single website. Instead you start with one website, learn some details, then use those details to search on and learn from other sites. Then you combine and compare results to create a profile or dossier of your subject. A good place to start is with search engines such as Google, Bing, or DuckDuckGo. Each of these have indexed different information about you, so start your search with more than one search engine. Start by typing your name in quotes, but after that expand your search based on what are called operators. Operators are special symbols or text you add to your search that better define what you are looking for. This is especially important if you have a common name; you may have to add more information such as your email address or the town you live in.
Examples include:
“FirstName LastName” > What information can I find online about this person
“Firstname Lastname@” > Find possible email addresses associated with this person
“Firstname lastname” filetype:doc >Any word documents that contain this person’s name
There are also sites dedicated to learning about people. Try one of these sites to see what is publicly known about you. Keep in mind these sites are not always accurate or may be country specific. You may have to search several sites to verify the information you find.
https://pipl.com
https://cubib.com
https://familytreenow.com
For an interactive list of all the different websites you can use to learn about yourself, we recommend the OSINT Framework at https://osintframework.com.
Learn what other people or organizations have collected, posted, or shared about you online (churches, schools, sports clubs, or other local community sites).
Understand that these same resources are available to anyone else, including cyber criminals who can use that information to target you. Be suspicious. For example, if you get an urgent phone call from someone claiming to be your bank, just because they know some basic information about you does not prove it is your bank. Instead, politely hang up, then call your bank back on a known, trusted number to confirm it is them. It is the same with email, just because an email has some known facts about you does not mean it is legitimate.
Consider what you share publicly and the impact that information could have on you, your family, or your employer.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – February 13, 2019

Time to Take a Look at Your Money Habits
The New Year holiday creates a feeling of starting fresh and encourages us to set new goals. While diets come to mind, setting new financial goals should be on the top of our lists. As you reflect on the past year, focus on your experiences, build on what worked and what didn’t, to shape this year’s money habits. Here are some ideas to consider as you set your financial goals for the New Year.
New Year, New Savings AccountThink about what you want to save for the coming year and commit to opening a savings account to reach that goal, whether it’s creating an emergency fund or setting money aside for your kids’ future college tuition. There are many types of savings accounts available to save for both short term and long term goals.
Small Step: Decide on the type of savings account that will meet your goal and commit to depositing a set amount 011 a regular basis to get into the habit of saving. For example, if you open a basic savings account, deposit $25 every month and sign up for direct deposit or automatic withdrawals from your checking account to ensure that amount is saved. Once you’re comfortable with saving a small amount consistently, you can increase it.
For information about the various savings accounts available, visit: https://www.investor.gov/introduction-investing/basics/save-investhttps://www.irs.gov/newsroom/529-plans-questions-and-answers
Pay Down That Old Debt in the New YearConfronting your debt and thinking about how to pay it off can be scary and overwhelming. Use the New Year to face your fears. Make a list of your debts, noting the monthly payment, current balance, and interest rate, and make a plan to start paying down the debts.Many experts recommend focusing on either debts with the highest interest rates or debts with the lowest balances to pay off. While you will likely save more money paying off debts with the highest interest rates, it may be faster to pay off the smallest balances first, and seeing this progress may help keep you motivated.
Small Step: Whichever method you choose for paying down debt, start by adding a small amount to one of your current payments. For instance, if you are focusing on paying off a credit card with a minimum monthly payment of $100, add $25 to that amount to start (for a total monthly payment of $125). Once you are comfortable with that new amount, add more when you’re able and stay focused on the goal.
For more information about paying off debts, visit: https://www.consumer.gov/debt#!what-to-know
Get OrganizedKeeping your finances organized will help you control your money and achieve your financial goals. Some basic tasks to help you get organized include making a budget, tracking your spending, and putting a system in place to ensure you pay your bills on time every month. Be sure to monitor your credit card and bank statements for any unexpected fees or unusual activity too. The sooner you find mistakes or unauthorized transactions, the easier it is to correct those issues.
Small Step: Like dealing with debt, organizing your finances can be daunting, so start small by picking one organizational task and focus on that task for one month before adding another. For example, you might start by making sure your bills are paid on time by setting up automatic bill pay from your bank account, giving yourself one month to learn about it, set it up, and get comfortable using it. Next month, focus on creating a budget, which gives you several weeks to learn about budgeting and working on it.For more information on organizing your financial life, visit: https://www.consumer.gov/section/managing-your-moneyhttps://www.consumer.ftc.gov/articles/pdf-0054-focus-on-finances.pdf
Protect Your Money All Year, Every YearWith so many financial transactions occurring electronically, it’s important to proactively protect your personal information, including your credit card and bank account numbers. Use the New Year to take charge of protecting your money. Never provide your personal information in response to an unsolicited request, whether it is over the phone or over the Internet. Always track your bank and credit card statements and your credit reports for unusual activity.Catching abnormal transactions early will allow you to take steps to prevent more harm if your information has been stolen.Small Step: One important step to protect yourself from online scams and theft is to change your passwords regularly. If you have been using the same passwords for awhile, create new, difficult-to-guess passwords and change them often to keep your money safe.
For more help or information, go to www.fdic.gov or call the FDIC toll-free at 1-877-ASK-FDIC (1-877-275-3342).
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – January 2, 2019

A Public Service Announcement Courtesy of Cedar Valley Bank & Trust
In 2018, the Consumer Sentinel Network has seen a striking increase in the median dollar amount that people 70 and over are saying they lost to fraud. Digging into the data, we found some common stories with an unusual twist: people 70 and older report mailing huge amounts of cash to people who pretended to be their grandchildren.
People 70 and over rarely report to the FTC that they paid a scammer with cash. But for one particular type of fraud, family and friend imposters, fully 25% of people 70 and over who reported to the FTC how they paid money told us they sent cash.
We call these family and friend imposter scams, but you may know them as the “grandparent scam” and with good reason. People 70 and over report that the scammer posed as a grandchild, usually a grandson, about 70% of the time.
People from all age groups reported median individual losses of about $2,000 to family and friend imposters, far higher than the median loss of $462 reported for all fraud types. But the story is much worse to for people 70 and over who sent cash – they reported median individual losses of $9,000.
Like many scams, these start with a phone call using some common ploys. In about half of the reports of cash payments, people said the caller claimed to be in jail or other legal trouble. About a third of these reports mentioned a so-called car accident. In both cases, the callers play on people’s emotions and sense of loyalty; they may be told they’re the only person trusted enough to call for help, and they’re often told not to tell anyone.
These scammers are experts at impersonating people they’ve never even met. Car accident injuries, often broken noses or uncontrolled sobbing explain away a voice that might not sound quite right. Scammers use personal details from social media sites to make their stories more believable. Or they may simply wait for their target to use a name. “Steve, is that you?”- and take the cue.
According to reports, callers often give very specific instructions about how to send cash. Many people said they were told to divide the bills into envelopes and place them between the pages of a magazine. Then, according to reports, they were told to send them using various carriers, including UPS, FedEx, and the U.S. Postal Service.
What can you do about these scams? Talk about them. Many people have gotten these calls, so help others know what to do to spot and avoid the scam:• Don’t act right away, no matter how dramatic the story is.• Call that family member or friend, and make sure you use a phone number that you know is right. Or check it out with someone else in your circle, even if the caller told you to keep it a secret.• Be careful about what you post on social media. If your personal details are public, someone can use them to defraud you and people who care about you.
If you’ve mailed cash, report it right away to the Postal Service or whichever shipping company you used. Some people have been able to stop delivery by acting quickly and giving a tracking number. Also tell the FTC at FTC.gov/complaint.

Staying Safe Online – December 5, 2018

By Dr. Johannes Ulrich
Just like driving a car, sooner or later you may have an accident no matter how secure you are. Below are clues to help figure out if you have been hacked and, if so, what to do. The sooner you identify something bad has happened, the more likely you can fix the problem.
Clues You Have Been Hacked
Your anti-virus program generates an alert that your system is infected. Make sure it is your anti-virus software generating the alert, and not a pop-up window from a website trying to fool you into calling a number or installing something else. Not sure? Open your anti-virus program.
You get a pop-up window saying your computer has been encrypted and you have to pay a ransom to get your files back.
Your browser is taking you to all sorts of websites that you did not want to go to.
Your computer or applications are constantly crashing or there are icons for unknown apps or strange windows popping up.
Your password no longer works even though you know it is correct.
Friends ask you why you are spamming them with emails that you know you never sent.
There are charges to your credit card or withdrawals from your bank account you never made.
How to Respond
If you suspect you have been hacked, the sooner you act the better. If the hack is work related, do not try to fix the problem yourself; instead, report it immediately. If it is a personal system or account that has been hacked, here are some steps you can take:
Change Your Passwords: This includes not only changing the passwords on your computers and mobile devices, but for your online accounts. Do not use the hacked computer to change your passwords; use a different system that you know is secure. If you have a lot of accounts, start with the most important ones first. Can’t keep track of all your passwords? Use a password manager.
Financial: For issues with your credit card or any financial accounts, call your bank or credit card company right away. Use a trusted phone number to call them, such as from the back of your bank card, your financial statements, or visit their website from a trusted computer. In addition, consider putting a credit freeze on your credit files.
Anti-virus: If your anti-virus software informs you of an infected file, follow the actions it recommends. Most anti-virus software will have links you can follow to learn more about the specific infection.
Reinstalling: If you are unable to fix an infected computer or you want to be surer your system is safe, reinstall the operating system. Do not reinstall from backups; instead, backups should only be used for recovering your personal files. If you feel uncomfortable rebuilding, consider using a professional service to help you. Or, if your computer or device is old, it may be easier to purchase a new one. Finally, once you have rebuilt your system or purchased a new one, make sure it is updated and enable automatic updating whenever possible.
Backups: A key step to protecting yourself is to prepare ahead of time with regular backups. Many solutions will automatically back up your files daily or hourly. Regardless of which solution you use, periodically check that you are able to restore those files. Quite often, recovering your data backups is the only way you can recover from being hacked.
Law Enforcement: If you feel in any way threatened, report the incident to local law enforcement. If you are the victim of identity theft and are based in the United States, then visit https://www.identitytheft.gov.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – November 7, 2018

Communicate with caution in the digital space
In today’s digitally driven world, it has never been easier to shop, apply for loans, transfer money or even set up doctor appointments. We transmit all sorts of financial and personal information across the internet – and this information needs to be protected as it zigzags across cyberspace. Most of us use the web browsers on our phone or computer to interact with the internet. The easiest way to make sure the website you are using is secure is to look for the padlock icon next to the address bar. This icon may differ slightly depending on your browser, but if you see a closed lock with no red flags or warning, then the site is secure.
The padlock indicates that the website is using SSL/TLS, which just means that it is encrypted. If you don’t see the padlock, that means the website is not secure, and you’re putting your data at risk by visiting it.
Email is another major communication tool many of us use every day. For the most part, we send email in clear text (i.e. , information is sent as-is, rendering it readable without a keyword of some sort), store it on a server and then send it when the recipient is next available. Some security features are available for many web mail clients, but none are guaranteed to be secure because there is nothing forcing the recipient to abide by the request to send or receive the information securely. To make a long story short, it is definitely not a good idea to send sensitive data through your Gmail (or any other) email account.
Text messaging and phone calls are usually protected by the communication network protocol and providers themselves. The prevalent cell network protocols- GSM (Global System for Mobile Communications) and COMA (Code-Division Multiple Access) -have been cracked in recent years, so you shouldn’t assume they’re secure.
The past couple of years have seen a surge in the use of third-party secure chat programs. Be wary of these apps because while many of them claim to be secure, some do not follow good practices. Do your research before using these apps for your sensitive communications.
How Can You Protect Yourself?
Check your web browser for a padlock icon next to the URL in the browser. Most modern browsers provide a padlock icon when there is a valid certificate and a website is using an encrypted protocol. Before you enter personal information – even a password to log in – look for the confirmation that encryption is in use. If you do not see the padlock on a site you’re visiting, or there are errors in the address bar where you would normally see the padlock, DO NOT enter any sensitive information into it.
DO NOT send or store sensitive information via email unless you know it is secure. If you need to send emails or files securely over the internet, you should use a secure encrypted file-sharing tool or an email service such as Sharefile or Zixmail.
Use an app, such as Signal for Android or Signal for iOS, for secure chat and phone calls.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Loading
X

Forgot Password?

Join Us