Archive for the ‘ Security ’ Category

Defending Yourself Against Identity Theft


As technology advances, you can be sure that identity thieves are not far behind. Here are some common methods cyber-thieves use to steal your personal information and how you can increase your security while shopping or banking.

Phishing/vishing

Your email messages may not be quite what they appear to be if you’re targeted by a phishing scam. Phishing is the act of sending fraudulent emails that seem to come from familiar businesses. These messages contain links to phony websites designed to steal personal information either directly or through malware and key-loggers. Often you’ll see a problem referenced with a request to click on the link provided to correct it. Once you’ve entered your information, ID thieves can access your accounts.

Vishing is the telephone version of phishing. Callers are sometimes bold enough to suggest the victim call back to verify authenticity. But the vishers don’t actually hang up; instead they play a recorded dial tone to make the victim believe he’s making a call.

Debit and credit card fraud

Most shoppers love the convenience of plastic, and identity thieves use this to their advantage whether it involves skimming, phishing, vishing, malware, mail theft or just looking over a victim’s shoulder to steal account numbers. Someone running up debt in your name can ruin your credit score. When debit cards are compromised, it’s particularly alarming because fraudulent purchases drain your checking account instantly.

BEC scams

Business email compromise, or BEC, scams have cost companies more than $1.2 billion. A phony email from a CEO requesting that funds be transferred per attached instructions is sent to an employee. Because the email appears to come from the employee’s superiors, and because the message so closely resembles requests this employee receives regularly, the transfer is often made without question. The money then ends up in overseas accounts that are almost impossible to trace.

Tips to protect yourself

To even further reduce fraud risk:

  • Install the latest editions of anti-spyware, antivirus, firewalls and browsers to all devices, and password-protect them.
  • Use strong passwords for all accounts and change them frequently.
  • Monitor accounts and credit reports to detect fraud early
  • Don’t use public Wi-Fi networks for financial transactions.
  • Keep cards away from public view, and shred personal documents before discarding.
  • Opt in for two-factor authentication on accounts.
  • Turn off Bluetooth and near-field communication when not in use.
  • Don’t click on email links. Type full web addresses to access business websites.
  • Never share sensitive information in response to an unsolicited call or email.
  • To verify calls, hang up for at least one minute to ensure the first call is disconnected. Call the customer service number listed on your bank’s website or the back of your credit card, not a number provided by an unsolicited contact.
  • To protect your business from BEC scams, use a two-step verification process for all money transfers. Verbal confirmation is also wise.

Staying informed and adopting smart fraud prevention practices will go a long way toward protecting your identity. Between your efforts and your bank’s security, you should be able to stay a step ahead of identity thieves.

Source: NerdWallet, Inc.


Set up Members 1st Mobile Card Controls to control how, when and where your payment cards are used. Real-time transaction alerts and controls will provide you with a method to protect your payment information.

Members 1st is here to help you through all of life’s most important moments and milestones. If you have any questions, please call customer service at (800) 237-7288, visit our website, or visit one of our various branch locations.

Understanding Mobile Payments


What once seemed a fanciful or even silly idea — that instead of cash or a card we’d use our phones to pay for stuff — is becoming the norm. Mobile-based payments in the U.S. are projected to reach $142 billion in 2019.

While that’s a lot of growth, mobile payments still make up a tiny fraction of retail commerce. In 2015 they accounted for only 0.2% of in-store sales in the U.S. And that might be because the technology is still somewhat new and perhaps confusing.

Here’s a quick look at mobile payment: how it works, who the major players are and how secure these transactions are.

How it works

Mobile payments really took off in 2014 with the introduction of Apple Pay®. Since then, a number of competitors have popped up, including Samsung Pay® and Google Pay®.

As their names suggest, these mobile payment services are tied to specific devices. Apple Pay works only on newer iPhones and the Apple Watch, and Samsung Pay requires later Galaxy and Note models. Google Pay requires an Android device.

With mobile payments, your smartphone acts as a proxy for your credit card, debit card, loyalty card or metro card. The card info is read into the phone either by taking its picture or by manually entering the number and expiration date.

Apple Pay, Samsung Pay and Google Pay all make use of near field communication (NFC). NFC enables two electronic devices, one of them typically mobile, to communicate via close proximity – say, by tapping the phone to a credit card/phone reader.

Samsung Pay also uses a technology called magnetic secure transmission, which makes it compatible with existing card readers that are not NFC-enabled.

What about security?

Mobile payment systems use a host of security measures to protect transactions from hackers. Each card registered on your phone is assigned a token, usually a string of numbers that represents your 16-digit credit or debit card number. This means your card number is never transmitted or revealed; the token is used to process the payment. It’s similar to how EMV or “chip” cards work, if you’ve come across those.

To complete a transaction, you will also need to input a PIN, use a fingerprint scan, or sign, depending on the particular payment service and the sophistication of the terminal at the checkout counter.

The risk with mobile payments ultimately lies with your accounts, not the payment devices. For example, some financial institutions don’t always have the best procedures to verify that the person adding a debit or credit card to a mobile payment service is the account holder. That makes it possible for thieves to use stolen account information in their own mobile payment app.

Cases of fraud have also been reported in connection with so-called peer-to-peer payment systems that were developed primarily to allow friends and family to send and receive money. In the case of Venmo, a division of eBay’s PayPal, users have reported unauthorized withdrawals that apparently took place as a result of weak authentication controls that let hackers take over accounts.

Many of us already carry our phones everywhere we go, and as more Americans embrace the technology, it’s likely more retailers will install mobile payment readers. Knowing the ins and outs is important before you jump in as well.

Source: NerdWallet, Inc.


The Visa® credit and debit cards offered by Members 1st Federal Credit Union are globally accepted and feature built-in chip (EMV) technology to provide you with an enhanced level of security. Our cards are also compatible with Apple Pay®Google Pay and Samsung Pay® on select smartphones, which means you don’t even have to pull out your Visa card when paying for purchases at the checkout terminal.

To learn more about the Members 1st Mobile Wallet, click here.

To learn more about the Members 1st Visa Credit Cards, click here


2015 Financial Resolutions – There’s still time


couple with billsWe’re one month down, 11 more to go and 2015 will be a wrap. It’s still early enough in the year to review your finances and set goals. If you haven’t made your financial resolutions yet, here are seven tips that can help you achieve financial success.

  1. REVIEW YOUR BUDGET. List your recurring monthly expenses and compare them to your monthly income. Make adjustments or cuts where necessary to prevent dipping into your savings or using your credit cards. For helpful hints on budgeting basics, download our free brochure on budgeting.
  2. COMMUNICATE. Yes, it may be uncomfortable, but it’s very important to talk with your partner about where you stand financially (debt included). Knowing where you are helps you know where you want to be. Learn how to manage money as a couple or when you find yourself suddenly single by reading our free brochure, “His, Hers, Mine & Ours.”
  3. PAY DOWN DEBT. If you have numerous credit card balances, tackle the one with the highest interest rate first and pay the minimum amount required on all of your other balances. Also consider transferring your higher rate card balances to your Members 1st VISA®, which could save you money.
  4. BUILD AN EMERGENCY FUND. Most specialists suggest saving three to six month’s salary in case of an unexpected setback or job loss. Start by putting aside a little from each paycheck now.
  5. AUTOMATE YOUR LIFE. Utilize the Bill Payer feature of Members 1st Online. It’s simple to set up recurring payments to ensure that you’re always paying your bills on time, every time.
  6. THINK BEFORE YOU BUY. Do you really need that item or is it something that you simply want?
  7. MEET WITH A FINANCIAL PLANNER. Our team of Investment Services representatives can help you develop a customized financial plan that will help you feel confident in your goals.* You may schedule a free consultation at any of our branch locations.

If you need additional assistance, we offer free access to money management and financial education services through GreenPath, a financial management program. Through comprehensive education and exceptional service, GreenPath has been assisting individuals for more than 50 years. As a member, you can receive assistance with:

  • Personal and family budgeting
  • Understanding your personal credit report and how to improve your score
  • Personal money management
  • Debt repayment
  • Avoiding bankruptcy, foreclosure, and repossession

 

 

 

*Registered Representative of INVEST Financial Corporation (INVEST), member FINRA/SIPC. INVEST and its affi liated insurance agencies offer securities, advisory services and certaininsurance products and are not affi liated with Members 1st Federal Credit Union or Members 1st Investment Services. INVEST does not provide tax or legal advice. Products are: • Not FDIC or NCUA insured • Not Bank or Credit Union Guaranteed • May lose value including loss of principal.

Mobile Malware: What You Need to Know


9597031_xxl

Trojan horses, worms and viruses are the tools of choice for theft, fraud and other forms of malicious activity. These threats are on the rise and targeting mobile devices effectively. Most notably is the recent malware Svpeng, which specifically targets financial mobile applications and combines it with “ransomware” capabilities.

Svpeng “locks” mobile devices and requests a ransom to unlock it. Svpeng is “context aware” and checks for the following mobile banking apps (Bank of America, Citi Mobile, Amex Mobile, TD App, Chase Mobile, BB&T Mobile Banking, USAA, Wells Fargo and other U.S. bank apps) on mobile Android devices. When it detects one of these applications, it locks the device down, presents a phony FBI penalty notification and demands $200 in the form of Green Dot’s MoneyPak cards. Svpeng also captures and steals information entered on the device. It’s considered different from other ransomware because it locks the device down completely.

“If it happens to you, you can do almost nothing. The only hope for unlocking the device is to boot into ‘Safe Mode’ and erase all data on the phone only, [since] SIM and SD cards will stay untouched and uninfected.”1

What can you do to protect your mobile device?2

Mobile devices are just as susceptible to viruses and malware as desktops and laptops. Install and use mobile anti-virus software and browser protection tools.

  • Download apps only from trusted sources like the Apple® App Store or Google® Play. Beware of malicious applications.
  • Question links in emails and social media posts. Malicious links could direct you to websites or install harmful software to compromise your device.
  • If accessing the Internet through a public, unsecured or unfamiliar WiFi connection, avoid accessing sensitive services like banking and investment services on your device until you can access a trusted WiFi service.
  • Turn off unnecessary services such as Wi-Fi, Bluetooth, and location apps when you’re not using them.
  • Secure your data and photos. Back up all important documents and photos to an external storage device, such as a cloud-based server, external hard drive or flash drive.

Your financial safety and security is important to us.

We offer several ways to help you monitor your account activity. You can set up a variety of alerts through Members 1st Online to notify you via email or text of activity on your account.

To set up or manage alerts on your account(s), log into Members 1st Online > Messages > Manage Alerts and follow the prompts. You can also set up custom alerts specific to your Members 1st VISA® Credit Card to notify you of account and transaction activity. If you’re logged into Members 1st Online, click on your VISA® Credit Card > See Your Current VISA® Activity > Alerts and follow the prompts.

Not using Members 1st Online yet? It’s easy and FREE! Go to https://myonline.members1st.org and click on “Enroll  Now.”

What should I do if I see suspicious charges on my account?

Please notify TeleBranch (Customer Service) immediately if you see any unauthorized activity on your account(s) at (800) 237-7288.

—————–

1Source:  http://www.kaspersky.com/about/ news/virus/2014/

2Source: http://securityaffairs.co/wordpress/25771/malware/svpeng-android-ransomware.html

Guest Blogger: Patricia Brock, AVP/Information Security Officer (reprinted from the July/August 2014 edition of Avenues)

How to Handle Your Finances after a Divorce


divorce
While young adults are living together in increasing numbers, possibly avoiding the fate of being a split-up statistic, divorce rates have actually doubled over the past two decades for couples over 35, according to researchers at the University of Minnesota . When it comes to marriage, baby boomers may be two-time losers. But young or old, divorce, whether legal or laid back, can be an emotional — and financial – train wreck. Here’s how to get back on track.

The credit you deserve
After years of being in a joint financial partnership, it’s time to reestablish your individual credit identity. First, obtain a free copy of your credit report. The three major credit agencies are mandated by the federal Fair Credit Reporting Act to provide a free copy of your report once a year. The official website is annualcreditreport.com, or you can call 1-877-322-8228 to request yours.

In case you haven’t already; cancel any remaining joint credit cards so that neither former spouse is liable for the other’s debt going forward. If you don’t have a credit card in your own name, you might want to consider applying for one, in order to build your new credit history.

It’s also quite likely that you’ll be carrying a bit of debt with you out of the divorce, such as court costs and attorneys’ fees; perhaps some credit card debt, as well. You may be tempted to pay off those debts all at once with any cash acquired through a settlement, but it might be a better idea to preserve those dollars until you see how your after-marriage money situation works out.

Account for every account
Remember to update the names on all other accounts, such as life insurance beneficiaries and authorized users. You may also have to change the names on deeds and titles to property that was granted to you as part of the divorce settlement.  Assets that may need to be retitled can include investment accounts, vehicles and houses. You may also want to consider refinancing any debt or mortgages that you have acquired in the process. And of course, you’ll want all of your bank and credit union accounts in your name only.

A fresh beginning
If you received the home as part of your settlement, think about if it’s financially feasible – or even emotionally beneficial – to stay. Not only do you have to consider the mortgage payment, but all of the associated expenses, too: insurance, upkeep, taxes, utilities and all the rest. Children can play an especially important role in this decision, depending on their age, school activities and social involvement. From a financial perspective, you will also want to weigh the tax consequences of a sale, though as a single-filing taxpayer you may qualify to exclude $250,000 of the capital gain from your income.

Emergency and retirement savings
The financial transition may be difficult, however you want to remember your short-term and long-term goals. First, having three to six months of income saved for unexpected expenses can help you get back on your feet. A Qualified Domestic Relations Order (QDRO) will guide the terms of transfer for any qualified retirement account, such as a 401(k) retirement plan or pension. If you are to receive such assets, a trustee-to-trustee transfer will prevent an unnecessary mandatory tax withholding.

Make a money plan
While few people may guide their personal finances by a formal budget, it’s a good idea to have at least a “back of the envelope” money plan. You may be facing new expenses on your own, such as rent or mortgage payments and even legal costs. The household income has almost certainly changed.  Consider all spending as “up for review.” Total up every fixed expense, determine what can stay and what has to go – and then tackle discretionary spending, at least until you can get into a new financial routine.

Divorce can force you to think ahead, not back. And in matters of money – that’s a good thing.

Note: If you are facing a life changing event such as divorce or are suddenly single for other reasons and you need money management assistance, consider GreenPath, a financial management service that can help keep you on track.

Check out our brochure, Getting Married/Suddenly Single

Guest Blogger: Hal Bundrick, NerdWallet

Heartbleed bug – what you need to know


heart bleed bug

The media has been reporting about a widespread website bug called “Heartbleed” which is a vulnerability in the security software used by millions of web sites.

We want you to know that Members 1st does not use OpenSSL 1.0.1 to 1.0.1f which means we are not affected by Heartbleed. We have taken extra steps to test our web applications and third party applications and either they are not susceptible or have controls in place to prevent any malicious activity. 

If you’re not familiar with this, OpenSSL is one form of an encryption library used in HTTPS communication – online stores and banking websites that give you that lock icon in your browser bar when you visit them. OpenSSL uses a “heartbeat” to echo back data which a hacker can use to trick the server to return anything from Usernames, account passwords to sensitive data.

Here’s what you need to keep in  mind:
While Members 1st is not affected by this, it is a good security practice to periodically change your passwords. If you use the same password for your financial institutions that you use for any of the following vulnerable sites , you should change your password immediately: Facebook, Instagram, Pinterest, Tumblr, Google, Yahoo, Gmail, Yahoo Mail, Amazon Web Services, GoDaddy, Intuit, USAA, Box, DropBox, Minecraft, OKCupid, SoundCloud, Wunderlist.

Rest assured, securing your personal and financial information is a top priority.

How to Protect Your Financial Info on Your Smartphone


smart phone

You might think that smartphone buzzing in your pocket or purse is relatively safe from hackers, because for years phones weren’t fraudsters’ main targets. But as smartphones have exploded in popularity, so has the chance that a hacker will steal your financial information. Here’s how they try to gain access to your sensitive information and what you can do to stop them.

Spam and SMS phishing – What is it?
Spam is the use of messaging systems to send unsolicited bulk emails, usually advertising. Most of it is just annoying, but some of it will be unsolicited offers or SMS phishing (arrives via text messages). In either case, you’ll receive messages pitching products or services. You may also receive messages that ask you to update a password, re-enter your credit card number or provide sensitive info that can be used to defraud you.

How can you protect yourself?
• Never open a message from a source you’re not familiar with. Booby-trapped attachments are often disguised in clever greetings.
• Don’t answer emails or texts that ask for personal information.
• Watch for red-flag statements such as “verify your account.” Legit companies don’t request sensitive information via email.
• Shop online with a retailer’s official app, not through an emailed or texted link. Shopping apps are designed to ward off scams. With browsers, malicious software can be downloaded to a phone without a user knowing it.
• Buy security software. It’s essential to use mobile security software and keep it updated. Mobile antivirus software can help spot and block malware-infection attempts.

Public Wi-Fi – What is it?
This is a wireless network you connect to in places like Starbucks. Since your traffic is public, there’s a chance that it is being captured. So if you’re browsing the Internet and go to a page that doesn’t use Secure Socket Layer (SSL) to encrypt your communication, everything you are seeing and anything you send back (like forms you fill out or usernames and passwords) can be captured and seen by anybody else on the network.

How can you protect yourself?  Most financial sites use SSL for login information (you know you’re on an SSL site when the URL starts with “https”), but it’s still safer not to send any sensitive data over an untrusted wireless network.

Theft – How bad is it?
Thieves are snatching smartphones in alarming numbers. If a thief gets ahold of your phone, he or she may get access to all of your sensitive information contained on it. How can you protect yourself?
• Keep tabs on your device. Don’t leave your smartphone by its lonesome at a cafe or bar.
• Be discreet. Use caution when pulling out your expensive new phone when you’re in big crowds, such as sporting events.
• If it gets swiped, wipe it. If your cherished device is lost or stolen, remotely wipe it. Remote wipe is a security feature that lets you send a command to your phone and delete data.

Other important steps to take
• Update the operating system. Updates usually give you enhanced functionality and features, as well as fixes to security vulnerabilities.
• Log out of financial accounts. Make sure you log out when you finish banking through your mobile phone. Don’t check the box that asks you to save your user ID or password. Sure, it’s less convenient to log in every time. But it’s worth it to protect your financial information. It’s ultimately up to you to protect your private information. Be sure to take the steps listed above to ensure the sensitive financial information on your smartphone remains safe.

Guest post provided by Tom Dunlap, NerdWallet

%d bloggers like this: