Despite consumers’ varying perceptions of cybersecurity risk, anyone can be the target of hackers looking to steal money, information or an identity. But there is good news: Even the least computer-savvy people can take steps to protect themselves.
Your financial institution should empower consumers with information through cybersecurity awareness campaigns, an important step in the fight against cybercrime. Providing education and promoting good cyber hygiene will mitigate cybersecurity risk for consumers and your institution while increasing the potential for new business through knowledge sharing.
As your institution plans cybersecurity awareness initiatives, consider including the following cybersecurity best practices to enhance protections for your customers or members.
Many websites offer free alerting to let users know when something happens on an account. Encourage your customers or members to take advantage of these alerts to monitor for potential fraud. Many financial institutions and credit card companies also offer alerts on purchases of a certain size or purchases made without the card present. Encourage customers and members to utilize this feature to quickly know if a card number has fallen into the wrong hands and minimize the damage.
Unfortunately, a username and password does not always provide adequate protection against hacking. It is not uncommon for these credentials to make their way to the dark web and into the hands of cybercriminals. To increase protections, many websites that hold important information offer the option for MFA. Instead of logging in with only a username and password, a user must provide a third piece of information to access their account.
Typically, the third piece of information comes in the form of a code sent via text or phone call to a specified number. There are also authenticator applications that serve the same purpose. While MFA may not be needed for every account, it is highly recommended for email accounts, online banking, healthcare accounts and anything that holds sensitive information.
April is National Financial Capability Month, and the FDIC offers several resources to help educate and protect consumers. The FDIC’s Money Smart financial education program can help people of all ages enhance their financial skills and create positive banking relationships.
This suite of 14 self-paced online games is the newest addition to the FDIC’s Money Smart product family and now available in English and Spanish for anyone to access. It covers topics such as: your income and expenses, borrowing basics, building your financial future, and protecting your identity and other assets.
The following are just a few of the tools available from How Money Smart Are You?:
“As the Russian Government explores options for potential cyberattacks against the United States, the Department of Homeland Security continues to work closely with our partners across every level of government, in the private sector, and with local communities to protect our country’s networks and critical infrastructure from malicious cyber activity. Organizations of every size and across every sector should continue enhancing their cybersecurity defenses. Organizations can visit CISA.gov/Shields-Up for best practices on how to protect their networks, and they should report anomalous cyber activity and/or cyber incidents to report@cisa.gov or (888) 282-0870, or to an FBI field office. DHS will continue to share timely and actionable information and intelligence to ensure our partners and the public have the tools they need to keep our communities safe and secure, and increase nationwide cybersecurity preparedness.”
You’ve heard it before, but we’ll say it again. It’s important to have strong passwords and change them regularly to help keep your accounts safe. Here are the basics: Don’t use personal information. This includes names of people in your family, your address, or birthdays, since this information can be publicly available to hackers. Don’t use real words. Password cracking tools can process every word in the dictionary until a match is found. Instead use uppercase and lowercase letters combined with special characters such as “&” or “#” Create longer passwords. The longer it is, the better. Try for at least 10 characters. Don’t use the same password for multiple websites. If one website has a data breach and you’ve used that password elsewhere, it’s easier for hackers to steal more information. Change your passwords. Get in the habit of changing them twice a year.
– Michael N. Cripps
President & C.E.O.
WASHINGTON—Today, five federal agencies joined forces to remind the public about the ongoing dangers of romance scams. The Commodity Futures Trading Commission, the Consumer Financial Protection Bureau (CFPB), the Department of Homeland Security’s U.S. Immigration and Customs Enforcement (ICE), the U.S. Postal Inspection Service, and the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) have launched Dating or Defrauding?, a national awareness effort to alert the public to romance scams that target victims largely through dating apps or social media. The campaign is supported by USAGov/Outreach, a division of the U.S. General Services Administration’s Technology Transformation Services.
Romance scams are not new, but with the proliferation of online dating apps, social media, and even messaging apps, new types of scams are emerging that target new audiences and have drained victims of millions of dollars. According to the Federal Trade Commission (FTC), 2020 was a record year for romance scams. Consumer reports to the FTC indicate that the number of romance scam complaints continued to increase through 2021. A year-over-year comparison through the third quarter showed a 48 percent increase in reported romance frauds.
The joint federal agencies’ initiative shows the public how to recognize the scams before they give any money or assets and provides steps to take if they are victimized. Over the coming weeks, the interagency Dating or Defrauding? awareness campaign will reach the public via social media, local and national media outreach, and public-private partnerships to encourage them to be vigilant when making online love connections.
This effort is spearheaded through the following federal agency offices: CFTC’s Office of Customer Education and Outreach, CFPB’s Office for Older Americans, DHS/ICE’s Homeland Security Investigations, the U.S. Postal Inspection Service, and Treasury’s FinCEN.
…it is a SCAM!
DO NOT GIVE SCAMMERS MONEY OR PERSONAL INFORMATION – IGNORE THEM!
Protect yourself and others from Social Security-related scams
|
Michael Cripps,
President and CEO
Over 300,000 Android users have downloaded banking malware apps
Cybersecurity researchers report that password-stealing banking trojans were disguised as QR code readers, fitness monitors, cryptocurrency apps and more.
Here is the article : Over 300,000 Android users have downloaded these banking trojan malware apps, say security researchers | ZDNet
This article lists the apps that are on google play that should not be downloaded or installed : ‘Banking’ Trojan Malware Hits Over 300,000 Android Users | List of Apps to Avoid on Google Play App Store | Tech Times
I just wanted to share some information to help better protect you and your family as the holidays approach.
Researchers at Tessian (an email security company) caution that people should be wary of scams as Black Friday approaches. The researchers found that 30% of people in the US reported receiving a phishing message around Black Friday in 2020.
“Nearly a third of U.S. consumers (30%) said they received a phishing email around Black Friday last year, either by email or SMS to their personal email or cell,” the researchers write. “The thing is that consumers expect to receive more marketing and advertising emails from retailers during this time, touting their deals, along with updates about their orders and notifications about deliveries.
Inboxes are noisier-than-usual and this makes it easier for cybercriminals to ‘hide’ their malicious messages. What’s more, attackers can leverage the ‘too-good-to-be-true’ deals people are expecting to receive, using them as lures to successfully deceive their victims. When the email looks like it has come from a legitimate brand and email address, people are more likely to click on malicious links that lead to fake websites or download harmful attachments.”
Tessian also notes that employees at retailers should be vigilant for phishing attacks as they approach the busiest time of the year.
“And it’s not just consumers that need to be wary,” Tessian says. “Employees in the retail industry will be busier and more distracted than ever during this time, faced with hundreds of orders, thousands of customer queries to respond to, and overwhelming sales targets to hit. Cybercriminals will use this to their advantage, crafting sophisticated phishing emails and cleverly worded social engineering messages in the hope that a stressed worker will miss the cues and comply with their requests.”
Remember: The bad actors are out in force, and you need to remember to implement good cybersecurity and cyber-hygiene practices – especially over the next couple of months. Be extra cautious of any emails invoking an emotional response or asking for your account information. Feel free to review the October National Cybersecurity Awareness emails and forward them to your family members.
Michael Cripps,
President and CEO
The threat of ransomware has been growing exponentially over the last year. Strengthening your ransomware defenses should be at the forefront of everyone’s mind, including individuals and businesses.
The following arcticle from The Hacker News website gives a few tips and steps to help combat this threat.
The Federal Trade Commission has issued a new Consumer Protection Data Spotlight that reports consumers have lost more than $80 million to cryptocurrency investment scams, an increase of more than ten-fold year-over-year, according to a new data analysis from the Commission.
For more information on this topic, visit www.bankersonline.com