Category: Cyber-Security

Staying Safe Online – November 6, 2019

When will scammers stop?
“Hello this is Microsoft, we got an alert that your computer is at risk of attack and needs to be updated …” Most of us would have just hung up by now. What if they said they were the IRS, or even distant relatives? What if they know your name or your family’s name?
Scammers are very resourceful and creative. They will do their best to convince you to part with your data or funds until the end of time. It’s in our best interest to stay informed about the current popular scams going around. They may come in the form of an email or phone call asking you to do something, send something, say something, etc. While most of these requests appear legitimate on the surface, it’s important to make sure. Is this how you would normally expect to receive this request? Some of these requests, such as those for technical support, would be made by you rather than someone else.
Microsoft is not calling people offering to install updates for free. The IRS will always make initial contact with you via postal mail, never demanding payment of a tax bill over the phone or via email. Recent examples include:
Scammers use dating sites to build trust and ask for money (https://www.consumer.ftc.gov/articles/what-you-need-know-about romancescams)
Scammers pose as Microsoft technical support, tricking victims into giving them access (https://www.microsoft.com/en-us/wdsi/threats/support-scams)
Scammers target the elderly (https://www.justice.gov/elderjustice/senior-scam-alert)
What can you do?
Determine another method of contact (e.g., cell phone number or alternate email address) that is publicly available.
Check your computer and mobile devices regularly for malware.
Check for suspicious charges to your credit card. Question charges that do not correspond to products or services you purchased.
Don’t trust caller ID or email addresses. These can be spoofed, so it’s important to have another way to verify someone communicating with you. Callbacks are appropriate if you have a number for contacting them that was not provided to you from the scammer.
Be aware of scams that target the elderly, and make sure to check in with older friends and family.
PRO-TIP: If you weren’t expecting to receive an email or phone call, don’t answer it! Never trust the identity of somebody contacting you when you weren’t expecting them. Always turn to another source of verification by contacting someone through their published phone number or mailing address, and remember, caller ID and email addresses can be spoofed and are NOT a method of verification.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – October 30, 2019

What is cyberbullying?
Cyberbullying is bullying that takes place over digital devices like cell phones, computers, and tablets. Cyberbullying can occur through SMS, Text, and apps, or online in social media, forums, or gaming where people can view, participate in, or share content. Cyberbullying includes sending, posting, or sharing negative, harmful, false, or mean content about someone else. It can include sharing personal or private information about someone else causing embarrassment or humiliation. Some cyberbullying crosses the line into unlawful or criminal behavior.
The most common places where cyberbullying occurs are:• Social Media, such as Facebook, Instagram, Snapchat, and Twitter• SMS (Short Message Service) also known as Text Message sent through devices• Instant Message (via devices, email provider services, apps, and social media messagingfeatures)• Email
Special Concerns – With the prevalence of social media and digital forums, comments, photos, posts, and content shared by individuals can often be viewed by strangers as well as acquaintances. The content an individual shares online -both their personal content as well as any negative, mean, or hurtful content- creates a kind of permanent public record of their views, activities, and behavior. This public record can be thought of as an online reputation, which may be accessible to schools, employers, colleges, clubs, and others who may be researching an individual now or in the future. Cyberbullying can harm the online reputations of everyone involved, not just the person being bullied, but those doing the bullying or participating in it.
Cyberbullying has unique concerns in that it can be:
Persistent- Digital devices offer an ability to immediately and continuously communicate 24 hours a day, so it can be difficult for children experiencing cyberbullying to find relief.
Permanent – Most information communicated electronically is permanent and public, if not reported and removed. A negative online reputation, including for those who bully, can impact college admissions, employment, and other areas of life.
Hard to Notice – Because teachers and parents may not overhear or see cyberbullying taking place, it is harder to recognize.
Laws and Sanctions – Although all states have laws requiring schools to respond to bullying, many states do not include cyberbullying under these laws or specify the role schools should play in responding to bullying that takes place outside of school. Schools may take action either as required by law, or with local or school policies that allow them to discipline or take other action. Some states also have provisions to address bullying if it affects school performance.
Frequency of Cyberbullying – There are two sources of federally collected data on youth bullying:• The 2017 School Crime Supplement (National Center for Education Statistics and Bureau of Justice) indicates that among students ages 12-18 who reported being bullied at school during the school year, 15% were bullied online or by text.• The 2017 Youth Risk Behavior Surveillance System (Centers for Disease Control and Prevention) indicates that an estimated 14.9% of high school students were electronically bullied in the 12 months prior to the survey.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – October 23, 2019

Telemarketing Fraud
When you send money to people you do not know personally or give personal or financial information to unknown callers, you increase your chances of becoming a victim of telemarketing fraud .
Here are some warning signs of telemarketing fraud-what a caller may tell you:“You must act ‘now’ or the offer won’t be good.”“You’ve won a ‘free’ gift, vacation, or prize.” But you have to pay for “postage and handling” or other charges.“You must send money, give a credit card or bank account number, or have a check picked up by courier.” You may hear this before you have had a chance to consider the offer carefully.“You don’t need to check out the company with anyone.” The callers say you do not need to speak to anyone including your family, lawyer, accountant, local Better Business Bureau, or consumer protection agency.“You don’t need any written information about the company or their references.”“You can’t afford to miss this ‘high-profit, no-risk’ offer.”If you hear these or similar “lines” from a telephone salesperson, just say “no thank you” and hang up the telephone.
Tips for Avoiding Telemarketing Fraud:
It is very difficult to get your money back if you have been cheated over the telephone. Before you buy anything by telephone, remember:
Don’t buy from an unfamiliar company. Legitimate businesses understand that you want more information about their company and are happy to comply.
Always ask for and wait until you receive written material about any offer or charity. If you get brochures about costly investments, ask someone whose financial advice you trust to review them. But beware-not everything written down is true.
Always check out unfamiliar companies with your local consumer protection agency, Better Business Bureau, state attorney general, the National Fraud Information Center, or other watchdog groups. However, not all bad businesses can be identified through these organizations.
Obtain a salesperson’s name, business identity, telephone number, street address, mailing address, and business license number before you transact business. Some con artists give out false names, telephone numbers, addresses, and business license numbers-verify the accuracy of these items.
Before you give money to a charity or make an investment, find out what percentage of the money is paid in commissions and what percentage actually goes to the charity or investment. Before you send money, ask yourself a simple question: “What guarantee do I really have that this solicitor will use my money in the manner we agreed upon?”
Don’t pay in advance for services; pay only after they are delivered.
Be wary of companies that want to send a messenger to your home to pick up money, claiming it is part of their service to you. In reality, they are taking your money without leaving any trace of who they are or where they can be reached.
Always take your time making a decision. Legitimate companies won’t pressure you to make a snap decision.Don’t pay for a “free prize.” If a caller tells you the payment is for taxes, he or she is violating federal law.
Before you receive your next sales pitch, decide what your limits are-the kinds of financial information you will and won’t give out on the telephone.
Be sure to talk over big investments offered by telephone salespeople with a trusted friend, family member, or financial advisor. It is never rude to wait and think about an offer.
Never respond to an offer you don’t understand thoroughly.
Never send money or give out personal information such as credit card numbers and expiration dates, bank account numbers, dates of birth, or social security numbers to unfamiliar companies or unknown persons.
Be aware that your personal information is often brokered to telemarketers through third parties.
If you have been victimized once, be wary of persons who call offering to help you recover your losses for a fee paid in advance.
If you have information about a fraud, report it to state, local, or federal law enforcement agencies.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – October 16, 2019

Internet fraud
Internet fraud is the use of Internet services or software with Internet access to defraud victims or to otherwise take advantage of them. Internet crime schemes steal millions of dollars each year from victims and continue to plague the Internet through various methods. Several high-profile methods include the following:
Business E-Mail Compromise (SEC): A sophisticated scam targeting businesses working with foreign suppliers and companies that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.
Data Breach: A leak or spill of data which is released from a secure location to an untrusted environment. Data breaches can occur at the personal and corporate levels and involve sensitive, protected, or confidential information that is copied, transmitted, viewed, stolen, or used by an individual unauthorized to do so.
Denial of Service: An interruption of an authorized user’s access to any system or network, typically one caused with malicious intent.
E-Mail Account Compromise (EAC): Similar to BEC, this scam targets the general public and professionals associated with, but not limited to, financial and lending institutions, real estate companies, and law firms. Perpetrators of EAC use compromised e-mails to request payments to fraudulent locations.
Malware/Scareware: Malicious software that is intended to damage or disable computers and computer systems. Sometimes scare tactics are used by the perpetrators to solicit funds from victims.
Phishing/Spoofing: Both terms deal with forged or faked electronic documents. Spoofing generally refers to the dissemination of e-mail which is forged to appear as though it was sent by someone other than the actual source. Phishing is often used in conjunction with a spoofed e-mail. It is the act of sending an e-mail falsely claiming to be an established legitimate business in an attempt to deceive the unsuspecting recipient into divulging personal, sensitive information such as passwords, credit card numbers, and bank account information after directing the user to visit a specified website. The website, however, is not genuine and was set up only as an attempt to steal the user’s information.
Ransomware: A form of malware targeting both human and technical weaknesses in organizations and individual networks in an effort to deny the availability of critical data and/or systems. Ransomware is frequently delivered through spear phishing emails to end users, resulting in the rapid encryption of sensitive files on a corporate network.
When the victim organization determines they are no longer able to access their data, the cyber perpetrator demands the payment of a ransom, typically in virtual currency such as Bitcoin, at which time the actor will purportedly provide an avenue to the victim to regain access to their data.
For information on the most common complaints and scams, see the annual reports of the Internet Crime Complaint Center (IC3), a partnership of the FBI and the National White Collar Crime Center.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – October 9, 2019

How to protect your computer
The same advice parents might deliver to young drivers on their first solo journey applies to everyone who wants to navigate safely online. A special agent in our Cyber Division offered the following:
“Don’t drive in bad neighborhoods.”
“If you don’t lock your car, it’s vulnerable; if you don’t secure your computer, it’s vulnerable.”
“Reduce your vulnerability, and you reduce the threat.”
Below are some key steps to protecting your computer from intrusion:
Keep Your Firewall Turned On: A firewall helps protect your computer from hackers who might try to gain access to crash it, delete information, or even steal passwords or other sensitive information. Software firewalls are widely recommended for single computers. The software is prepackaged on some operating systems or can be purchased for individual computers. For multiple networked computers, hardware routers typically provide firewall protection.
Install or Update Your Antivirus Software: Antivirus software is designed to prevent malicious software programs from embedding on your computer. If it detects malicious code, like a virus or a worm, it works to disarm or remove it. Viruses can infect computers without users’ knowledge. Most types of antivirus software can be set up to update automatically.
Install or Update Your Antispyware Technology: Spyware is just what it sounds like, software that is surreptitiously installed on your computer to let others peer into your activities on the computer. Some spyware collects information about you without your consent or produces unwanted pop-up ads on your web browser. Some operating systems offer free spyware protection, and inexpensive software is readily available for download on the Internet or at your local computer store. Be wary of ads on the Internet offering downloadable antispyware; in some cases these products may be fake and may actually contain spyware or other malicious code. It’s like buying groceries, shop where you trust.
Keep Your Operating System Up to Date: Computer operating systems are periodically updated to stay in tune with technology requirements and to fix security holes. Be sure to install the updates to ensure your computer has the latest protection.
Be Careful What You Download: Carelessly downloading e-mail attachments can circumvent even the most vigilant anti-virus software. Never open an e-mail attachment from someone you don’t know, and be wary of forwarded attachments from people you do know. They may have unwittingly advanced malicious code.
Turn Off Your Computer: With the growth of high-speed Internet connections, many opt to leave their computers on and ready for action. The downside is that being “always on” renders computers more susceptible. Beyond firewall protection, which is designed to fend off unwanted attacks, turning the computer off effectively severs an attacker’s connection-be it spyware or a botnet that employs your computer’s resources to reach out to other unwitting users.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Loading
X

Forgot Password?

Join Us