HOW TO PROTECT YOURSELF ONLINE
Safeguard your digital profile against cybercrimes with these tips from the National Cyber Security Alliance (staysafeonline.org)
Download Our Cyber Security Guide
- Never click and tell. Limit the personal information you share on social media platforms, including the use of location services.
- Keep tabs on your apps. Only download apps from trusted vendors and sources. Review app permissions to ensure default permissions are not set to run in the background.
- Shake up your password protocol. Avoid using standard passwords or phrases across multiple websites. Consider using a password manager to generate and store unique and complex logins for each of your accounts.
- Double your login protection. Enable multi-factor authentication (MFA) when available.
- Play hard to get with strangers. Do not respond to or click on the links or attachments of “phishy” emails.
- If you connect, you must protect. Maintain the most up-to-date security software, web browser, operating system, and antivirus software (if available) to protect your computer, smartphone, game device, or other network device.
- Stay protected while connected. Refrain from conducting sensitive activities, such as banking, when connected to a public Wi-Fi network.
HOW TO AVOID ACCOUNT TAKEOVER FRAUD
What is an “account takeover”?
An account takeover happens when a fraudster poses as a financial institution to get your personal or account information. Once the fraudster has access to your account, they can make unauthorized transactions.
How Does It Work?
An account takeover begins with a fraudster sending a text message to your mobile phone. They usually claim they‘re from a financial institution‘s fraud department. They ask you to confirm a suspicious payment that was sent from your account — this may not be true and could be part of the fraud.
If this is a fraud attack, the fraudster typically follows up with a phone call and asks for your personal information to “cancel the payment.” NOTE: we will NEVER ask for your personal information over the phone.
While account takeover fraud attempts can happen at anytime, it usually begins on a Friday, after business hours, and runs through the weekend.
The phone shows an example of a fraudulent “account takeover” text message.
How Can You Prevent Account Takeover Fraud?
|If someone posing as contacts you by phone, email, or text message and wants you to share your personal information, consider it fraud.|
|If you receive a text (or email) like the one shown here, do not reply to the sender. Ignore the message and do not call any phone numbers listed in the text.|
|If you receive a phone call that seems to be a phishing attempt, end the call immediately. And be aware that area codes can be misleading: a local area code does not always guarantee that the caller is local.|
Protect Your Business
PROTECT YOUR BUSINESS
What is an “Corporate Account Takeover”?
Corporate Account Takeover (CATO) is a form of business identity theft where criminals gain control of a business’ bank account by stealing employee passwords and other valid credentials. Malicious actors can then initiate fraudulent wire and ACH transactions to accounts they control.
What is “Business Email Compromise”?
Business Email Compromise (BEC) is a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds. This includes compromising the business email accounts of a company’s vendors and/or customers.
What to look out for:
What to do if you fall victim to fraud: