When it comes to cyber security, The Biltmore Bank of Arizona is committed to offering you ongoing education and information on cyber crime to help you take the necessary steps to protect your financial assets.
- Equifax data breach - On September 7, 2017, Equifax announced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. Criminals exploited a website application vulnerability to gain access to certain files between mid-May through July 2017. The information accessed primarily includes names, Social Security Numbers, birth dates, addresses and, in some instances, driver's license numbers. In addition, credit card numbers of approximately 209,000 U.S. consumers, and dispute documents with personally identifying information for 182,000 U.S. consumers were accessed. To find out if you are one of the affected individuals, Equifax has established a dedicated website, equifaxsecurity2017.com, to help consumers and to sign up for free credit file monitoring and identity theft protection. The offering, called TrustedID Premier, includes 3-Bureau credit monitoring of Equifax, Experian, and TransUnion credit reports; copies of Equifax credit reports; the ability to lock and unlock Equifax credit reports; identity theft insurance; and Internet scanning for Social Security Numbers - all complimentary to U.S. consumers for one year. Equifax has also set up a dedicated call center number at 866-447-7559 and is open every day from 7:00 a.m. to 1:00 a.m. Eastern time. Equifax will send direct mail notices to consumers who were directly impacted. The above website and phone will allow concerned U.S. consumers to confirm if they were impacted. Grandpoint Bank recommends our customers review the free premium monitoring service provided by Equifax.
- DocuSign breach - DocuSign, a major provider of electronic signature technology, has reported a series of recent malware phishing attacks targeting its customers and users as the result of a data breach of one of its computer systems. While the data stolen was limited to customer and user email addresses, it allows attackers to target users who may already be expecting to click on links in emails from DocuSign. A malicious email campaign with the subject line “Completed: docusign.com – Wire Transfer Instructions for recipient-name Document Ready for Signature,” contains a link to a downloadable Microsoft Word document that harbors malware.
DocuSign cautions that if you have reason to expect a DocuSign document via email, don't respond to an email that looks like it's from DocuSign by clicking a link in the message. When in doubt, access your documents directly by visiting docusign.com and entering the unique security code included at the bottom of every legitimate DocuSign email. DocuSign says it will never ask recipients to open a PDF, Office document or ZIP file in an email.
- Uniwix ransomware - Uniwix ransomware is here and, according to heimdalsecurity.com, it can be worse than WannaCry. Uniwix poses an even bigger threat than WannaCry ransomware because it does not include a "kill switch" domain, which, when blocked, can contain its distribution. Learn more about the risks in this pdf article from heimdalsecurity.com.
- "WannaCry" ransomware - The WannaCry malware exploits a known vulnerability in Microsoft Windows operating systems. Microsoft released a critical patch in March 2017 (Microsoft MS Bulletin 17-010) to help counteract this vulnerability. If you have a computer that is not yet updated with the Mircosoft patch, isolate it so that it cannot infect your network. We recommend that you:
- Install critical patches in a timely fashion to minimize the risk that your computers are compromised by such exploits. This includes updates for both operating systems (Windows, Apple IOS, etc.) and applications (MS Office, Adobe Acrobat, etc.)
- Make sure your computers have adequate anti-malware and anti-virus protection.
- Exercise caution when receiving emails that contain links or attachments. If you have any doubt about the authenticity of an email or a sender, verify it is legitimate before opening.
- Never click on a link that you do not trust on a web page, Facebook or messaging application.
- Keep your files backed up regularly.
Schemes, Scams and Frauds
BUSINESS EMAIL COMPROMISE (BEC) OR CEO EMAIL fraud schemes are an increasingly common and costly form of cybercrime. According to the FBI, thieves stole nearly $2.3 billion in such scams from more than 17,000 companies in the U.S. between October 2013 and January 2016. CEO fraud usually begins with the thieves either phishing an executive and gaining access to that individual’s inbox, or emailing employees from a look-alike domain name. In these cases, the fraudsters will forge the sender’s email address displayed to the recipient, so that the email appears to be coming from legitimate business. In all cases, the “reply-to” address is the spoofed domain, ensuring that any replies are sent to the fraudster.
RANSOMWARE is a type of fraud where malware restricts access to the infected computer/network and demands that the operators pay some sort of ransom to regain control of their network.
PHISHING is the criminal attempt to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Phishing is typically carried out by email, directing users to enter personal details at a fake website whose look and feel are almost identical to a legitimate one, such as their bank. Financial institutions will never send an email asking for personal information.
SPEAR PHISHING is a variation of phishing. With phishing, criminals might send a single, mass e-mail to thousands of people. Spear phishing attacks are customized and sent to a single person at a time. The spear phishing email usually contains personal information such as your name or some disarming fact about your employment. A spear phishing email usually includes a link leading to a fake website that requests personal information. The phony email may contain a downloadable file that contains malware. Nearly all spear phishing complaints that have been investigated have come from corporate employees. If you receive a suspicious email, go directly to your company’s IT department.
VISHING is the name for phishing attacks using the telephone. The term is a combination of voice and phishing, and is typically used to steal credit card numbers, bank account numbers and passwords. You might receive a phone call advising you that your credit card has been used illegally, and to call a certain number to “verify” your account number. Do not provide information and contact your bank or credit card company directly to verify the validity of the message.
SMISHING is yet another variation of phishing, the name a combination of SMS (Short Message Service, the technology used in text messaging) and phishing. In this scam, the fraudster uses cell phone text messages to lure you to a website or perhaps to use a phone number that connects to an automated voice response system. No legitimate business would contact you by text message with a request of this nature.
CORPORATE ACCOUNT TAKEOVER is a method by which cyber thieves gain control of a business's bank account by stealing the business's valid online banking credentials. The most prevalent method involves malware that infects a business's computer workstations and laptops (See Best Practices for tips on protecting your computers and networks). The malware installs keylogging software on the computer which allos the perpetrator to capture a user's credentials as they are entere at the financial institution's website. Once the cyber thieves have access to the business's online banking they can initiate funds transfers by ACH or wire transfer,to the bank accounts of associates with the U.S. These accounts may be newly opened by accomplices or unwitting "money mules" for the express purpose of receiving and laundering these funds. The accompliices or mules withdraw the entrie balances shortly after receiving the money, and then send the funds overseas via over-the-counter wire transfer or other comon money transfer services.
Cyber Crime News
- Business E-Mail Compromise: Cyber -Enabled Financial Fraud on the Rise Globally, from the FBI, News
- Business Email Compromise: Don't be a victim -- by Stan Stahl, Secure The Village -- on the Bank of Tucson blog
- FBI: How to Protect Your Computer -- on the Grandpoint Bank blog
- What Should You Do if You Fall Victim to a BEC Scam? Reprinted with permission by the Association for Financial Professionals, www.AFPonline.com
- Cyber security alert...There are only two kinds, which one are you? from Inside Tucson Business
- Business E-Mail Compromise: The 3.1 Billion Dollar Scam from the FBI, Public Service Announcement
- Most Small Businesses Don't Recover from Cybercrime from Fox Business
- The Big Business of Hacking Small Businesses, from Inc
- Collins Subcommittee Examines Small Business Cyber-Security Challenges with New Technologies,House Small Business Committee,
- Cyber Attacks on Small Businesses on the Rise from Fox News
- Tips to avoid phishing schemes
- Business CEOs are primary targets in the latest email scams resulting in large losses. Here's an informative article from krebsonsecurity.com
- No Business Too Small to be Hacked, from The New York Times
- Check out our blog articles on Business Email Scams, Ransomware, and Identity Theft.