Posts Tagged ‘ financial security ’

Cyber Security Q&A


As these challenging times force our world to operate more digitally, you may find yourself wondering about cyber security. In effort to help our members stay safe online, we reached out to our VP of IT Information Security Officer, Garth, to answer a few questions. Keep reading to learn Garth’s tips to stay safe and secure.  

What are the different types of fraud? 

While fraudsters are constantly applying slight new coats of paint, the goals for their scams remain relatively the same. They ultimately boil down to either obtaining your credentials, coaxing you into installing something harmful, paying them for something you would not normally buy, or outright sending them money.  

Although some of these objectives are obtained in fairly straightforward ways, like calling you and asking you for your online banking password to ‘confirm your identity’ before telling you about the alleged fraud on your account, others can be very intricate. They are also savvy enough to take advantage of current events, so things like fake COVID-19 charities, hacked COVID-19 mapping sites, and other sorts of pandemic-themed frauds are common right now. 

Attackers are trying to take advantage of consumers during these difficult times. What advice do you have for them? 

We all know to be skeptical of junk mail and can recognize it when we see it. Applying that same scrutiny to unsolicited emails, calls, and pop-up ads can save us all a great deal of heartache. Question authenticity. Practice pausing before acting rashly on unsolicited information. Take advantage of fraud protection features where available. If two-factor authentication is offered for online services, make use of it. Be sure to leverage card alerts and locking features. Finally, never, under any circumstances, provide your password to anyone. Only you should ever know your password.  

What suggestions do you have for people who are working from home? 

Hackers discover new vulnerabilities constantly, and while some exploit those discoveries for personal gain, others notify publishers and manufacturers of these defects so they can be addressed with patches. Make sure that your operating system and antivirus software are up-to-date and working properly.  Keeping up with these updates is critically important. Adding password protection to your Wi-Fi network and monitoring devices on your network are easy and simple precautions. Doing these things will keep you safe. 

Do you have any additional advice?  

It can be challenging to juggle all of the complex and unique passwords experts tell you to use for each different website. You may want to consider investing in a password management solution. Even when two-factor authentication is not available on a particular website, a good password management tool can be protected with two-factor authentication and help you easily keep track of your passwords.  

Finally, do not be afraid to slow things down. Fraudsters generally want to rush you as much as possible in order to increase the likelihood you’ll be rattled and make a mistake. Take your time to work through any uncertainty you may feel. Consult with friends. It is much easier to stop fraud before the money has left your account than it is to try and get it back afterwards. 


For additional fraud and cyber security information, visit our website. Still have questions? Contact our Fraud and Security team.

Mobile Malware: What You Need to Know


9597031_xxl

Trojan horses, worms and viruses are the tools of choice for theft, fraud and other forms of malicious activity. These threats are on the rise and targeting mobile devices effectively. Most notably is the recent malware Svpeng, which specifically targets financial mobile applications and combines it with “ransomware” capabilities.

Svpeng “locks” mobile devices and requests a ransom to unlock it. Svpeng is “context aware” and checks for the following mobile banking apps (Bank of America, Citi Mobile, Amex Mobile, TD App, Chase Mobile, BB&T Mobile Banking, USAA, Wells Fargo and other U.S. bank apps) on mobile Android devices. When it detects one of these applications, it locks the device down, presents a phony FBI penalty notification and demands $200 in the form of Green Dot’s MoneyPak cards. Svpeng also captures and steals information entered on the device. It’s considered different from other ransomware because it locks the device down completely.

“If it happens to you, you can do almost nothing. The only hope for unlocking the device is to boot into ‘Safe Mode’ and erase all data on the phone only, [since] SIM and SD cards will stay untouched and uninfected.”1

What can you do to protect your mobile device?2

Mobile devices are just as susceptible to viruses and malware as desktops and laptops. Install and use mobile anti-virus software and browser protection tools.

  • Download apps only from trusted sources like the Apple® App Store or Google® Play. Beware of malicious applications.
  • Question links in emails and social media posts. Malicious links could direct you to websites or install harmful software to compromise your device.
  • If accessing the Internet through a public, unsecured or unfamiliar WiFi connection, avoid accessing sensitive services like banking and investment services on your device until you can access a trusted WiFi service.
  • Turn off unnecessary services such as Wi-Fi, Bluetooth, and location apps when you’re not using them.
  • Secure your data and photos. Back up all important documents and photos to an external storage device, such as a cloud-based server, external hard drive or flash drive.

Your financial safety and security is important to us.

We offer several ways to help you monitor your account activity. You can set up a variety of alerts through Members 1st Online to notify you via email or text of activity on your account.

To set up or manage alerts on your account(s), log into Members 1st Online > Messages > Manage Alerts and follow the prompts. You can also set up custom alerts specific to your Members 1st VISA® Credit Card to notify you of account and transaction activity. If you’re logged into Members 1st Online, click on your VISA® Credit Card > See Your Current VISA® Activity > Alerts and follow the prompts.

Not using Members 1st Online yet? It’s easy and FREE! Go to https://myonline.members1st.org and click on “Enroll  Now.”

What should I do if I see suspicious charges on my account?

Please notify TeleBranch (Customer Service) immediately if you see any unauthorized activity on your account(s) at (800) 237-7288.

—————–

1Source:  http://www.kaspersky.com/about/ news/virus/2014/

2Source: http://securityaffairs.co/wordpress/25771/malware/svpeng-android-ransomware.html

Guest Blogger: Patricia Brock, AVP/Information Security Officer (reprinted from the July/August 2014 edition of Avenues)

%d bloggers like this: