Sometimes you have to think like a crook in order to fight off a crook. For instance, what runs through the mind of a cyber thief seeking an unsuspecting victim?
- I’m looking for someone who uses the same password for several online accounts. That includes bank accounts and credit card accounts.
- How do I figure out what that password is? Hmmm, I’ll look for clues that they put out there on social media like Facebook and Twitter. Personal information like the name of their pet or one of their children. Look, they have a dog name Fido. Then let’s try Fido123 as their password. Voila! It works!
- Now, let’s see if their home Wi-Fi is password protected. If I can get into their network without a password, I can then check if their computer has anti-virus software.
- OK, I have access to their bank account. But I’m not going to clean it out right away. I’ll make a small purchase here and there to see if they’re checking their account regularly. And if they’re not, I’m going to go for the big score!
If any of this strikes close to home, then it’s time to strengthen your cyber defenses. You can do that by following these tips by cyber security experts:
- Use a different password for each online account you have, and change it frequently. Each password should include a combination of letters, numbers, and symbols.
- Don’t share passwords with others, even if it’s a friend or a family member.
- Avoid using personal information when selecting passwords or answers to security questions, especially if this information can be easily found by others online, such as on your Facebook page.
- Don’t save passwords on your computer, tablet or smart phone. Instead, put pen to paper and write them down on a note pad or in a journal. There is also password management software designed specifically to keep track of your passwords.
- Password-protect your desktop computer, laptop, tablet and mobile phone, as well as your Wi-Fi service at home.
- Monitor your bank account online at least once a week. Do the same for credit card and debit card activity, especially if you use your cards on a regular basis.
- If you discover suspicious or unauthorized charges in one or more of your accounts, contact the affected financial institutions immediately. Note that a popular tactic of cyber thieves is to “sneak” small transactions by victims to see if they’re paying attention to their account activity. If they see those transactions going undetected, they’ll swoop in to make major purchases that could have a significant financial impact.
- Install anti-virus software on your computer and keep it up to date. This is especially important if you do a lot of transactions online, such as buying items or services. And avoid making purchases on sites you’re unfamiliar with.
- Log off or turn off your computer when you’re not using it. And close your browser and sensitive apps before going offline.
- Don’t open e-mails or attachments from suspicious or unknown sources. These are typical approaches used by cyber crooks to gain access to information on your computer or take control of it. The same goes for links that are in e-mails. Unless you know for sure where those links are going to take you, don’t click on them.
- Never access your financial institution’s website for online banking or to make credit card payments from a public computer at a hotel, library, coffee house or other public wireless access point.
No matter if you’re on your smart phone, computer or tablet, always be alert and on guard against cyber criminals.
Your mobile device provides convenient access to your email, bank and social media accounts. Unfortunately, it can potentially provide the same convenient access for criminals. Here are some tips you can follow to keep your information – and your money – safe.
- Use the pass-code lock on your smartphone and other devices. This will make it more difficult for thieves to access your information if your device is lost or stolen.
- Log out completely when you finish a mobile banking session.
- Protect your phone from viruses and malicious software, or malware, just like you do for your computer by installing mobile security software.
- Use caution when downloading apps. Apps can contain malicious software, worms, and viruses. Beware of apps that ask for unnecessary “permissions.”
- Download the updates for your phone and mobile apps.
- Avoid storing sensitive information like passwords or a social security number on your mobile device.
- Tell your financial institution immediately if you change your phone number or lose your mobile device.
- Be aware of shoulder surfers. The most basic form of information theft is observation. Be aware of your surroundings especially when you’re punching in sensitive information.
- Wipe your mobile device before you donate, sell or trade it using specialized software or using the manufacturer’s recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen.
- Beware of mobile phishing. Avoid opening links and attachments in emails and texts, especially from senders you don’t know. And be wary of ads (not from your security provider) claiming that your device is infected.
- Watch out for public Wi-Fi. Public connections aren’t very secure, so don’t perform banking transactions on a public network. If you need to access your account, try disabling the Wi-Fi and switching to your mobile network.
For more information and tips on cyber-security, check out Bank5 Connect’s Security Center.
Many of us are familiar with phishing attacks, which use ‘spoofed’ e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, Social Security numbers, etc., however people continue to fall victim to the attack. Phishing has become more sophisticated and are hijacking the trusted brands of well-known banks, online retailers and credit card companies, phishers are able to convince recipients to respond to them.
The email can look just like it comes from a financial institution, e-commerce site, government agency or any other service or business. It often urges you to act quickly because your account has been compromised in some way.
If you are unsure whether an email request is legitimate, don’t reply, and don’t click on links or call phone numbers provided in the message.
Try to verify the email’s legitimacy with these steps:
- Contact the company directly.
- Contact the company using information provided on an account statement or back of a credit card.
- Search for the company online – but not with information provided in the email.
Delete email and text messages that ask you to confirm or provide personal information (credit card and bank account numbers, Social Security numbers, passwords, etc.). Companies don’t ask for this information via email or text. Phishing and other online scams aren’t just limited to emails. They’re also prevalent on social networking sites. Be sure to remove suspicious online ads, status updates, tweets and other posts.
What to Do if You Think You are a Victim?
- Contact your bank immediately and close the account, if you believe your account may be compromised. Watch for any unauthorized charges to your account. Consider reporting the attack to your local police department, and file a report with the Federal Trade Commission or the FBI’s Internet Crime Complaint Center.
- Forward phishing emails to email@example.comAs a courtesy, you will be leaving Blog.Bank5Connect.com and going to another website. We have approved this site as a reliable partner, but you will no longer be under the security policy of Bank5Connect.com. Come back soon!– and to the company, bank, or organization impersonated in the email. You also may report phishing email to firstname.lastname@example.orgAs a courtesy, you will be leaving Blog.Bank5Connect.com and going to another website. We have approved this site as a reliable partner, but you will no longer be under the security policy of Bank5Connect.com. Come back soon!. The Anti-Phishing Working Group, a group of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.
Ransomware is the latest form of malware used by cyber criminals to freeze your computer or mobile device, steal your data and demand that a “ransom” — typically anywhere from a couple of hundreds to thousands of dollars — be paid. Below is a breakdown of a ransomware attack and how to identify and prevent one from happening.
Card-cracking is a national problem, with incidents reported in several states including Georgia, Ohio, Washington, and most notably, Illinois. In Chicago alone, a group of 29 are facing charges for stealing about $6.5 million through this scheme. Many of the “victims” do not understand they are facilitating a crime in which they could receive up to 30 years in prison for their participation.
In card-cracking scams, young adults (primarily students, newly-enlisted military, or single parents) are recruited to facilitate fraud against the bank. The perpetrators typically target people via social media and convince them to share their checking account information in exchange for some type of a kickback – usually in the form of a counterfeit check remotely deposited into their account of which, the person is allowed to keep a portion of the funds. However, the fraudster often removes all of the funds before the bank determines that the check is counterfeit. Fraudsters may also convince the person to provide them with their debit card, along with their PIN. The person is instructed to report the card as lost or stolen, thereby receiving protection via Reg E, while the fraudster withdraws the funds.
Avoid falling for a card-cracking scam with these simple steps:
- Do not respond to online solicitations for “easy money.”Card cracking advertisements will suggest that this is a quick, safe way to earn extra cash. Keep in mind that easy money is rarely legal money.
- Never share your account and PIN number.Keep this information private at all times. By sharing it with others, you expose yourself to potential fraud.
- Do not file false fraud claims with your bank. By filing a false claim, you are a co-conspirator to fraud. Banks’ detection techniques for card cracking are constantly improving and suspicious claims will be investigated.
- Report suspicious posts linked with scams.If you notice postings that appear to be linked with a possible scam, report them to the social media site. There is usually a drop down menu near the post to allow for easy reporting.
In addition to being charged as an accomplice to a crime, they are also at risk of having their own money stolen from their accounts and having unauthorized purchases made with their debit cards. Because they consented to provide scammers access to their bank accounts, it is difficult for them to prove that any withdrawals or purchases made were unauthorized. If it sounds too good to be true, than it often isn’t true.
*Source: http://www.aba.com/tools/function/cyber/pages/card-cracking.aspxAs a courtesy, you will be leaving Blog.Bank5Connect.com and going to another website. We have approved this site as a reliable partner, but you will no longer be under the security policy of Bank5Connect.com. Come back soon!
October is National Cyber Security Awareness Month! Learning how to identify online fraud and understanding how fraudulent activity happens, helps with prevention. Here are some past blog posts with information on identity theft and prevention.