Category: Cyber-Security

Staying Safe Online – October 4, 2017

Scam of the Week: Equifax Phishing Attacks
 You already know that a whopping 143 million Equifax records were compromised. The difference with this one is that a big-three credit bureau like Equifax tracks so much personal and sometimes confidential information like social security numbers, full names, addresses, birth dates, and even drivers licenses and credit card numbers for some.
It can be the difference between being able to buy a house or sometimes even get a job or not. This breach and the way they handled it, including the announcement, was what Brian Krebs rightfully called a dumpster fire.
The problem is that with this much personal information in the hands of the bad guys, highly targeted spear phishing attacks can be expected, and a variety of other related crime like full-on identity theft on a much larger scale.
These records are first going to be sold on the dark web to organized crime for premium prices, for immediate exploitation, sometimes by local gangs on the street. Shame on Equifax for this epic fail. They will be sued for billions of dollars for this web-app vulnerability.
So this Scam of the Week covers what is inevitable in the near future, we have not seen actual Equifax phishing attacks at this point yet, but you can expect them in the coming days and weeks because the bad guys are going to take their most efficient way to leverage this data … email.
I suggest you send the following to your employees, friends, and family. You’re welcome to copy, paste, and/or edit:“Cyber criminals have stolen 143 million credit records in the recent hacking scandal at big-three credit bureau Equifax. At this point you have to assume that the bad guys have highly personal information that they can use to trick you. You need to watch out for the following things:
Phishing emails that claim to be from Equifax where you can check if your data was compromised
Phishing emails that claim there is a problem with a credit card, your credit record, or other personal financial information
Calls from scammers that claim they are from your bank or credit union
Fraudulent charges on any credit card because your identity was stolen
Here are five things you can do to prevent identity theft:
First sign up for credit monitoring (there are many companies providing that service including Equifax but we cannot recommend that)
Next freeze your credit files at the three major credit bureaus Equifax, Experian and TransUnion. Remember that generally it is not possible to sign up for credit monitoring services after a freeze is in place.
Advice for how to file a freeze is available here on a state-by-state basis: http://consumersunion.org/research/security-freeze/Check your credit reports via the free annualcreditreport. com
Check your bank and credit card statements for any unauthorized activity
If you believe you may have been the victim of identity theft, here is a site where you can learn more about how to protect yourself www.idtheftcenter.org. You can also call the center’s tollfree number (888-400-5530) for advice on how to resolve identify-theft issues. All of the center’s services are free.
And as always, Think Before You Click!
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – September 6, 2017

Backup & Recovery of Computer Files
Backups are copies of your information stored somewhere other than on your computer or mobile device. When you lose valuable data, you can recover that data from your backups. Unfortunately, too many people fail to perform regular backups, even though they are simple and inexpensive. The first step is deciding what you want to back up. There are two approaches: (1) backing up specific data that is important to you; or (2) backing up everything, including your entire operating system. Many backup solutions are configured by default to use the first approach. They back up data from the most commonly used folders. In many cases, this is all you need. However, if you are not sure what to back up or want to be extra careful, back up everything.
Second, you must decide how frequently to back up. Built-in backup programs, such as Apple’s Time Machine or Microsoft Windows Backup and Restore, allow you to create an automatic, “set it and forget it” backup schedule. Common options include hourly, daily, weekly, etc. Other solutions offer “continuous protection,” in which new or altered files backup immediately each time you save a document. At a minimum, we recommend automated daily backups. 
Finally, you need to decide how you are going to back up. There are two ways to back up your data: physical media or Cloud-based storage. Each approach has advantages and disadvantages. Physical media is devices you control, such as external USB drives or Wi-Fi accessible network devices. The advantage of using your own physical media is it enables you to back up and recover large amounts of data very quickly. The disadvantage of such an approach is if you become infected with malware, such as ransomware, it is possible for the infection to spread to your backups. Also, if you have a disaster, such as fire or theft, it can result in you losing not only your computer, but the backups as well. As such, if you use external devices for backups, you should store a copy of your backup off-site in a secure location. Make sure backups you store off-site are properly labeled.
Cloud-based solutions are online services that store your files on the Internet. Typically, you install an application on your computer. The application then automatically backs up your files, either on a schedule or as you modify them. An advantage of Cloud solutions is their simplicity; backups are often automatic and you can usually access your files from anywhere. Also, since your data resides in the Cloud, home disasters, such as fire or theft, will not affect your backup.
Cloud backups can help you recover from malware infections, such as ransomware, as many Cloud solutions allow you to recover from pre-infected versions. The disadvantages are it can take a long time to back up or recover very large amounts of data. Also, privacy and security is important. Does the backup service provide strong security controls, such as encrypting your data and two-step verification?
Finally, don’t forget your mobile devices. With mobile devices, most of your data, such as email, calendar events, and contacts, is already stored in the Cloud. However, your mobile app configurations, recent photos, and system preferences may not be stored in the Cloud. By backing up your mobile device, not only do you preserve this information, but it is easier to transfer your data when you upgrade to a new device. An iPhone/iPad can back up automatically to Apple’s iCioud. Android, or other mobile devices depend on the manufacturer or servicer provider. In some cases, you may have to purchase a mobile app designed specifically for backups.
Backing up your data is only half the battle; you must be sure that you can recover it. Check periodically that your backups are working by retrieving a file and making sure it is the same as the original. Also, be sure to make a full system backup before a major upgrade (such as moving to a new computer or mobile device) or a major repair (like replacing a hard drive) and verify that it is restorable.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – August 2, 2017

Gaming Online Safely and Securely
Online gaming is a great way to have fun; however, it also comes with its own set of unique risks. What makes online gaming so fun is that you can play and communicate with others from anywhere in the world. While the vast majority of people online are out to have fun just like you, there are those who want to cause harm. Here are some steps you should take to stay secure:
Be cautious of any messages that ask you to take an action, such as clicking on a link or downloading a file. Just like email phishing attacks, bad guys will attempt to fool or trick you in online games into taking actions that can infect your computer or steal your identity.
If a message seems odd, urgent, or too good to be true, be suspicious that it may be an attack.
Many online games have their own financial markets where you can trade, barter, or even buy virtual goods. Just like in the real world, there are fraudsters who will attempt to trick you and steal your money or any virtual currency you have accumulated. Deal only with people that have established, trusted reputations.
Use a strong passphrase for any gaming accounts. If your game offers two-step verification, use it. In addition, make all of your online accounts have a different password. That way, if one game is compromised, your other accounts are safe. Can’t remember all your passwords? Consider a password manager.
Bad guys may attempt to hack into or take over the computer you are gaming on. You need to take steps to protect it:
Secure your computer by always running the latest version of the operating system and the gaming software. Old and outdated software have known vulnerabilities that attackers can exploit and use to hack into your computer.
Use anti-virus software. Ensure that it is updated and checking any files you run in real time.
Download gaming software from only trusted websites. Quite often, cyber attackers will create a fake or infected version of a game, then distribute it from their own server. Gaming add-on packs are frequently used to add new features. Attackers sometimes infect these gaming packs with malware.
In addition, if any add-on requires you to disable your anti-virus or make changes to your security settings, do not use it. Underground markets have sprung up to support cheating activity. Many cheating programs are themselves malware that will infect your computer. 
Never install or use any type of cheating software or websites. Always be just as careful playing games on your mobile devices as you would your computer. Cyber attackers are beginning to target mobile devices.
For Parents or Guardians
Children require extra protection and education when gaming online. Know what games they are playing and make sure the games are age appropriate for your child. Limit the amount of information your kids share online.; they should never share their password, age, phone number, or home address. One trick to get kids talking is to ask them to show you how their games work; have them walk you through their online world and show you what a typical game looks like.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – June 14, 2017

World Elder Abuse Awareness Day, June 15: Protect Yourself From Scans
There are many scams out there than can ensnare even savvy consumers. Many are designed specifically to target seniors. Scammers are professional liars and can be very convincing. They may contact you through the mail, email, social media, on-line dating sites, on the phone, or even in public. This guide will help you learn to recognize common warning signs of scams and simple steps that you can take to protect yourself.
Is It A Scam?
1. Is the sales person using high pressure sales tactics? Scams often say things like, “Act Now!”; “Time is running out!”; “This is a onetime offer!”
2. Are you being asked to pay upfront fees? Lottery and sweepstakes scams often employ this tactic. If you really won something the fees can be taken out of your winnings.
3. Are you being told that you won a contest that you didn’t enter? Lottery and sweepstakes scams almost always start this way. You can’t win a contest that you didn’t enter.
4. Have you been scammed in the past? Often scam victims have their personal contact information sold to other con artists. You may get unsolicited calls from people promising to get your money back or provide other remedies or offers. These ‘offers’ can be scams too. Beware!
5. Did you receive unsolicited mail, emails, or phone calls for services that you were not seeking? Research the companies that you want to employ. Many scams begin with someone knocking on your door offering services, or sending out promotional materials. This often happens in the case of home repair scams.
6. Are you being contacted by the police over the phone? Verify that they are who they say they are. Some scams begin with a person pretending to be a police officer who tells you that they are concerned that you have been a victim of a crime. They then proceed to solicit your personal information. In truth, the police will contact you in person if they have questions for you or believe that you have been a victim of a crime.
How To Protect Yourself
1. Sign up for the Do Not Call Registry at www.donotcall.gov.
2. When no longer needed, shred junk mail, old bills, bank statements and any other documents that have personal identifying information.
3. Don’t give out personal information over the phone unless you originated the call and you know with whom you are talking. Particularly safeguard your social security number.
4. It is ok to be rude. If a sales person calls you or comes to your door who does not seem to be taking no for an answer, it is ok to terminate the conversation. Hang up the phone or close the door. You don’t have to let yourself be pressured into anything.
5. Never sign something that you don’t understand. Have a trusted and unbiased professional assist you when enter contracts or signing legal documents.
6. If you hire someone for personal assistance services, in home care services, etc. ensure that they have been properly screened with criminal background checks completed.
7. Learn about scams and stay informed.
– Sign up for AARP’s Fraud Watch: http://action.aarp.org/site/SPageNavigator/FWN Registration Page.html
– Check out AARP’s interactive national fraud map: http://action.aarp.org/site/PageNavigator/FraudMap.html
– Consumer Financial Protection Bureau offers information and tools for older Americans:
www.consumerfinance.gov/older-americans
– The Financial Fraud Enforcement Task Force offers resources and reports to help protect yourself against common types of frauds and scams: www.stopfraud.gov/protect.html
– Stay alert to common frauds and scams by checking consumer protection sites such as www.Fraud.org
– External Web Site Policy and FBI Common Fraud Schemes: www.fbi.gov/scams-and-safety/common-fraud-schemes
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – June 7, 2017

Lessons From WannaCry
Recently, you most likely watched widespread news coverage of a new cyber attack called WannaCry. It infected over 200,000 computers worldwide and locked numerous organizations out of their data, including hospitals in the United Kingdom. There are several reasons this attack gained so much attention. First, it spread rapidly from computer to computer by attacking a known weakness in Windows computers. Second, the attack was a type of malware called Ransomware, which meant that once it infected your computer it encrypted all your files, locking you out of your data. The only way you could recover your data was from backups or by paying the attacker a $300 ransom to decrypt all of your data. The third and most important reason this attack gained so much attention was because it never should have happened. The weakness was well known by Microsoft, which had released a fix months earlier. But many organizations failed to install the fix, or were still using operating systems that are no longer supported by Microsoft. Here are three simple steps you can take to make sure attacks like WannaCry never infect your computers:
Patching- First and foremost, make sure your computers, mobile devices, apps, and anything else connected to the Internet are up-to-date. Cyber criminals are constantly looking for new vulnerabilities in the software your devices use. They use special programs to exploit and hack into the devices you are using. Meanwhile, the companies that created the software are hard at work fixing these vulnerabilities by releasing updates. By dutifully installing these updates on your computers and mobile devices, you make it much harder for someone to hack you. That’s what was so frustrating about the spread of WannaCry: the updates to fix and stop the attack had been released almost two months earlier by Microsoft. Had organizations kept their computers up-to-date, the attack would never have worked. To ensure that your devices stay current, enable automatic updating whenever possible to almost any technology connected to a network. This includes Internet-connected TVs, home routers, and gaming consoles (and someday perhaps even your car).
Backups- In some cases, cyber attacks like Ransomware may even infect up-to-date systems. A second way to protect yourself is to back up your data. Backups are copies of your information stored somewhere other than on your computer or mobile device. When you lose valuable data, you can recover that data from your backups. Unfortunately, too many people fail to perform regular backups. There are two ways to back up your data: physical media or cloud-based storage. Each approach has advantages and disadvantages. Physical media is devices you control, such as external USB drives or network-connected drives located in your home or office. These enable you to backup and recover large amounts of data very fast. The disadvantage is that if you become infected with malware, such as Ransomware, it is possible for the infection to spread to your backups. If you are using physical media for backups, you should store copies of your backups off site in a secure location. Cloud-based solutions are online services that back up and store your files on the Internet. Typically, you install an application on your computer. The advantage of cloud-based solutions is their simplicity and infection cannot access cloud-based backups. The disadvantage is that it can take a long time to back up or recover very large amounts of data.
Phishing- Cyber criminals often use another attack method called phishing. Phishing is when cyber criminals send you an email that tries to trick you into opening an infected attachment or visiting a malicious website. If you do either, your computer may become infected. While WannaCry did not involve phishing, this attack method is commonly used for many other types of attacks, including most types of Ransomware. In addition, the cyber criminals who developed WannaCry will undoubtedly update their attack methods in the coming months and use new techniques, such as phishing, to infect even more computers. The key to protecting yourself against such email-based attacks is common sense. If an email or message seems odd, suspicious, or too good to be true, it is most likely an attack.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Loading

Community Calendar

  • LPC Residential Garbage Pick Up

    Friday, October 20 2017

  • Seniors in Motion, LPC Community Center

    Friday, October 20 2017 @ 8:30 AM - 9:30 AM
    LPC Community Center

  • UHS FR/V Football at Cascade

    Friday, October 20 2017 @ 5:00 PM - 6:00 PM
    Cascade

Brandy’s Birthday Wish

2018 Honor Flight Calendar

2018 Honor Flight Calendar

Member Login

Forgot Password?
Join Us

Shopping Cart

Your cart is empty
Visit The Shop
error:
X

Forgot Password?

Join Us

Password Reset
Please enter your e-mail address. You will receive a new password via e-mail.