Category: Cyber-Security

Staying Safe Online – November 22, 2017

 Shopping Online Securely
The holiday season is nearing, and soon millions of people around the world will be looking to buy the perfect gifts. Many of us will choose to shop online in search of great deals and to avoid long lines and impatient crowds. Unfortunately, this is also the time of year many cyber criminals create fake shopping websites to scam and steal from others. 
Fake Online Stores
While many online stores are legitimate, there are some fake websites set up by cyber criminals. Criminals create these fake websites by replicating the look of real sites or using the names of well-known stores or brands. They then use these fraudulent websites to prey on people who are looking for the best deal possible. When you search online for the absolute lowest prices, you may find yourself directed to one of these fake websites. When selecting a website to make a purchase, be wary of websites advertising prices dramatically cheaper than anywhere else or offering products that are sold out nationwide. The reason their products are so cheap or available is because what you will receive is not legitimate, may be counterfeit or stolen, or may never even be delivered. Protect yourself by doing the following:
When possible, purchase from websites that you already know, trust, and have done business with previously.
Verify the website has a legitimate mailing address and a phone number for sales or support-related questions. If the site looks suspicious, call and speak to a human. If you can’t get a hold of someone to talk to, that is the first big sign you are dealing with a fake website.
Look for obvious warning signs, like deals that are obviously too good to be true or poor grammar and spelling.
Be very suspicious if a website appears to be an exact replica of a well-known website you have used in the past, but its domain name or the name of the store is slightly different. For example, you may be used to shopping online at Amazon, whose website is https://www.amazon.com. But be very suspicious if you find yourself at websites pretending to be Amazon, such as http://store-amazoncom.com.
Type the store’s name or URL into a search engine and see what other people have said about the website in the past. Look for terms like “fraud.” “scam,” “never again,” or “fake .” A lack of reviews can also be a sign indicating that the website is very new and might not be trustworthy.
Before purchasing any items, make sure your connection to the website is encrypted. Most browsers show a connection is encrypted by having a lock and/or the letters HTTPS in green right before the website’s name.
Remember, just because the site looks professional does not mean it’s legitimate. If you aren’t comfortable with the website, don’t use it. Instead, find a well-known website you can trust or have safely used in the past. You may not find that absolutely amazing deal, but you are much more likely to end up with a legitimate product and avoid having your personal and financial data stolen.
Your Computer/Mobile Device
In addition to shopping at legitimate websites, you want to ensure your computer or mobile device is secure. Cyber criminals will try to infect your devices so they can harvest your bank accounts, credit card information, and passwords. Take the following steps to keep your devices secured:
If you have children in your house, consider having two devices, one for your kids and one for the adults. Kids are curious and interactive with technology; as a result, they are more likely to infect their own device. 
Always install the latest updates and run up-to-date anti-virus software. This makes it much harder for a cyber criminal to infect your device.
Your Credit Card
Regularly review your credit card statements to identify suspicious charges, especially after you used your cards to make many online purchases or used a new site. Some credit card providers give you the option of notifying you by email or text messages when charges exceed a set amount. Another option is to have one credit card just for online purchases. That way, if it is compromised, you can easily change the card without impacting any of your other payment activities. This is also why you want to use credit cards for all online purchases and avoid using debit cards whenever possible. Debit cards take money directly from your bank account, so if fraud has been committed, it can be far more difficult to get your money back. Finally, consider using credit cards that generate a unique card number for every online purchase, gift cards, or well-known payment services, such as PayPal, which do not require you to disclose your credit card number to the vendor.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – November 1, 2017

Staying Secure on Social Media
The number of scams and malware taking advantage of social media users and platforms is on the rise. Social media scams are easy to create and can target thousands of people at once due to how users interact with pages, posts, and contacts. Once your account is compromised, malicious actors can leverage it as a conduit to spread scams and malware to your network of friends or contacts. Facebook, Twitter, Linked In, and lnstagram are a few very common examples of social media sites where you or your account could be at risk. 
How to Identify and Prevent Attacks
Shortened URLs are a common tactic used by scammers to conceal where malicious links lead, since many social media sites have a character limit. A simple scam involves an email with links that are allegedly to posts you have been tagged in. The links will use a URL shortening services to hide the true link destination – a malicious site that can infect your device. To avoid this, do not click on shortened links in emails and social media messages you receive. Instead, copy and paste the shortened URL into a URL extender to see where you are really going and then choose to click or not. Additionally, never enter your login credentials in a website that you linked to from a social media post, message, or email. Malicious websites that look like the real thing are often used to steal login credentials to compromise accounts.
Fake coupons are another tactic scammers use commonly on social media platforms. The scammers create a fake coupon requiring you to click a link to download it and put the coupon on a malicious website that can infect your device with malware. Treat these with the same skepticism as other suspicious emails and messages.
Click baiting is another way a scammer can get your information or install malware on your computer. Click baiting is when there is a “teaser” to get you to click on the link. For instance, it might suggest a really interesting story (“you won’t believe what happened next”), challenge you (“I bet you can’t. .. ),” or promise a “giveaway” or “sweepstake.” With the sweepstakes and giveaways, the scammer creates a fake website giving away a product. They then post the link on social media, directing users to the website to take part in the giveaway. Once there, you may be prompted to enter information, thus exposing your personal data. The website may alternatively attempt to download malware onto your device.
One way to identify and avoid this type of scam is to look for spelling errors. Another way is to check and see if the website is affiliated with the company purportedly offering the giveaway. Additionally, ask yourself, is the prize too good to be true? Scammers frequently make the prize seemingly larger-than-life in order to attract as many people as possible.
Lastly, when using social media, avoid accepting friend requests from people you do not know. If accepted the scammers can use this to gain access to your personal information with the goal of stealing your identity. If you receive a direct message from someone that you do not trust, delete it. Finally, consider following the guidelines below on what information you should NOT share on social media:
Your date of birth- this is a piece of personally identifiable information that criminals can use in committing identity theft;
Your address and phone number- these are privileged pieces of information that you do not need to share on your profile in order to enjoy social media;
Answers to common “security questions” – if you proudly post pictures of your first new car, your high school sports memorabilia, etc., you are posting the answers to the security questions that are commonly used to validate who you are when accessing sensitive accounts or resetting passwords;
Location-based check in – these “check-ins” let everyone see that you are not at home and can make you a target!
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – October 4, 2017

Scam of the Week: Equifax Phishing Attacks
 You already know that a whopping 143 million Equifax records were compromised. The difference with this one is that a big-three credit bureau like Equifax tracks so much personal and sometimes confidential information like social security numbers, full names, addresses, birth dates, and even drivers licenses and credit card numbers for some.
It can be the difference between being able to buy a house or sometimes even get a job or not. This breach and the way they handled it, including the announcement, was what Brian Krebs rightfully called a dumpster fire.
The problem is that with this much personal information in the hands of the bad guys, highly targeted spear phishing attacks can be expected, and a variety of other related crime like full-on identity theft on a much larger scale.
These records are first going to be sold on the dark web to organized crime for premium prices, for immediate exploitation, sometimes by local gangs on the street. Shame on Equifax for this epic fail. They will be sued for billions of dollars for this web-app vulnerability.
So this Scam of the Week covers what is inevitable in the near future, we have not seen actual Equifax phishing attacks at this point yet, but you can expect them in the coming days and weeks because the bad guys are going to take their most efficient way to leverage this data … email.
I suggest you send the following to your employees, friends, and family. You’re welcome to copy, paste, and/or edit:“Cyber criminals have stolen 143 million credit records in the recent hacking scandal at big-three credit bureau Equifax. At this point you have to assume that the bad guys have highly personal information that they can use to trick you. You need to watch out for the following things:
Phishing emails that claim to be from Equifax where you can check if your data was compromised
Phishing emails that claim there is a problem with a credit card, your credit record, or other personal financial information
Calls from scammers that claim they are from your bank or credit union
Fraudulent charges on any credit card because your identity was stolen
Here are five things you can do to prevent identity theft:
First sign up for credit monitoring (there are many companies providing that service including Equifax but we cannot recommend that)
Next freeze your credit files at the three major credit bureaus Equifax, Experian and TransUnion. Remember that generally it is not possible to sign up for credit monitoring services after a freeze is in place.
Advice for how to file a freeze is available here on a state-by-state basis: http://consumersunion.org/research/security-freeze/Check your credit reports via the free annualcreditreport. com
Check your bank and credit card statements for any unauthorized activity
If you believe you may have been the victim of identity theft, here is a site where you can learn more about how to protect yourself www.idtheftcenter.org. You can also call the center’s tollfree number (888-400-5530) for advice on how to resolve identify-theft issues. All of the center’s services are free.
And as always, Think Before You Click!
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – September 6, 2017

Backup & Recovery of Computer Files
Backups are copies of your information stored somewhere other than on your computer or mobile device. When you lose valuable data, you can recover that data from your backups. Unfortunately, too many people fail to perform regular backups, even though they are simple and inexpensive. The first step is deciding what you want to back up. There are two approaches: (1) backing up specific data that is important to you; or (2) backing up everything, including your entire operating system. Many backup solutions are configured by default to use the first approach. They back up data from the most commonly used folders. In many cases, this is all you need. However, if you are not sure what to back up or want to be extra careful, back up everything.
Second, you must decide how frequently to back up. Built-in backup programs, such as Apple’s Time Machine or Microsoft Windows Backup and Restore, allow you to create an automatic, “set it and forget it” backup schedule. Common options include hourly, daily, weekly, etc. Other solutions offer “continuous protection,” in which new or altered files backup immediately each time you save a document. At a minimum, we recommend automated daily backups. 
Finally, you need to decide how you are going to back up. There are two ways to back up your data: physical media or Cloud-based storage. Each approach has advantages and disadvantages. Physical media is devices you control, such as external USB drives or Wi-Fi accessible network devices. The advantage of using your own physical media is it enables you to back up and recover large amounts of data very quickly. The disadvantage of such an approach is if you become infected with malware, such as ransomware, it is possible for the infection to spread to your backups. Also, if you have a disaster, such as fire or theft, it can result in you losing not only your computer, but the backups as well. As such, if you use external devices for backups, you should store a copy of your backup off-site in a secure location. Make sure backups you store off-site are properly labeled.
Cloud-based solutions are online services that store your files on the Internet. Typically, you install an application on your computer. The application then automatically backs up your files, either on a schedule or as you modify them. An advantage of Cloud solutions is their simplicity; backups are often automatic and you can usually access your files from anywhere. Also, since your data resides in the Cloud, home disasters, such as fire or theft, will not affect your backup.
Cloud backups can help you recover from malware infections, such as ransomware, as many Cloud solutions allow you to recover from pre-infected versions. The disadvantages are it can take a long time to back up or recover very large amounts of data. Also, privacy and security is important. Does the backup service provide strong security controls, such as encrypting your data and two-step verification?
Finally, don’t forget your mobile devices. With mobile devices, most of your data, such as email, calendar events, and contacts, is already stored in the Cloud. However, your mobile app configurations, recent photos, and system preferences may not be stored in the Cloud. By backing up your mobile device, not only do you preserve this information, but it is easier to transfer your data when you upgrade to a new device. An iPhone/iPad can back up automatically to Apple’s iCioud. Android, or other mobile devices depend on the manufacturer or servicer provider. In some cases, you may have to purchase a mobile app designed specifically for backups.
Backing up your data is only half the battle; you must be sure that you can recover it. Check periodically that your backups are working by retrieving a file and making sure it is the same as the original. Also, be sure to make a full system backup before a major upgrade (such as moving to a new computer or mobile device) or a major repair (like replacing a hard drive) and verify that it is restorable.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – August 2, 2017

Gaming Online Safely and Securely
Online gaming is a great way to have fun; however, it also comes with its own set of unique risks. What makes online gaming so fun is that you can play and communicate with others from anywhere in the world. While the vast majority of people online are out to have fun just like you, there are those who want to cause harm. Here are some steps you should take to stay secure:
Be cautious of any messages that ask you to take an action, such as clicking on a link or downloading a file. Just like email phishing attacks, bad guys will attempt to fool or trick you in online games into taking actions that can infect your computer or steal your identity.
If a message seems odd, urgent, or too good to be true, be suspicious that it may be an attack.
Many online games have their own financial markets where you can trade, barter, or even buy virtual goods. Just like in the real world, there are fraudsters who will attempt to trick you and steal your money or any virtual currency you have accumulated. Deal only with people that have established, trusted reputations.
Use a strong passphrase for any gaming accounts. If your game offers two-step verification, use it. In addition, make all of your online accounts have a different password. That way, if one game is compromised, your other accounts are safe. Can’t remember all your passwords? Consider a password manager.
Bad guys may attempt to hack into or take over the computer you are gaming on. You need to take steps to protect it:
Secure your computer by always running the latest version of the operating system and the gaming software. Old and outdated software have known vulnerabilities that attackers can exploit and use to hack into your computer.
Use anti-virus software. Ensure that it is updated and checking any files you run in real time.
Download gaming software from only trusted websites. Quite often, cyber attackers will create a fake or infected version of a game, then distribute it from their own server. Gaming add-on packs are frequently used to add new features. Attackers sometimes infect these gaming packs with malware.
In addition, if any add-on requires you to disable your anti-virus or make changes to your security settings, do not use it. Underground markets have sprung up to support cheating activity. Many cheating programs are themselves malware that will infect your computer. 
Never install or use any type of cheating software or websites. Always be just as careful playing games on your mobile devices as you would your computer. Cyber attackers are beginning to target mobile devices.
For Parents or Guardians
Children require extra protection and education when gaming online. Know what games they are playing and make sure the games are age appropriate for your child. Limit the amount of information your kids share online.; they should never share their password, age, phone number, or home address. One trick to get kids talking is to ask them to show you how their games work; have them walk you through their online world and show you what a typical game looks like.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Loading

Community Calendar

  • LPC Residential Garbage Pick Up

    Friday, December 15 2017

  • Seniors in Motion, LPC Community Center

    Friday, December 15 2017 @ 8:30 AM - 9:30 AM
    LPC Community Center

2018 Honor Flight Calendar

2018 Honor Flight Calendar

Member Login

Forgot Password?
Join Us

Shopping Cart

Your cart is empty
Visit The Shop
error:
X

Forgot Password?

Join Us

Password Reset
Please enter your e-mail address. You will receive a new password via e-mail.