Category: Cyber-Security

Staying Safe Online – March 4, 2020

Social media privacy
Most people would never consider walking into a crowded room and loudly broadcasting to total strangers all the details of their private life – from their health issues to their family and friends’ names, ages, jobs, or school locations. But often these same individuals won’t think twice about posting that same information on social media. The ramifications of sharing too much can have an impact not only on your personal and professional life but also the lives of your family and friends.
Social media is a great place to reconnect, share, and learn. However, just ensuring that your social media privacy settings are strong isn’t the only way to protect yourself. Once you post anything online, you have lost control of it. You need to understand what is being collected and how it is being used. Here are some privacy concerns you should have when using social media:
Privacy Settings: Carefully create and frequently review privacy settings for all of your social media accounts, especially when changes in terms of service and privacy policies take place. Remember that even if you have secured your settings for who can view your postings, all of your information is being collected, mined, and stored on the social media platform servers – perhaps forever.
Privacy Tree: Social media settings can’t protect you from friends, relatives, and co-workers who view your postings and then have the ability to share those postings with their circle of friends and so on.
Family Sharing: Everyone loves to talk about their friends and family. But posting silly birthday cake pictures or health and behavior problems can lead to bullying, especially for those who are younger, and could impact their personal lives.
Information Sharing: If a service is “free,” then you are the product. Investigations have found that what you are doing online may be sold to others.
Location Services: Check-in data can be added to other personal data to create a profile of your life and habits, which can lead to stalking and open you to other harassing events. In addition, be aware of any location information included in any pictures or videos you post.
Artificial Intelligence: AI, social media, and marketing are the perfect combination. Marketers now use information gathered from your habits online to feed you ads focused on your last search or purchase, and thereby continue to learn even more about you.
Digital Death: When a person dies, their online presence becomes more vulnerable to malicious individuals if their accounts aren’t being maintained or eliminated by their survivors. The privacy of an individual is not just about that person alone; it also can impact extended family and friends.
Unintentional Disclosure: The information you post about yourself may reveal much of your personal history, and thus the answers to your online secret security questions.
Privacy is far more than just setting the privacy options in your social media accounts. The more information you share, and the more others share about you, the more information that is collected and used by corporations, governments, and others. One of the best ways to protect yourself is to consider and limit what you share and what others share about you, regardless of the privacy options you use.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – February 5, 2020

Digital Inheritance
Have you ever thought about the uncomfortable question, “What happens to our digital presence when we die or become incapacitated?” Many of us have or know we should have a will and checklists of what loved ones need to know in the event of our passing. But what about all of our digital data and online accounts? Should we consider some type of digital will? Should we create a “digital inheritance” plan?
Think about your digital presence. Bank and retirement accounts, home mortgages, family photos and videos, smart home accounts, email, and social media are just some of the many examples that make up our digital footprint. In the event of your death or the death of a close family member, family and loved ones may need prompt access to those accounts or data. In addition, legacy data and online accounts left behind could become vulnerable over time to hackers, thus placing family and friends at risk.
Creating a Plan. It is a good idea to discuss your desires with your trusted family or friends, like other end-of-life details. In addition to having these conversations, take inventory and document your digital assets and online accounts. If you do not provide access to your accounts after you die, it can be very difficult for family members to access or close them. For example, would you want your family members to be locked out of all those years of family photos and videos you have stored online?
One idea is to document your online presences in a password manager. This is a program that securely stores all your logins and passwords, credit cards, and other sensitive information. It’s designed to make creating, storing, and accessing passwords and security questions vastly simpler. In many ways, this is a powerful tool to catalog your digital presence. With many password managers you can even configure them to share all or certain passwords with other trusted family members. If you are uncomfortable with that, document access to your password manager and seal that in an envelope; then have that sealed envelope opened after your passing by an executor or trusted family member. This way, they will have access to your password manager and be able to access your accounts and information stored in there.
In addition, some sites provide the option to identify legacy or trusted contacts. Facebook, for example, allows participants to determine in advance if they would like their account deleted or memorialized after passing. Memorializing creates a space that’s only visible to existing friends, where memories can be shared. Finally, you may want to consider dealing with a lawyer or estate planner who specializes in digital inheritance.
Inheriting Digital Assets. You may find yourself in the situation where you have to recover or access the online accounts of a recently deceased friend or family member. We recommend you first coordinate with a lawyer and other family members before taking action. Other family members could quickly become upset if they see you taking action without consulting them first. Then start with identifying any passwords you can find. Did the family member write them down or store them anywhere? If that is not an option, can you access any computers or mobile devices they used and are still logged into? If not, you most likely will have to reach out to each site for access to the deceased member’s account. This often includes having to provide both a death certificate and proof you are directly related to the family member. In some cases, you will not be able to access the account or data stored in the account but only delete it. Every site handles these situations differently, which can be a time-consuming process.
In today’s digital world, we should not only consider physical assets but also digital assets in our future estate planning.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – January 1, 2020

Messaging/smishing attacks
One of the most common ways cyber attackers attempt to trick or fool people is by scamming you in email attacks (often called phishing) or try to trick you with phone calls. However, as technology continues to advance bad guys are always trying new methods, to include tricking you with messaging technologies such as text messaging, iMessage/Facetime, WhatsApp, Slack or Skype. Here are some simple steps to protect yourself and spot/stop these common attacks.
What are messaging attacks? Messaging attacks (sometimes called Smishing, a play on the word Phishing) are when cyber attackers use SMS, texting or messaging technologies to reach out to you and try to trick you into taking an action you should not take. Perhaps they want to fool you into clicking on a malicious link, or get you to call a phone number so they can get your banking information.
Just like in traditional phishing email attacks, bad guys often play on your emotions to act. However, what makes messaging attacks so dangerous is that they often feel far more informal or personal than email, making it more likely you may fall victim.
In addition, with messaging attacks there is less information and fewer clues for you to pick up on that something is wrong or suspicious. When you receive a message that seems odd or suspicious, start by asking yourself does this message make sense, why am I receiving it? Here are some of the most common clues of an attack:
A tremendous sense of urgency, when someone is attempting to rush you into taking an action.
Is this message asking for personal information, passwords or other sensitive information they should not have access to?
Does the message sound too good to be true? No, you did not win the lottery, especially one you never entered.
A message that appears to come from a co-worker or friend’s account or phone number, but the wording does not sound like them. Their account may have been compromised and taken over by an attacker, or the attacker is pretending to be them, tricking you into taking action.
If you get a message that makes you have a strong reaction, wait a moment and give yourself a chance to calm yourself and think it through before you respond. For example, if you get a text message from your bank saying there is a problem with your bank account or credit card, contact your bank or credit card company directly by phone. Bear in mind that most government agencies, such as tax or law enforcement agencies, won’t contact you via text message.
When it comes to messaging attacks, you are your own best defense.

Staying Safe Online – December 4, 2019

‘Tis the season for ‘open enrollment’ scams
Winter is coming, which means open enrollment season is here. With 2020 just around the corner, now’s the time to add or change your health coverage through Medicare or the Affordable Care Act (ACA). You have until December 7 (Medicare) or December 15 (ACA) to make any changes. As you compare your options, watch out for scams. Here are some tips to protect your wallet and your personal information this open enrollment season.
Eligible for Medicare?
• Anyone who tries to sell you Medicare insurance while claiming to be an “official Medicare agent” is a scammer. There are no Medicare sales representatives.
• Ignore anyone who says you must join a prescription drug plan to keep your Medicare coverage. The Medicare prescription drug plan (also known as Part D) is voluntary and has nothing to do with the rest of your Medicare coverage.
• Never give information over the phone to someone who says they need it so you can keep your coverage. Hang up on anyone who asks for a quick payment, threatens you, or offers you free equipment or services in exchange for your information.
• If you need help with Medicare, call 1-800-MEDICARE or go to www.Medicare.gov/
Looking for coverage under the Affordable Care Act?
• Get information, compare plans, and enroll at www.healthcare.gov. Check out the new Quality Ratings www.healthcare.gov/quality-ratings/ to see how plans compare to others in your state, based on member experience, medical care, and health plan administration.
• Starting this year, you can also sign up for a plan directly through several certified partners www.healthcare.gov/direct-enrollment/. Make sure the company is on the approved list before giving them your information.
Need help? Call the Marketplace Call Center at 1-800-318-2596 to ask a question, start or finish an application, compare plans, or enroll. If you spot a scam, report it to the FTC at ftc.gov/complaint. If the scam is Medicare related, report it at 1-800-MEDICARE. The more we hear from you, the more we can help fight scams.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Staying Safe Online – November 6, 2019

When will scammers stop?
“Hello this is Microsoft, we got an alert that your computer is at risk of attack and needs to be updated …” Most of us would have just hung up by now. What if they said they were the IRS, or even distant relatives? What if they know your name or your family’s name?
Scammers are very resourceful and creative. They will do their best to convince you to part with your data or funds until the end of time. It’s in our best interest to stay informed about the current popular scams going around. They may come in the form of an email or phone call asking you to do something, send something, say something, etc. While most of these requests appear legitimate on the surface, it’s important to make sure. Is this how you would normally expect to receive this request? Some of these requests, such as those for technical support, would be made by you rather than someone else.
Microsoft is not calling people offering to install updates for free. The IRS will always make initial contact with you via postal mail, never demanding payment of a tax bill over the phone or via email. Recent examples include:
Scammers use dating sites to build trust and ask for money (https://www.consumer.ftc.gov/articles/what-you-need-know-about romancescams)
Scammers pose as Microsoft technical support, tricking victims into giving them access (https://www.microsoft.com/en-us/wdsi/threats/support-scams)
Scammers target the elderly (https://www.justice.gov/elderjustice/senior-scam-alert)
What can you do?
Determine another method of contact (e.g., cell phone number or alternate email address) that is publicly available.
Check your computer and mobile devices regularly for malware.
Check for suspicious charges to your credit card. Question charges that do not correspond to products or services you purchased.
Don’t trust caller ID or email addresses. These can be spoofed, so it’s important to have another way to verify someone communicating with you. Callbacks are appropriate if you have a number for contacting them that was not provided to you from the scammer.
Be aware of scams that target the elderly, and make sure to check in with older friends and family.
PRO-TIP: If you weren’t expecting to receive an email or phone call, don’t answer it! Never trust the identity of somebody contacting you when you weren’t expecting them. Always turn to another source of verification by contacting someone through their published phone number or mailing address, and remember, caller ID and email addresses can be spoofed and are NOT a method of verification.
A Public Service Announcement Courtesy of Cedar Valley Bank & Trust

Loading
X

Forgot Password?

Join Us