Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Threats to my business: Corporate Account Take Over ACH Fraud Wire Transfer Fraud Phishing Malware Social Engineering Drive By Download PROTECT YOUR BUSINESS Here’s how these threats work: How do I detect and prevent it? •Be sure to clear your browser cache to clear stored web pages. • You get an email that appears to be from someone you know as in a *spearphishing attack. If you click on the link or open the attachment your pc will be infected with *malware. • Look for unauthorized transactions on your statement. •Avoid using automatic log in features. •Reconcile accounts daily. •Malware can also be installed unsuspectingly by accidentally visiting imposter websites. This is also referred to as a *drive- by download. •Don’t share IDs and passwords each user should be unique and changed often. Force users to use complex passwords-not dictionary words. Make them longer and they will be stronger. •Don’t access internet banking from unsecured Wi-Fi, such as an internet café. • Malware is installed on the pc with the intent of capturing the password to your online banking account. • Then someone can take over your account. They can pretend to be the owner and make transfers by telephone, online wire transfers or ACH to initiate payments and reroute your money through a whole network of *money mules, who don’t even know that they are involved in these crimes. • At the bank we use a combination of safeguards to protect your business and ours. You can help by using some of the same controls at your business too. As always these are not all, but just a few of the more important things you can do to be more secure. •Have dual control procedures in place. •Change default passwords. •Take note of your computer’s performance; take warning if you notice dramatic loss of speed or unexpected changes. •Lock computers with administrative privileges on them-log off when not needed. Use the windows key plus the L to lock at all times when not in use. •Install a spam filter. •Install real time routers and firewalls, anti-virus -anti-spy ware. Keep everything up to date. •Use a dedicated computer for all online transactions. •Look for https in the browser, the s stands for a secure session. •Use a security expert to test your network. •Train your employees how to spot fraud and social engineering. What do I do if it happens? •Report unauthorized transactions to your bank immediately! •Cease all activity from the compromised pc and disconnect it. •Document the incident each step of the way. Have an incident response plan so you can be prepared. •Report spam to the [email protected] •Report Internet Crimes to: www.ic3.gov and your local authorities. * See definitions on reverse side. IMPORTANT TERMS Terms Social Engineering Definition To manipulate or trick someone into giving up confidential information. This can happen on the computer, phone or in person. Software that is downloaded from the internet that occurs without a person’s knowledge or consent, usually used for malicious intent. An e mail that pretends to be the Bank, the IRS or someone important with an urgent message. Don’t click on links or attachments from suspicious emails. Pop up attempting to scare you such as- your anti-virus software needs to be updated. Use Alt F4 to escape don’t click ok or the X!!!!!!!!! Malicious Software is created to do harm to your computer, so they can steal information to make money. There are hundreds of different types all with the same malicious intent. Some examples are viruses, worms, keystroke loggers. You get it when you open attachments, click on links from people you don’t know or from websites you visit. Usually the sender has an urgent message for you. Drive By Download Phishing Scareware Malware Spearphishing Money Mules Copy Machines An email pretending to be someone you know, like your boss. Money mules are unsuspecting people that think they are working for a company to open accounts with illicit funds with the promise of a commission. They are recruited by ads that are placed for work at home jobs by online cyber criminal. Then they wire funds overseas for the criminal. Too bad, the money mules don’t know that they are a part of a scam and can be arrested while the real criminal goes free. Did you Know? Copy Machines can store confidential data that can be stolen. Check with your copy machine vendor, before you let it go out the door! For more information go to: http://business.ftc.gov/documents/ bus43-copier-data-security Are not protected under the same rules as consumers. Reconcile your accounts daily and if you see unauthorized transactions, report it to the bank immediately. It is most important to back up your data in case of disaster. Microsoft is a great resource to learn how to do this. risk too-make sure you cross-cut shred it or store it in a secure location. For more information go to: http://www.ftc.gov/bcp/edu/microsites/idtheft/business/index.html Should have encryption features and be turned on, some have the feature, but you have to turn it on. There are 2 types- Wi-Fi Protected Access (WPA) and Wired Equivalent Privacy (WEP). WPA is the most secure. http://www.us-cert.gov/cas/tips/ST05-003.html You should deal with a reputable company and should see a lock at the top along with https when entering your payment. If you receive email from prospective employees, it could contain malware, such as a keystroke logging program in the attachment in an attempt to gain access to your credentials. Run a virus scan first to protect your business from this type of fraudulent activity. http://www.fbi.gov/scams-safety/e-scams Business Debit Cards Back Up Data Confidential Information When emailed, should be sent in an encrypted manner to prevent fraudulent activity. Paper is a big Wireless Devices Online Purchases Online Employee Job Applications