Phishing for Fraud: Don't Let your Company Get Hooked!

Save this PDF as:
Size: px
Start display at page:

Download "Phishing for Fraud: Don't Let your Company Get Hooked!"

Transcription

1 Phishing for Fraud: Don't Let your Company Get Hooked! March 2009 Approved for 1 CTP/CCM recertification credit by the Association for Financial Professionals 1

2 Today s Speakers: Joe Potuzak is Senior Vice President and Payment Solutions Risk Manager. Joe has more than 20 years experience in commercial lending, operations and payments risk management roles. Rachel M. Floars is Senior Vice President and Electronic Delivery Systems Risk Manager. Rachel has more than 25 years experience in operations and risk management roles. 2 2

3 Today s Agenda: of Fraud of Fraud Preventing Fraud 3 3

4 Polling Questions How would your company categorize its current level of concern related to fraud? Very High High Moderate Low Very Low / No Concern How would your company categorize its current level of resources (people, processes, systems) allocated to fraud detection and prevention? Have more than enough resources allocated Have the right level of resources allocated Don t have enough resources allocated No resources currently allocated 4 4

5 Association for Financial Professionals (AFP) Payments Fraud & Control Survey March corporate cash managers, analysts, directors, asst. treasurers & controllers surveyed: Fifteen Industries Revenue Size Ownership Manufacturing (21%) Retail (11%) Insurance (9%) Energy (9%) Less than $100MM (9%) $ MM (34%) $1B+ (57%) Publicly owned (47%) Privately held (32%) Non-profit (11%) Government (10%) 5 5

6 AFP Payments Fraud & Control Survey March % of organizations experienced attempted or actual payments fraud in 2007: of Fraud Loss Size Median loss Check fraud (94%) ACH debit (26%) Corporate cards (13%) Consumer ACH and/or card payments (10%) ACH credits (4%) Wire transfer (3%) Prepaid/gift cards (1%) No loss (63%) Less than $25,000 (25%) $25,000 99,999 (7%) $100,000+ (7%) $13,

7 Additionally, Organizations are experiencing the following impacts: Disabled websites unavailable for use by their clients. Office computers that are shut down by viruses. Compromise and theft of sensitive client and / or employee information. Manipulation or destruction of important organizational data by a former disgruntled Employee. Malicious use of their systems to attack another system. 7 7

8 Polling Question Which is the most effective source currently used for maintaining knowledge of evolving fraud trends and schemes? Advisories / information from your financial institution. Industry associations. Newspapers and periodicals. Peer networking. Software / hardware / processing vendors. 8 8

9 Check Fraud Check fraud is widespread despite significant decline in check usage.* Growth in check fraud is outpacing growth in electronic payments fraud.* Accounts payable/disbursement accounts most frequent target (84%).* Payroll accounts second most frequent target (34%).* Examples: Counterfeit checks imprinted with organization s MICR line but other business name. Altered payee names or amounts. Forged signatures. Lost, stolen or counterfeit employee paychecks. Fraudulent checks identified with positive pay and represented as ACH debits. *Source: AFP 2008 Payments Fraud and Control Survey 9 9

10 ACH & Wire Fraud 15% of organizations surveyed experienced financial losses from ACH fraud in 2007.* Failure to adopt effective internal controls and bank fraud control services cited as most frequent reasons for ACH loss.* Examples: Fraudulent ACH debits posted to business account. Misdirected outgoing wire or ACH payment. Fictitious employee added to ACH payroll file. Keying errors. *Source: AFP 2008 Payments Fraud and Control Survey 10 10

11 Online Payments Fraud Two Components of Online Payments Fraud: THEFT of consumer / business payment information / credentials FRAUDULENT USE of consumer / business payment information / credentials for unauthorized financial activity Scams / Schemes may have varied Goals: Target only the theft of information / credentials. Objective is to use fraudulently at a later time in the same or another channel, or sale in market. Target both the theft of information / credentials & immediately use for unauthorized financial activity. Objective is to get in and out before victim and/or FI becomes aware

12 Online Payments Fraud A primary theft scam / scheme is Phishing / Spamming Services, which attempt to entice an recipient into clicking on a fraudulent link. November 2008 online fraud data.* 207 global bank brands targeted in online phishing attempts (24% increase from October 2008). 10,626 actual phishing attacks. 53% of worldwide phishing attacks targeted at U.S. banks. *Source: RSA Security, Inc., Online Fraud Report 12 12

13 Online Payments Fraud (Continued) Bogus Website requesting entry of consumer / business payment information / credentials. Automatic download of malicious software (malware) to victim s computer. You ve Got Mail CLICK 13 MALWARE EXAMPLES Keystroke Logging Hidden URL redirect Trojan Remote Control SQL Injection Captures and records user keystrokes Unknowingly redirects user to bogus URL Looks like a desirable function, but when selected allows unauthorized access to computer Allows a fraudster to control computer from remote location Allows fraudster to execute unauthorized SQL commands, Used to steal information from a database 13 13

14 Online Payments Fraud (Continued) Easy to Spot Graphics Pop-Ups Used Victim s Knowledge of Scheme The Evolution Of Phishing Malware Spear Phishing Targets Companies Hishing Embeds malware into Hardware Wishing Targets Individuals Sishing Entices users to click on advertising links???????????? 14 14

15 B2B Card Payments Fraud* Purchasing and Travel & Entertainment cards. 73% of AFP survey respondents indicate that their organization uses corporate cards. 13% reported attempted or actual payments fraud. Purchasing cards more likely to be involved in fraud than T&E cards (75% versus 46%). Likely perpetrator is an unknown external party or employee versus vendor. *Source: AFP 2008 Payments Fraud and Control Survey 15 15

16 Consumer Electronic Payments Fraud* 43% of respondents accept ACH and/or card payments from consumers. Most fraud involves credit cards. Credit cards (89%) ACH (38%) Signature debit cards (24%) PIN debit cards (11%) Channels used to commit consumer ACH and/or card payments fraud resulting in financial loss. Online via the Web (71%) In person (e.g. store or branch location) (63%) Over the phone (46%) 1/3 of organizations reported an increase in consumer electronic payments fraud from 2006 to *Source: AFP 2008 Payments Fraud and Control Survey 16 16

17 Consumer Electronic Payments Fraud (Continued) Failure to safeguard consumer data when accepting electronic payments can result in a data security breach. A data security breach can be costly in terms of investigative, legal, reputation, financial impacts. Examples 2007 loss of data for 45 million credit card holders by TJX (parent company of TJ Maxx) resulted in $256MM in investigative, legal and enhanced security costs. Heartland Payment Systems stock price fell 42% in the days following its January 20, 2009 announcement of a security breach

18 Polling Question Which type of fraud causes your company the most concern? Check Fraud ACH and Wire Transfer Fraud Online Payments Fraud B2B Payments Fraud Consumer Electronic Payments Fraud 18 18

19 Preventing Check Fraud Migrate to safer electronic payments services. Direct deposit of pay via ACH and payroll cards. Integrated payables. Implement positive pay, reverse positive pay and payee positive pay services. Reconcile accounts and review activity daily; report suspicious items promptly. Segregate duties (check issuance, approval). Limit number of authorized signers. Limit posting of checks to deposit-only accounts. Obtain CD-ROM paid check imaging. Use larger font for check printing and asterisks to prevent adding payees. Place out going mail in a safe and secure location

20 Preventing Check Fraud (Continued) Utilize checks with security features. Store check stock, signature stamps, facsimile signatures and check stock in secure environment with inventory control. Shred confidential documents no longer needed

21 Preventing ACH and Wire Fraud Reconcile accounts daily. Return unauthorized ACH debits timely. No later than the opening of business on the second banking day following the Settlement Date of the original entry (ACH Rules). Use ACH debit blocks, filters and positive pay services. Provide trading partners with a Universal Payment Identification Code (UPIC) in lieu of account number. UPIC is a unique bank account identifier issued by financial institutions that allows organizations to receive electronic payments without divulging confidential banking information

22 Preventing Online Payments Fraud Implement policies and procedures. User access and password management. Acceptable use of the Internet policy. Prompt updates of employee access as changes warrant (re-assignments, terminations, etc.) Periodic online fraud report sort of State of the Union of online fraud in your company. When and how Social Security numbers can be used / displayed / printed. Institute an employee education and awareness program (to include both new employees and periodic refresher training for existing employees). General education of risks, social engineering scams, and controls. More specific education on topics that may be directly targeting your business spear phishing Policies and procedures. Advisories

23 Preventing Online Payments Fraud (Continued) Protect essential hardware and software Manage both physical and systems access. Desktops versus laptops. Back up files incrementally (daily) and fully (weekly / offsite). Test restore function. Check browser configuration for appropriate settings. Consider encryption of sensitive data. Ensure that anti-virus updates, spy-ware updates, and operating systems and browser patches are current. Implement a firewall, selected based upon your business needs, and ensure that it is enabled and configured for automatic updates (if available). Segregate responsibilities for payments template maintenance, entry and approval to limit internal fraud and exposure to phishing. Take steps to securely dispose of assets (hardware, software, records). As warranted, use multi-factor authentication tools (tokens, digital certificates, etc.) Assign dual system administrators for online cash management services

24 Preventing Online Payments Fraud (Continued) Use bookmarks in your web browser for entities with which you regularly communicate. Navigate pop-ups wisely. Consider using a pop-up block function in your browser. Do not enter personal information. Legitimate entities don t ask for personal info via a pop-up. Never click inside a pop-up window to close. Either click X at the top right corner or (based on the operating system) hold down Alt and F4 to close current window. Be cautious about all communications you receive. Install a phishing filter on your application Do not be intimidated by a caller or an that has a complaint and/or suggests dire consequences if response is not immediate. Be cautious of unsolicited . Do not feel obligated to open. Instead, just delete. Do not open attachments or click on hyperlinks in unsolicited . If unsure of the authenticity, verify. The key is to know the origin through information you have verified yourself. Never give out your password, account number, ID or credentials via , the Web, text messages, or the telephone

25 Preventing Online Payments Fraud (Continued) Know the warning signs of when you may have a problem! Know your computer(s). If acting strangely (slow response times, excessive popups, etc. check it out! Know when to expect your account statements. If they are late and/or do not arrive, contact your financial institution to find out why. If your FI offers, take advantage of online functionality that allows more frequent review of activities. Look for unauthorized charges on your statements. If identified, notify your FI immediately. Consider mobile / alerts / notifications for high risk activities. Know how to respond in an event! Quarantine any computer suspected of being compromised. Forward suspect phishing s to the FTC at Apply additional scrutiny or controls to transactions following attacks. If you think you ve been scammed, visit

26 Preventing B2B Card Payments Fraud* Require original receipts for purchases or confirmations of Web purchases from employees. Define spending limits by employee or level. Assign a permanent administrator to train cardholders and monitor usage. Develop a detailed cardholder agreement that both employees/cardholders and supervisors must sign. Conduct surprise audits of compliance with card usage policies. *Source: 2008 Payments Fraud and Control Survey 26 26

27 Preventing Consumer Electronic Payments Fraud Cards Utilize Address Verification Service (AVS), Card Verification Number (CVV2, CVC2, etc.), Verified by Visa and Master Card SecureCode to protect against card fraud. Ensure card processing system and hardware is Payment Card Industry (PCI) compliant. Mandatory for merchants/processors accepting Visa, Master Card, AMEX and Discover. Specific requirements for firewalls, network security, encryption and protection of card holder data. For more information visit

28 Preventing Consumer Electronic Payments Fraud (Continued) ACH Delay shipping goods until period for ACH returns has elapsed. Ensure ACH Web payment capability complies with ACH Rules. Employ fraudulent transaction detection system. Verify routing numbers. Secure Internet session (minimum 128 bit SSL encryption technology). Conduct annual security audit

29 Other Fraud Measures Employees Conduct background checks. Require mandatory vacations. Delete online user IDs as part of exit process. Monitor and respond to suspicious behavior. Randomly audit work activities. Implement dual control for sensitive treasury management transactions. Set and review internal controls, procedures and employee limits. Investigate customer claims of non-receipt of payment. Promptly report suspected payments fraud to law enforcement and your bank

30 Concluding Thoughts Designate a principal individual or unit responsible for fraud. Approach fraud as a business, versus technology, function. Ask questions to understand your risk exposure. Identify and inventory assets. Identify and stay current on the threats to your assets. Implement a good mix of solutions that best meets your business needs

31 Thank you for participating today. Evaluation You will receive a short webinar evaluation request via . Your feedback is very important to us. Contact Information For additional information, please call to reach a BB&T Payments Consultant. Or visit html Member FDIC 31 31

Remote Deposit Quick Start Guide

Remote Deposit Quick Start Guide Treasury Management Fraud Prevention How to Protect Your Business Remote Deposit Quick Start Guide What s Inside We re committed to the safety of your company s financial information. We want to make you

More information

Online Cash Management Security: Beyond the User Login

Online Cash Management Security: Beyond the User Login Online Cash Management Security: Beyond the User Login Sonya Crites, CTP, SunTrust Anita Stevenson-Patterson, CTP, Manheim February 28, 2008 Agenda Industry Trends Government Regulations Payment Fraud

More information

Protecting your business from fraud

Protecting your business from fraud Protecting your business from fraud KEY TAKEAWAYS > Understand the most common types of fraud and how to identify them. > What to do if you uncover fraudulent activity or suspect you are a victim of fraud.

More information

Fraud Detection and Prevention. Timothy P. Minahan Vice President Government Banking TD Bank

Fraud Detection and Prevention. Timothy P. Minahan Vice President Government Banking TD Bank Fraud Detection and Prevention Timothy P. Minahan Vice President Government Banking TD Bank Prevention vs. Detection Prevention controls are designed to keep fraud from occurring Detection controls are

More information

CAPITAL PERSPECTIVES DECEMBER 2012

CAPITAL PERSPECTIVES DECEMBER 2012 CAPITAL PERSPECTIVES DECEMBER 2012 MITIGATING PAYMENT FRAUD RISK: IT S A WAR ON TWO FRONTS Payment fraud continues to be one of the biggest risk management challenges facing corporate treasury managers

More information

Don t Fall Victim to Cybercrime:

Don t Fall Victim to Cybercrime: Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security

More information

Business ebanking Fraud Prevention Best Practices

Business ebanking Fraud Prevention Best Practices Business ebanking Fraud Prevention Best Practices User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters, numbers, and special

More information

Payment Fraud and Risk Management

Payment Fraud and Risk Management Payment Fraud and Risk Management Act Today! 1. Help protect your computer against viruses and spyware by using anti-virus and anti-spyware software and automatic updates. Scan your computer regularly

More information

Sound Business Practices for Businesses to Mitigate Corporate Account Takeover

Sound Business Practices for Businesses to Mitigate Corporate Account Takeover Sound Business Practices for Businesses to Mitigate Corporate Account Takeover This white paper provides sound business practices for companies to implement to safeguard against Corporate Account Takeover.

More information

Business Internet Banking / Cash Management Fraud Prevention Best Practices

Business Internet Banking / Cash Management Fraud Prevention Best Practices Business Internet Banking / Cash Management Fraud Prevention Best Practices This document provides fraud prevention best practices that can be used as a training tool to educate new Users within your organization

More information

Best Practices Guide to Electronic Banking

Best Practices Guide to Electronic Banking Best Practices Guide to Electronic Banking City Bank & Trust Company offers a variety of services to our customers. As these services have evolved over time, a much higher percentage of customers have

More information

Reliance Bank Fraud Prevention Best Practices

Reliance Bank Fraud Prevention Best Practices Reliance Bank Fraud Prevention Best Practices May 2013 User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters and numbers.

More information

Best Practices: Reducing the Risks of Corporate Account Takeovers

Best Practices: Reducing the Risks of Corporate Account Takeovers Best Practices: Reducing the Risks of Corporate Account Takeovers California Department of Financial Institutions September 2012 INTRODUCTION A state led cooperative effort, including the United States

More information

Identity Theft, Fraud & You. Prepare. Protect. Prevent.

Identity Theft, Fraud & You. Prepare. Protect. Prevent. Prepare. Protect. Prevent. Identity Theft, Fraud & You Fraud and identity theft incidents claimed fewer victims in 2010 than in previous years. But don t get too comfortable. Average out-of-pocket consumer

More information

Retail/Consumer Client. Internet Banking Awareness and Education Program

Retail/Consumer Client. Internet Banking Awareness and Education Program Retail/Consumer Client Internet Banking Awareness and Education Program Table of Contents Securing Your Environment... 3 Unsolicited Client Contact... 3 Protecting Your Identity... 3 E-mail Risk... 3 Internet

More information

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS $ ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS Boston Private Bank & Trust Company takes great care to safeguard the security of your Online Banking transactions. In addition to our robust security

More information

Electronic Fraud Awareness Advisory

Electronic Fraud Awareness Advisory Electronic Fraud Awareness Advisory Indiana Bankers Association Fraud Awareness Task Force February, 2012 Electronic Fraud Awareness Advisory Purpose/Summary The Indiana Bankers Association (IBA) was involved

More information

Avoid completing forms in email messages that ask for personal financial information.

Avoid completing forms in email messages that ask for personal financial information. INTERNET FRAUD Online scams and viruses are constantly evolving and they threaten the security of computers worldwide. As criminals evolve their tactics, you need to keep your PC's security software (virus

More information

Identity Theft Protection

Identity Theft Protection Identity Theft Protection Email Home EDUCATION on DANGER ZONES Internet Payments Telephone ID theft occurs when someone uses your personal information with out your knowledge to commit fraud. Some terms

More information

Payments Fraud Best Practices

Payments Fraud Best Practices Stephen W. Markwell Disbursements Product Executive J.P. Morgan Pamela R. Malmos Director Finance, Treasury Operations ConAgra Foods, Inc. Fraud Prevention Laura Howley, CTP Director, Global Treasury Operations

More information

OIG Fraud Alert Phishing

OIG Fraud Alert Phishing U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION Washington, D.C. 20507 Office of Inspector General Aletha L. Brown Inspector General July 22, 2005 OIG Fraud Alert Phishing What is Phishing? Phishing is a

More information

suntrust.com 800.SUNTRUST

suntrust.com 800.SUNTRUST suntrust.com 800.SUNTRUST SunTrust Bank is an Equal Housing Lender. Member FDIC. 2010 SunTrust Banks, Inc., SunTrust, Live Solid. Bank Solid., SunTrust Rewards, and Signature Advantage Checking, are federally

More information

How To Help Protect Yourself From Identity Theft

How To Help Protect Yourself From Identity Theft How To Help Protect Yourself From Identity Theft January 20, 2015 Bryan Strong Senior Vice President and Director Information Security This complimentary interactive webinar is sponsored by Zions Bank

More information

Learn to protect yourself from Identity Theft. First National Bank can help.

Learn to protect yourself from Identity Theft. First National Bank can help. Learn to protect yourself from Identity Theft. First National Bank can help. Your identity is one of the most valuable things you own. It s important to keep your identity from being stolen by someone

More information

Preventing Corporate Account Takeover Fraud

Preventing Corporate Account Takeover Fraud Preventing Corporate Account Takeover Fraud Joe Potuzak Senior Vice President Payment Solutions Risk Manager Member FDIC 1 About Our Speaker Joe Potuzak is the Risk Manager for BB&T s Payment Solutions

More information

Your security is our priority

Your security is our priority Your security is our priority Welcome to our Cash Management newsletter for businesses. You will find valuable information about how to limit your company s risk for fraud. We offer a wide variety of products

More information

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange The responsibility of safeguarding your personal information starts with you. Your information is critical and it must be protected from unauthorised disclosure, modification or destruction. Here we are

More information

Online Banking Fraud Prevention Recommendations and Best Practices

Online Banking Fraud Prevention Recommendations and Best Practices Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee at Continental National Bank of Miami needs to know

More information

Corporate Account Take Over (CATO) Guide

Corporate Account Take Over (CATO) Guide Corporate Account Take Over (CATO) Guide This guide was created to increase our customers awareness of the potential risks and threats that are associated with Internet and electronic- based services,

More information

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

PROTECT YOUR COMPUTER AND YOUR PRIVACY! PROTECT YOUR COMPUTER AND YOUR PRIVACY! Fraud comes in many shapes simple: the loss of both money protecting your computer and Take action and get peace of and sizes, but the outcome is and time. That

More information

The information contained in this session may contain privileged and confidential information. This presentation is for information purposes only.

The information contained in this session may contain privileged and confidential information. This presentation is for information purposes only. The information contained in this session may contain privileged and confidential information. This presentation is for information purposes only. Before acting on any ideas presented in this session;

More information

2014 Payments Fraud Survey

2014 Payments Fraud Survey 2014 Payments Fraud Survey Summary of Consolidated Results Payments Information & Outreach Office Federal Reserve Bank of Minneapolis December 2014 Topics Survey Methodology & Respondent Profile Fraud

More information

Online Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts

Online Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts A Guide to Protecting Your Identity and Accounts As part of SunTrust s commitment to protecting your accounts and identity, we ve created the Online Fraud & Identity Theft Guide, which provides information

More information

Corporate Account Takeover & Information Security Awareness. Customer Training

Corporate Account Takeover & Information Security Awareness. Customer Training Corporate Account Takeover & Information Security Awareness Customer Training No computer system can provide absolute security under all conditions. NO SECURITY MEASURE OR LIST OF SECURITY MEASURES CAN

More information

Torn Identity: Preventing New Forms of Corporate Identity Theft

Torn Identity: Preventing New Forms of Corporate Identity Theft Torn Identity: Preventing New Forms of Corporate Identity Theft Bonnie J. Hertz, CTP Cash Manager North Pacific Group, Inc. Greg Hansen VP, Product Management Wells Fargo Bank 1 Agenda Overview of fraud

More information

Business Online Banking & Bill Pay Guide to Getting Started

Business Online Banking & Bill Pay Guide to Getting Started Business Online Banking & Bill Pay Guide to Getting Started What s Inside Contents Security at Vectra Bank... 4 Getting Started Online... 5 Welcome to Vectra Bank Business Online Banking. Whether you re

More information

NATIONAL CYBER SECURITY AWARENESS MONTH

NATIONAL CYBER SECURITY AWARENESS MONTH NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the

More information

E-MAIL & INTERNET FRAUD

E-MAIL & INTERNET FRAUD FRAUD ALERT! FRAUD ALERT! Guarding Against E-MAIL & INTERNET FRAUD What credit union members should know to counter Phishing Pharming Spyware Online fraud On-Line Fraud Is Growing E-Mail and Internet Fraud

More information

Information Security Awareness

Information Security Awareness Corporate Account Takeover & Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation

More information

Payment Systems Department

Payment Systems Department v Note: Please follow these guidelines for your safety as you enjoy the convenience of technology. However these guidelines are general; therefore, specific precautions may be taken as warranted by the

More information

Corporate Account Takeover & Information Security Awareness

Corporate Account Takeover & Information Security Awareness Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is for information purposes

More information

Deception scams drive increase in financial fraud

Deception scams drive increase in financial fraud ADDRESS 2 Thomas More Square London E1W 1YN WEBSITE www.financialfraudaction.org.uk DIRECT LINE 020 3217 8436 NEWS RELEASE EMAIL press@ukcards-ffauk.org.uk Deception scams drive increase in financial fraud

More information

ICCCFO Conference, Fall 2011. Payment Fraud Mitigation: Securing Your Future

ICCCFO Conference, Fall 2011. Payment Fraud Mitigation: Securing Your Future ICCCFO Conference, Fall 2011 Payment Fraud Mitigation: Securing Your Future Presented by: Brian Irwin, CTP Vice President Fifth Third Bank Commercial Treasury Management And Claire Dittrich Executive Consultant-

More information

Corporate Account Takeover & Information Security Awareness

Corporate Account Takeover & Information Security Awareness Corporate Account Takeover & Information Security Awareness 1 The information contained in this presentation may contain privileged and confidential information. This presentation is for information purposes

More information

OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875

OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 Understanding Information Security Information Security Information security refers to safeguarding information from misuse and theft,

More information

THE HOME LOAN SAVINGS BANK. Corporate Account Takeover & Information Security Awareness

THE HOME LOAN SAVINGS BANK. Corporate Account Takeover & Information Security Awareness THE HOME LOAN SAVINGS BANK Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is

More information

BANKOH BUSINESS CONNECTIONS WIRE TRANSFER GUIDE

BANKOH BUSINESS CONNECTIONS WIRE TRANSFER GUIDE BANKOH BUSINESS CONNECTIONS WIRE TRANSFER GUIDE Revision 2/2013 1 of 35 Contents GENERAL INFORMATION... 3 Wire Transfers... 3 Types of Wires... 3 Wire Templates... 3 Bankoh Business Connections Wire Cut-off

More information

With the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful.

With the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful. With the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful. Breach Overview Q: Media reports are stating that Target experienced a data breach. Can you provide more

More information

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security ITSC Training Courses Student IT Competence Programme SI1 2012 2013 Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1 Course Outline What you should know

More information

Guide to credit card security

Guide to credit card security Contents Click on a title below to jump straight to that section. What is credit card fraud? Types of credit card fraud Current scams Keeping your card and card details safe Banking and shopping securely

More information

Cyber - Security and Investigations. Ingrid Beierly August 18, 2008

Cyber - Security and Investigations. Ingrid Beierly August 18, 2008 Cyber - Security and Investigations Ingrid Beierly August 18, 2008 Agenda Visa Cyber - Security and Investigations Today s Targets Recent Attack Patterns Hacking Statistics (removed) Top Merchant Vulnerabilities

More information

Fraud Guide Fraud Protection

Fraud Guide Fraud Protection Fraud Guide Fraud Protection A simple guide on how to protect yourself against fraud. A simple guide on how to protect yourself against fraud It seems like every day there are new reports of different

More information

Fraud Protection, You and Your Bank

Fraud Protection, You and Your Bank Fraud Protection, You and Your Bank Maximize your chances to minimize your losses Presentation for Missouri GFOA April 2011 By: Terry Endres, VP, Government Treasury Solutions Phone: 314-466-6774 Terry.m.endres@baml.com

More information

Mifflinburg Bank & Trust. Corporate Account Takeover & Information Security Awareness

Mifflinburg Bank & Trust. Corporate Account Takeover & Information Security Awareness Mifflinburg Bank & Trust Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is

More information

location of optional horizontal pic Corporate and Investment Banking Business Online Information Security

location of optional horizontal pic Corporate and Investment Banking Business Online Information Security location of optional horizontal pic Corporate and Investment Banking Business Online Information Security Business Online Information Security Risk reduction: Ensuring your sensitive information is secure

More information

Protect yourself online

Protect yourself online Protect yourself online Advice from Nottinghamshire Police s Pre Crime Unit Get daily updates: www.nottinghamshire.police.uk www.twitter.com/nottspolice www.facebook.com/nottspolice www.youtube.com/nottinghampolice

More information

BUSINESS ONLINE BANKING AGREEMENT

BUSINESS ONLINE BANKING AGREEMENT BUSINESS ONLINE BANKING AGREEMENT This Business Online Banking Agreement ("Agreement") establishes the terms and conditions for Business Online Banking Services ( Service(s) ) provided by Mechanics Bank

More information

EAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy )

EAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy ) EAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy ) Background Due to increased threat of identity theft, fraudulent credit card activity and other instances where cardholder

More information

Business Identity Fraud Prevention Checklist

Business Identity Fraud Prevention Checklist Business Identity Fraud Prevention Checklist 9 Critical Things Every Business Owner Should Do Business identity thieves and fraudsters are clever and determined, and can quickly take advantage of business

More information

Intercepting your mail. They can complete change of address forms and receive mail that s intended for you.

Intercepting your mail. They can complete change of address forms and receive mail that s intended for you. At SunTrust, we re committed to protecting your accounts and identity. That s why we ve created this Identity Theft Guide. This guide provides information about online fraud and identity theft, as well

More information

Section 5 Identify Theft Red Flags and Address Discrepancy Procedures Index

Section 5 Identify Theft Red Flags and Address Discrepancy Procedures Index Index Section 5.1 Purpose.... 2 Section 5.2 Definitions........2 Section 5.3 Validation Information.....2 Section 5.4 Procedures for Opening New Accounts....3 Section 5.5 Procedures for Existing Accounts...

More information

Safeguarding Your information and accounts

Safeguarding Your information and accounts Safeguarding Your information and accounts D Bank with confidence The security of your funds and information is a top priority at Liberty Bank. We do our utmost every day to prevent fraud and identity

More information

COLUMBUS STATE COMMUNITY COLLEGE POLICY AND PROCEDURES MANUAL

COLUMBUS STATE COMMUNITY COLLEGE POLICY AND PROCEDURES MANUAL PAYMENT CARD INDUSTRY COMPLIANCE (PCI) Effective June 1, 2011 Page 1 of 6 (1) Definitions a. Payment Card Industry Data Security Standards (PCI-DSS): A set of standards established by the Payment Card

More information

Cal Poly PCI DSS Compliance Training and Information. Information Security http://security.calpoly.edu 1

Cal Poly PCI DSS Compliance Training and Information. Information Security http://security.calpoly.edu 1 Cal Poly PCI DSS Compliance Training and Information Information Security http://security.calpoly.edu 1 Training Objectives Understanding PCI DSS What is it? How to comply with requirements Appropriate

More information

THE UNIVERSITY OF NORTH CAROLINA AT GREENSBORO IDENTITY THEFT PREVENTION PROGRAM

THE UNIVERSITY OF NORTH CAROLINA AT GREENSBORO IDENTITY THEFT PREVENTION PROGRAM Program Adoption THE UNIVERSITY OF NORTH CAROLINA AT GREENSBORO IDENTITY THEFT PREVENTION PROGRAM As a best practice and using as a guide the Federal Trade Commission s ( FTC ) Red Flags Rule, implementing

More information

Protecting Yourself from Identity Theft

Protecting Yourself from Identity Theft Protecting Yourself from Identity Theft Identity theft is everywhere. In fact, according to a 2013 report by Javelin Research, there is one incident of identity fraud every two seconds. While we cannot

More information

The University of North Carolina at Charlotte Identity Theft Prevention Program

The University of North Carolina at Charlotte Identity Theft Prevention Program The University of North Carolina at Charlotte Identity Theft Prevention Program Program Adoption As a best practice and using as a guide the Federal Trade Commission s ( FTC ) Red Flags Rule ( Rule ),

More information

Deter, Detect, Defend

Deter, Detect, Defend Deter, Detect, Defend Deter Never provide personal information, including social security number, account numbers or passwords over the phone or Internet if you did not initiate the contact Never click

More information

TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS. Corporate Account Takeover & Information Security Awareness

TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS. Corporate Account Takeover & Information Security Awareness TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This

More information

01.230 IDENTITY THEFT PREVENTION PROGRAM (RED FLAGS)

01.230 IDENTITY THEFT PREVENTION PROGRAM (RED FLAGS) 01.230 IDENTITY THEFT PREVENTION PROGRAM (RED FLAGS) Authority: Board of Trustees History: Effective May 1, 2009 (approved initially April 24, 2009) Source of Authority: Related Links: Responsible Office:

More information

Protecting your business from some of the current fraud threats

Protecting your business from some of the current fraud threats Protecting your business from some of the current fraud threats This literature provides guidance on fraud prevention and is provided for information purposes only. Where noted the guidance provided has

More information

Gladiator NetTeller Enterprise Security Monitoring Online Fraud Detection INFORMATION SECURITY & RISK MANAGEMENT

Gladiator NetTeller Enterprise Security Monitoring Online Fraud Detection INFORMATION SECURITY & RISK MANAGEMENT Gladiator NetTeller Enterprise Security Monitoring Online Fraud Detection INFORMATION SECURITY & RISK MANAGEMENT Gladiator NetTeller Enterprise Security Monitoring Online Fraud Detection Foreword The consumerization

More information

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C. 20301-6000

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C. 20301-6000 DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C. 20301-6000 CHIEF INFORMATION OFFICER October 1, 2015 MEMORANDUM FOR SECRETARIES OF THE MILITARY DEPARTMENTS CHAIRMAN OF THE JOINT CHIEFS OF

More information

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines 1. Implement anti-virus software An anti-virus program is necessary to protect your computer from malicious programs,

More information

The 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance

The 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance Date: 07/19/2011 The 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance PCI and HIPAA Compliance Defined Understand

More information

Safe Practices for Online Banking

Safe Practices for Online Banking November 2012 Follow these guidelines to help protect your information while banking online. At First Entertainment Credit Union, our goal is to provide you with the best all around banking experience.

More information

Franchise Data Compromise Trends and Cardholder. December, 2010

Franchise Data Compromise Trends and Cardholder. December, 2010 Franchise Data Compromise Trends and Cardholder Security Best Practices December, 2010 Franchise Data Security Agenda Cardholder Data Compromise Overview Breach Commonalities Hacking Techniques Franchisee

More information

1. Any email requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.

1. Any email requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic. Your identity is one of the most valuable things you own. It s important to keep your identity from being stolen by someone who can potentially harm your good name and financial well-being. Identity theft

More information

Information carelessly discarded into the trash can be stolen when a thief digs through the garbage.

Information carelessly discarded into the trash can be stolen when a thief digs through the garbage. Identity theft occurs when someone wrongfully acquires and uses a consumer s personal identification, credit, or account information. Identity theft can wreak havoc on an individual s credit report, cause

More information

Online security. Defeating cybercriminals. Protecting online banking clients in a rapidly evolving online environment. The threat.

Online security. Defeating cybercriminals. Protecting online banking clients in a rapidly evolving online environment. The threat. Defeating cybercriminals Protecting online banking clients in a rapidly evolving online environment The threat As the pace of technological change accelerates, so does the resourcefulness and ingenuity

More information

Online Banking Customer Awareness and Education Program

Online Banking Customer Awareness and Education Program Online Banking Customer Awareness and Education Program Electronic Fund Transfers: Your Rights and Responsibilities (Regulation E Disclosure) Indicated below are types of Electronic Fund Transfers we are

More information

CYBERCRIME: What your Bank should be doing to Protect your Business. David Pollino Senior Vice President Fraud Prevention Officer

CYBERCRIME: What your Bank should be doing to Protect your Business. David Pollino Senior Vice President Fraud Prevention Officer CYBERCRIME: What your Bank should be doing to Protect your Business David Pollino Senior Vice President Fraud Prevention Officer Agenda Changing Landscape Case of Efficient Services Escrow Group Six key

More information

How to complete the Secure Internet Site Declaration (SISD) form

How to complete the Secure Internet Site Declaration (SISD) form 1 How to complete the Secure Internet Site Declaration (SISD) form The following instructions are designed to assist you in completing the SISD form that forms part of your Merchant application. Once completed,

More information

CONSIDERATIONS BEFORE MOVING TO THE CLOUD

CONSIDERATIONS BEFORE MOVING TO THE CLOUD CONSIDERATIONS BEFORE MOVING TO THE CLOUD What Management Needs to Know Part II By Debbie C. Sasso Principal In part I, we discussed organizational compliance related to information technology and what

More information

6-8065 Payment Card Industry Compliance

6-8065 Payment Card Industry Compliance 0 0 0 Yosemite Community College District Policies and Administrative Procedures No. -0 Policy -0 Payment Card Industry Compliance Yosemite Community College District will comply with the Payment Card

More information

Visa CREDIT Card General Guidelines

Visa CREDIT Card General Guidelines Visa CREDIT Card General Guidelines General Account Information Phone Numbers and Addresses It is very important to keep us up-to-date with your correct address and phone number. Card reissues/replacements

More information

Cyber Security. Securing Your Mobile and Online Banking Transactions

Cyber Security. Securing Your Mobile and Online Banking Transactions Cyber Security Securing Your Mobile and Online Banking Transactions For additional copies or to download this document, please visit: http://msisac.cisecurity.org/resources/guides 2014 Center for Internet

More information

Fraud Information and Security

Fraud Information and Security Fraud Information and Security Updated: January 13, 2015 How We Protect You At WySTAR Global Retirement Solutions security is a top priority. We understand that your trust in us depends on how well we

More information

When registering on a jobsite, first ensure that the site is reputable and has a physical address and landline phone number.

When registering on a jobsite, first ensure that the site is reputable and has a physical address and landline phone number. Job searching online has become the most popular method of finding employment. Searching for the type of job you want is fast and easy, and you can see new jobs as soon as employers / agencies post them.

More information

Customer Awareness for Security and Fraud Prevention

Customer Awareness for Security and Fraud Prevention Customer Awareness for Security and Fraud Prevention Identity theft continues to be a growing problem in our society today. All consumers must manage their personal information wisely and cautiously to

More information

Protect Yourself Against Identity Theft

Protect Yourself Against Identity Theft Protect Yourself Against Identity Theft Watch out for Phishing Attacks! A Message from District Attorney P. David Soares Dear Friends, In the age of the Internet, the information highway runs right into

More information

Personal Online Banking & Bill Pay. Guide to Getting Started

Personal Online Banking & Bill Pay. Guide to Getting Started Personal Online Banking & Bill Pay Guide to Getting Started What s Inside Contents Security at Vectra Bank... 4 Getting Started Online... 5 Welcome to Vectra Bank Online Banking. Whether you re at home,

More information

IRS & Partners Combat Tax-Related Identity Theft What s New for 2016

IRS & Partners Combat Tax-Related Identity Theft What s New for 2016 IRS & Partners Combat Tax-Related Identity Theft What s New for 2016 General Scope of Identity Theft Identity theft costs U.S. victims more than all property crimes combined Identity theft remains number

More information

CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY

CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY Policy Number: 2008-02 Date Adopted: October 27, 2008 Department: Administrative SUBJECT: IDENTITY THEFT PREVENTION PROGRAM I. OBJECTIVE: A. To protect

More information

Data Management Policies. Sage ERP Online

Data Management Policies. Sage ERP Online Sage ERP Online Sage ERP Online Table of Contents 1.0 Server Backup and Restore Policy... 3 1.1 Objectives... 3 1.2 Scope... 3 1.3 Responsibilities... 3 1.4 Policy... 4 1.5 Policy Violation... 5 1.6 Communication...

More information

Malware & Botnets. Botnets

Malware & Botnets. Botnets - 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online

More information

Battling Payment Fraud: The Never Ending Story. Presented by: Peter Tristani, Vice President, Payments and Remittance

Battling Payment Fraud: The Never Ending Story. Presented by: Peter Tristani, Vice President, Payments and Remittance Battling Payment Fraud: The Never Ending Story Presented by: Peter Tristani, Vice President, Payments and Remittance Agenda Overview Fraud: The Big Picture Evolving Fraud Impact of Fraud on Corporations

More information

Online Cash Manager Security Guide

Online Cash Manager Security Guide Online Cash Manager Security Guide You re the One who can protect your business from the threat of a Corporate Account Takeover. 102 South Clinton Street Iowa City, IA 52240 1-800-247-4418 Version 1.0

More information

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL Title: Computer and Network Security Policy Policy Number: 04.72.12 Effective Date: November 4, 2003 Issuing Authority: Office of the Vice President for

More information

I dentity theft occurs

I dentity theft occurs 1.3.1.F1 Identity Family Economics and Financial Education W h at i s I d e n t i t y T h e f t? I dentity theft occurs when someone wrongfully acquires and uses a consumer s personal identification, credit,

More information