Category: Cyber-Security

Staying Safe Online – July 4, 2018

Stop that malware
You probably have heard of terms such as virus, Trojan, ransomware, or rootkit when people talk about cyber security. These are different types of malicious programs, called malware, that cyber criminals use to infect computers and devices. Once installed, they can do whatever they want. Learn what malware is, what danger it poses, and most importantly, what you can do to protect yourself from it.
Simply put, malware is software, a computer program, used to perform malicious actions. This term is a combination of the words malicious and software. Cyber criminals install malware on your computers or devices to gain control over them. Once installed, malware can enable criminals to spy on your online activities, steal your passwords or files, or use your system to attack others. Malware can even take control of your own files, demanding that you pay a ransom to get them back. Many people believe that malware is a problem only for Windows computers. Unfortunately, malware can infect any device, from Mac computers and smartphones to DVRs and security cameras. The more computers and devices cyber criminals infect, the more money they can make. Therefore, everyone is a target, including you.
How to Protect Yourself – You may think that all you have to do is install a security program like anti-virus software and you are safe from getting infected. Unfortunately, anti-virus cannot stop all malware. Cyber criminals are constantly developing new and more sophisticated malware that can evade detection. In turn, anti-virus vendors are constantly updating their products with new capabilities to detect malware. In many ways it has become an arms race, and the bad guys are usually one step ahead. Since you cannot rely on anti-virus alone, there are additional steps you should take to protect yourself.
Cyber criminals often infect computers or devices by exploiting vulnerabilities in your software. The more current your software is, the fewer vulnerabilities your systems have and the harder it is for cyber criminals to infect them. Make sure your operating systems, applications, browser and browser plugins, and devices are always updated and current. The easiest way to ensure this is to enable automatic updating whenever possible.
A common way cyber criminals infect computers or mobile devices is by creating fake computer programs or mobile apps, posting them on the Internet, and then tricking you into downloading and installing one. Only download and install programs or apps from trusted online stores. Also, stay away from mobile apps that are brand new, have few positive reviews, are rarely updated, or have been downloaded by a small number of people.
No longer using a computer program or mobile app? Delete it.
A Cyber criminals often trick people into installing malware for them. For instance, they might send you an email that looks legitimate and contains an attachment or a link. Perhaps the email appears to come from your bank or a friend. However, if you were to open the attached file or click on the link, you would activate malicious code that installs malware on your system. If a message creates a strong sense of urgency or seems too good to be true, it could be an attack. Be suspicious, common sense is often your best defense.
Regularly back up your system and files to Cloud-based services, or store your backups offline, such as on disconnected external drives. This protects your backups in case malware attempts to encrypt or erase them.
Backups are critical. They are often the only way you can recover from a malware infection.
Ultimately, the best way to defend against malware is to keep all your software and devices up-to-date, install trusted antivirus software when possible, and be alert for anyone attempting to trick you into infecting your own system. When all else fails, regular backups are often the only way you can recover.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – June 6, 2018

A Public Service Announcement courtesy of Cedar Valley Bank & Trust
Indicators of Elder Financial Exploitation
Older Americans hold a high concentration of wealth as compared to the general population. In the instances where elderly individuals experience declining cognitive or physical abilities, they may find themselves more reliant on specific individuals for their physical well-being, financial management, and social interaction. While anyone can be a victim of a financial crime such as identity theft, embezzlement, and fraudulent schemes, certain elderly individuals may be particularly vulnerable.
The following red flags could indicate the existence of elder financial exploitation. This list of red flags identifies only possible signs of illicit activity:
Erratic or unusual banking transactions or changes in banking patterns: Frequent large cash withdrawals, including daily maximum currency withdrawals from an ATM
Sudden non-sufficient fund activity
Uncharacteristic nonpayment for services, which may indicate a loss of funds or access to funds;
Debit transactions that are inconsistent for the elder;
Uncharacteristic attempts to wire large sums of money;
Closing of CDs or accounts without regard to penalties.
Interactions with customers or caregivers:
A caregiver or other individual shows excessive interest in the elder’s finances or assets, does not allow the elder to speak for himself, or is reluctant to leave the elder’s side during conversations;
The elder shows an unusual degree of fear or submissiveness toward a caregiver, or expresses fear of eviction or nursing home placement if money is not given to a caretaker;
The financial institution is unable to speak directly with the elder, despite repeated attempts to contact him or her;
A new caretaker, relative, or friend suddenly begins conducting financial transactions on behalf of the elder without proper documentation.
The elder moves away from existing relationships and toward new associations with other “friends” or strangers;
The elderly individual’s financial management changes suddenly, such as through a change of power of attorney to a different family member or a new individual;
The elderly customer lacks knowledge about his or her financial status, or shows a sudden reluctance to discuss financial matters.
The Facts of Elder Abuse
Elder abuse, the mistreatment or harming of an older person is an injustice that we all need to prevent and address. Here are some facts that everyone should know.

About 1 in 10 Americans age 60+ have experienced abuse.
Elder abouse is underreported
The New York State Elder Abuse Prevalence Study found that for every elder abuse case known to programs and agencies, 23.5 were unknown. ln the same study, they examined different types of abuse and found for each case of financial exploitation that reached authorities,44 cases went unreported, The national elder abuse incidence study estimated that only 1 in 14 cases of elder abuse ever comes to the attention of authorities.
Without accessible, quality health and public services, our population becomes more at risk for abuse as we age.
The impact of elder abuse is felt by people of all ages.
The costs of elder abuse are high for the affected individuals and society alike. Elder abuse reduces older people’s participation in the life of our communities. ltalso creates health care and legalcosts,which are often shouldered by public programs like Medicare and Medicaid, and reduces older people’s participation in the life of the community.
Elder abuse costs victims billions of dollar each year.
The annual financial loss by victims of elder financial exploitation was estimated to be $2,9 billion in 2009, a 12% increase from 2008.
Elder abuse is associated with increased rates of hospitalization in the community population.
Older adults who experienced abuse or neglect were twice as likely to be hospitalized than other older people.
~National Center om Elder Abuse

Staying Safe Online – April 4, 2018

Staying safe from tax scams
Though Benjamin Franklin is often quoted as saying “in this world, nothing can be said to be certain, except death and taxes,” an updated version for the current day would need to include tax scams. As people nationwide seek to file their tax returns, cybercriminals attempt to take advantage of this with a variety of scams. Hundreds of thousands of U.S. citizens are targeted by tax scams each year, often only learning of the crime after having their legitimate returns rejected by the Internal Revenue Service (IRS) because scammers have already fraudulently filed taxes in their name. The IRS reported a 400% rise in phishing scams from the 2015 to the 2016 tax season. In the state, local, tribal, and territorial government sector during 2017, approximately 30% of all reported data breach incidents were related to the theft of W-2 information, which was likely used for tax fraud.
How is Tax Fraud Perpetrated?
Unfortunately, much of your personal information can be gathered from multiple locations online with almost no verification that the right person is receiving the information. Criminals know this, so they use this trick to get your personal information from a variety of websites and use the information to file a fake tax refund request! If a criminal files a tax return in your name before you do, they will file it with false information to get a large refund, forcing you to go through the arduous process of proving that you did not file the return and subsequently correcting the return. Once they have your personal information, criminals can continue to commit identity theft well beyond the tax season.
Another favorite technique used by criminals during the tax season is sending phishing messages indicating that a new copy of your tax form(s) is available. These emails often impersonate state, local, tribal, and territorial government comptroller and/or IT departments. They might include a link to a phishing website that uses your organization’s logo and the email might even have the right signature line. If you fill out or attempt to login into the phishing website, the criminals will be able to see your login name and password, which they can then use to try and compromise your other accounts. The more information they gather from you, the easier it is for them to use the information to file a fake tax return in your name.
Tax fraudsters also impersonate the IRS and other tax officials to threaten taxpayers with penalties if they do not make an immediate payment. This contact may occur through websites, emails, or threatening calls and text messages that look official but are not. Sometimes, criminals request their victims pay the “penalties” via strange methods like gift cards or prepaid credit cards. It is important to remember:
The IRS will not initiate contact about payment with taxpayers by phone, email, text messages, or social media without sending an official letter in the mail first.
The IRS will not call to demand immediate payment over the phone using a specific payment method such as a debit/credit card, a prepaid card, a gift card, or a wire transfer.
The IRS will not threaten to immediately notify local police or other law-enforcement agencies to have you arrested for not paying .
The IRS will not demand that you pay taxes without giving you the opportunity to question or appeal the amount you owe.
What Can You Do?
Here are some basic tips to help you minimize the chances of becoming a victim of a tax scam:
If you haven’t already, file your taxes as soon as you can … before the scammers do it!
Be aware of phone calls, emails, and websites that try to get your information, or pressure you to make a payment. If something seems suspicious, contact the organization through a known method, like their publicly posted customer service line.
Ignore emails and texts asking for personal or tax information. Be cautious as to whom you provide your information, including your Social Security Number and date of birth.
Don’t click on unknown links or links from unsolicited messages. Type the verified, real organizational website into your web browser.
Don’t open attachments from unsolicited messages, as they may contain malware.
Only conduct financial business over trusted websites. Don’t use public, guest, free, or insecure Wi-Fi networks.
Remember, the “HTTPS” does not mean a site is legitimate.
Shred all unneeded or old documents containing confidential and financial information.
Check your credit report regularly for unauthorized activity. Consider putting a security freeze on your credit file with the major credit bureaus if you suspect you have been targeted for identity theft.
If you receive a tax-related phishing or suspicious email at work, report it according to your cybersecurity policy. The IRS encourages taxpayers to send suspicious emails related to tax fraud to its phish ing@irs.gov email account or to call the IRS at 800-908-4490. More information about tax scams is available on the IRS website and in the IRS Dirty Dozen list of tax scams.
If you suspect you have become a victim of tax fraud or identity theft, the Federal Trade Commission (FTC) Identity Theft website will provide a step-by-step recovery plan. It also allows you to report if someone has filed a tax return fraudulently in your name, if your information was exposed in a major data breach, and many other types of fraud.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – March 7, 2018

Don’t Share That!
Are you telling the bad guys useful information and might not even realize it or understand the implications?
Isn’t social media great? It allows you to interact with long lost friends and family not to mention your business network. “What’s the big deal? I posted my maiden name so my old friends can find me! Oh, and I’ve also helped my mom set hers up the same way. I even marked her as my mom, I also marked my aunt, cousins, kids, etc. as relatives.” Perhaps you took one of those fun surveys that ask you for personal information to share. Now everyone knows your favorite: store to shop, vacation destination, workplace, restaurant, teacher’s name, street you grew up on, first telephone number, color, as well as your dog’s name. Not to mention, you can easily boast about your excitement before boarding a flight to your awesome vacation and tag yourself when you get there!
Consider the treasure trove of information you’ve given the bad guys. You’ve given away a common security question’s answer; your mother’s maiden name. Additionally, you’ve also given someone trying to gain access to your personal data a good bit of telltale answers to likely security questions. Does everyone really need to know your favorite teacher’s name was Mr. Franklin, or your childhood street was Farmington Ave.? No. Regarding that big trip; most of your friends will ‘like’ your vacation status and photos just as much after you arrive home. Do you really want to tack up a big sign on the Internet that basically says: “I’m going to be 1,300 miles from home for the next 5 days …” for thieves to see? No.
It’s best to avoid sharing too much personal information with everyone, even if it appears as a harmless survey. Read closely, there’s usually something personally identifiable innocuously hidden amongst questions about your favorite food or color. Avoiding that “harmless repost” just might save your bank account from being compromised. Resist that temptation to tell everyone you’re just about to head to the Bahamas. That excitement isn’t worth coming home from vacation to find your personal property stolen, damaged, and ransacked.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – February 7, 2018

Several years ago, creating a cybersecure home was simple; most homes consisted of nothing more than a wireless network and several computers. Today, technology has become far more complex and is integrated into every part of our lives, from mobile devices and gaming consoles to your home thermostat and your refrigerator. Here are four simple steps for creating a cybersecure home.
Your Wireless Network
Almost every home network starts with a wireless (or Wi-Fi) network. This is what enables all your devices to connect to the Internet. Most home wireless networks are controlled by your Internet router or a separate, dedicated wireless access point. They both work the same way: by broadcasting wireless signals. The devices in your house can then connect via these signals. This means securing your wireless network is a key part of protecting your home. We recommend the following steps to secure it:
Change the default administrator password to your Internet router or wireless access point. (Whichever one is controlling your wireless network.) The admin account is what allows you to configure the settings for your wireless network.
Ensure that only people you trust can connect to your wireless network. Do this by enabling strong security. Currently, the best option is to use the security mechanism called WPA2. By enabling this, a password is required for people to connect to your home network, and once connected, their online activities are encrypted.
Ensure the password used to connect to your wireless network is strong and that it is different from the ad min password. Remember, you only need to enter the password once for each of your devices, as they store and remember the password.
Many wireless networks support what is called a Guest Network. This allows visitors to connect to the Internet, but protects your home network, as they cannot connect to any of the other devices on your home network. If you add a guest network, be sure to enable WPA2 and a unique password for the network.
Not sure how to do these steps? Ask your Internet Service Provider or check their website, check the documentation that came with your Internet router or wireless access point, or refer to their respective website.
Your Devices
The next step is knowing what devices are connected to your wireless home network and making sure all of those devices are secure. This used to be simple when you had just a computer or two. However, almost anything can connect to your home network today, including your smartphones, TVs, gaming consoles, baby monitors, speakers, or perhaps even your car. Once you have identified all the devices on your home network, ensure that each one of them is secure. The best way to do this is ensure you have automatic updating enabled on them wherever possible. Cyber attackers are constantly finding new weaknesses in different devices and operating systems. By enabling automatic updates, your computer and devices are always running the most current software, which makes them much harder for anyone to hack into.
Passwords
The next step is to use a strong, unique password for each of your devices and online accounts. The key words here are strong and unique. Tired of complex passwords that are hard to remember and difficult to type? So are we. Use a passphrase instead. This is a type of password that uses a series of words that is easy to remember, such as “Where is my coffee?” or “sunshine-doughnuts-happy-lost”. The longer your passphrase is, the stronger. A unique password means using a different password for each device and online account. This way, if one password is compromised, all your other accounts and devices are still safe. Can’t remember all those strong, unique passwords? Don’t worry, neither can we. That is why we recommend you use a password manager, which is a special security program that securely stores all your passwords for you in an encrypted, virtual safe.
Finally, enable two-step verification whenever available, especially for your online accounts. Two-step verification is much stronger. It uses your password, but also adds a second step, such as a code sent to your smartphone or an app on your smartphone that generates the code for you. Two-step verification is probably the most important step you can take to protect yourself online, and it’s much easier than you think.
Backups
Sometimes, no matter how careful you are, you may be hacked. If that is the case, often the only way you can recover your personal information is to restore from backup. Make sure you are doing regular backups of any important information and verify that you can restore from them. Most mobile devices support automatic backups to the Cloud. For most computers, you may have to purchase some type of backup software or service, which are relatively low-priced and simple to use.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Loading
X

Forgot Password?

Join Us

Password Reset
Please enter your e-mail address. You will receive a new password via e-mail.