The Internet Can Be a Scary Place
The internet can be a scary place, but it doesn’t have to be. Cybercriminals have a good understanding of technology and try to use this to their advantage when tricking unsuspecting people into revealing information. The better educated you are, the better equipped you will be to protect your confidential information. In this article, we’ll review what Social Engineering is and how cybercriminals use these scams to trick you; look at some simple ways to help safeguard your information; and lastly, provide some tips for dealing with a compromised device. SOCIAL ENGINEERING is manipulating someone into unwittingly performing an act where they expose confidential information. There are a number of Social Engineering techniques and you should investigate them all, but for the purposes of this article, we’ll focus on the two most popular. Pretext telephone calling (also referred to as “Vishing”) are calls from automated voice messages or criminals who make a personal phone call posing as a legitimate business. More often than not, they use some sort of scare tactic to get you to disclose confidential information. Recently, a group of cybercriminals posed as the IRS and threatened victims with costly fines and penalties if the victim did not make an immediate payment towards back taxes. Another popular scam is criminals posing as technical experts calling to help you “fix” problems on your computer. They’ll ask you to give them remote access to your computer. If you turn over control, the criminal will have access to your confidential information and the ability to install malicious software. Lastly, don’t always believe what you see on a Caller ID. Criminals can “Spoof” telephone numbers so the Caller ID will display whatever number they want, even that of a legitimate business. Best rule of thumb: never divulge confidential information on a telephone call unless YOU initiated the call. Phishing Emails are convincing emails generated by criminals that appear to come from a trusted source such as a business, government agency, friend, co-worker or even your boss. The intent is to try and trick you into revealing confidential information, opening malicious attachments to the email or getting you to click a malicious embedded link. Phishing Emails can be very convincing! Criminals will even use the company logo from the company they are impersonating in the body of the email to add credibility to the email.
Tips for Staying Safe Online
- Create strong passwords combining upper case, lower case, numbers and special characters.
- Never share passwords
- Change passwords immediately if you suspect someone may know it.
- Make passwords unique, avoid common things like pet’s name, family member’s name, birthdays, spouse’s birthday, favorite movie, etc.
- Don’t write passwords down.
Reconcile bank accounts daily. Be careful when surfing the internet.
- Turn on “Pop-Up Blockers”.
- Use Parental Controls to block certain websites from children.
Only use up-to-date operating systems and software supported by the manufacturer.
- Install manufacturer recommended updates as they become available.
Install and maintain Firewalls and real-time AntiVirus/AntiSpyware software. Run scan frequently. Run scan immediately if you notice performance issues like loss of speed, frequently locks up, frequent display Pop-Up messages, or computer unexpectedly re-boots (these are all sign your computer may be infected). Secure your computer when not in use. Be sure to change the Default Administrator Passwords that came with the computer. Email is a highly susceptible security risk:
- Be cautious if you don’t know who sent the email.
- Don’t open any suspicious or unknown attachments to an email.
- Don’t click on suspicious links embedded in an email.
- Use a Spam filter.
Tips for Dealing with a Compromised Device
One of the most important steps you can take is to prepare in advance and periodically backup your device. Far too often the only option on a compromised computer is wiping the system clean and reinstalling the factory software. If you don’t have a viable backup of your device, you may not be able to retrieve any of your saved data. Be sure to immediately change your passwords, including passwords used to access online accounts. Be sure to change your passwords from a computer you know is secure and trusted. If your AntiVirus software informs you of an infected file, follow the recommended instructions, which will usually include quarantining the file, cleaning the file or deleting the file. Lastly, know when to ask for professional help. If AntiVirus software cannot remediate the virus, your only options may be to Re-install. You may have to transfer files from the infected computer to a new computer to recover everything, and if not done correctly, you may also transfer the malware from the infected computer. A far safer alternative is to take the infected computer to a qualified technician who can safely recover these files without risking transferring the infection. Remember, if you are a customer of The Cooperative Bank of Cape Cod, we’ll never call you unsolicited to verify information about your account or personal information over the phone or via email. The security of your personal and account information is extremely important to us, and we take a proactive approach to ensure that our customers’ private information is protected.