Many cyber criminals, also referred to as fraudsters, don't want to steal your identity in the traditional sense. They don't want to get a credit card or a mortgage or a checking account in your name and live their life off of your good credit history. They simply want to take your money and move on to the next victim. While most companies that do business on the Internet, including Financial Institutions, are very diligent in providing online protection for their customers, the first line of defense is knowledge about what you, the end-user, can do to protect yourself.
First Sound Bank offers several security and fraud prevention services:
First Sound Bank recommends that you change your Sound Internet Banking password frequently; it is a good practice to change all your passwords at least every six months. To make your list of passwords more manageable, consider using a general-purpose password for websites that do not contain personal or financial information, and creating a unique, secure password for each website that does, such as online banking. Make your password as long and complex as possible; make it easy to remember, but hard to guess. It's best to create passwords that combine letters, numbers and symbols.
- Email Alerts
- Trusted IP Addresses
- Time Restrict
- User Held Status
- Email Address Notifications
Consumer Security and Fraud Prevention Tips
The upward trend of more and more customers using online channels for banking and financial services has expanded the opportunities for criminals and cyber-crime. Cyber criminals using malware (malicious code), keystroke loggers and/or Trojan viruses have the ability to capture customer information such as login credentials and challenge questions/answers. Criminals take advantage of end-users signing on to unsecured networks, not having up to date virus protection and security patches, visiting compromised web sites and/or opening attachments with embedded malware or Trojan software. Recent research conducted by the computer security experts at Symantec and Trend Micro found the following:
- Companies with less than 250 employees were the focus of 31% of all cyber attacks last year versus 18% in 2011.
- 1 in every 291 emails contains a virus.
- Approximately 56% of online scams originate through social media and involve some kind of fake survey and or the promise of a free gift card.
- 1 in every 414 emails is a phishing attempt.
- Malware focused on stealing online banking credentials reached 200k in 3rd quarter of 2013, the highest level in 11 years.
- The top 3 countries reporting new malware infections were US (23%), Brazil (16%), and Japan (12%).
The two most prevalent types of fraud, "Phishing" and "Key logging", occur from viruses on your computer. Phishing involves email messages that appear to be valid and originate from a financial institution, government agency or other reputable entity. They usually state an urgent reason why you must "verify" or "re-submit" personal or confidential information by clicking on a link embedded in the message - the link appears to be the website of the legitimate company but really belongs to the "phisher". Key logging is a method by which fraudsters record your actual keystrokes and mouse clicks. Key loggers are "Trojan" software programs that target your computer's operating system (Windows, Mac OS, etc.) and are "installed" via a virus. In both cases, the end result is the fraudster capturing your login credentials. There is no security system available that will stop fraud if the perpetrator has this information, so it is imperative to take the necessary steps to prevent him/her from getting the information in the first place. The best protection from these attacks is to never click on a link in, or even open, an email from a sender you don't recognize. If you question the legitimacy of any email, open a new Internet session and manually key in the business' web address (don't cut and paste links) or contact the sender to verify its authenticity. Never respond to "phishing" email messages. Do not provide your social security number, birth date or mother's maiden name in an email or within a Web site. When an email asks for this kind of information, this is a sure sign that the sender is up to no good. Legitimate financial companies never email their customers with such requests. Visit www.antiphishing.org for more information on internet scams and fraud.
- Every computer should use these three basic protections: a Firewall, Anti-Virus Software, and Anti-Spyware Software. Once installed, make sure they are properly configured and use the maximum security settings. Equally important is keeping the software up-to-date. New threats are discovered every day, and keeping your software updated is one of the easier ways to protect yourself from an attack. In most cases, you can set the software to retrieve the updates automatically. Additionally, run full virus and malware scans on at least a weekly basis.
- Also keep your web browsers and operating systems up-to-date. Most software developers release updates of their software on a regular basis that provide fixes to known problems, improve performance, and provide new functionality. Both should be updated regularly and can usually be scheduled to run automatically.
- Implement a Patch Management program. Ensure that critical security patches are applied to all systems within 7-10 days of release. The program should also address patches for 3rd party applications such as Adobe Acrobat Reader and Flash, Backup Exec, and Symantec Anti-virus.
- If you download anything from the internet, such as music or movies, make sure you do so only from trusted sites - downloads can be infected with spyware attached to the file.Learn what to do if something goes wrong. Unfortunately, there is no particular way to identify that your computer has been infected with malicious code. Some infections may completely destroy files and shut down your computer, while others may only subtly affect your computer's normal operations. If your computer is experiencing problems (unusually slow, unwanted pop up ads, being redirected to websites you didn't request, or is running programs you didn't open or authorize), your computer may be infected. If your computer gets hacked or infected by a virus:
- immediately unplug the phone or internet cable line from your computer
- scan your entire computer with fully updated anti-virus and anti-spyware software, and update your firewall
- check your online accounts for fraudulent activity and change your passwords
- take steps to minimize the chances of another incident - visit www.OnGuardOnline.gov and www.staysafeonline.org to learn more about ways to secure your computer
- If criminals know your password, they can use it to steal from you or pose as you in online transactions. If you are like most other users and have the same ID and PIN/Password for many different online accounts, you've essentially granted the fraudster access to any company with whom you conduct business. Use more than one password - not every website warrants the same level of protection as your online banking website. To make your list of passwords more manageable, consider using a general-purpose password for websites that do not contain personal or financial information, and creating a unique, secure password for each website that does, such as online banking. When creating passwords and PINs (personal identification numbers), do not use the last four digits of your Social Security number, mother's maiden name, your birth date, middle name, pet's name, consecutive numbers or anything else that could easily be discovered by thieves. It's best to create passwords that combine letters, numbers and symbols. Make your password as long and complex as possible; make it easy to remember, but hard to guess. Change your passwords often. It is a good practice to change your passwords at least every six months. An easy way to remember: change them when you change your clocks to adjust for Daylight Savings Time. Additionally, do not store your ID and Password information where others could gain access to it; and don't use an automatic log-in.
A Few More Things To Keep In Mind
"What if I Already Clicked On A Questionable Email Link?"
- Look for signs of security when shopping online: a padlock symbol in the status bar; an "s" after "http" in the URL; the words Secure Socket Layer ("SSL").
- Turn off the PC when you're done shopping or accessing the internet; leaving your computer on opens the door for criminals who, once they've infected your PC, can use it to commit cyber crime.
- Use trustworthy computers. Shared public computers like those in internet cafes and public libraries could be connected to keystroke loggers or infected with password-stealing viruses. Don't use them to access online banking or other websites containing your confidential information.
- If accessing information via a wireless network, ensure that the network is secure. Accessing sensitive information (or any website) over a non-secure network simply leaves the door open for criminals. Even if you aren't visiting a site where you enter an ID and password, you are still leaving your computer exposed to possible threats.
- Don't send your personal information via email because email is not a secure transmission method. If you must email confidential information, encrypt and password-protect the files first.
- Before disposing of your computer, remove data by using a strong "wipe" utility program. Do not rely on the "delete" function to remove files containing sensitive information.
While nothing is foolproof, and new viruses and scams are being developed every day, following these guidelines as well as having a general awareness of the threats that are out there enables you to use the internet with more peace of mind and less risk of being a victim of fraud.
- Immediately run a virus, spyware and malware scan on the PC
- If applicable, contact your IT Department or Consultant
- Check your online accounts for fraudulent activity and change your passwords
For more information on these security features or if you suspect fraudulent activity has occurred through your Sound Internet Banking profile, please contact us at 206-515-2004 or firstname.lastname@example.org.
USA Patriot Act
Internet Fraud Prevention
925 Fourth Avenue Suite 2350, Seattle, WA 98104
© 2014 First Sound Bank. All rights reserved.