Phishing for Fraud: Don't Let your Company Get Hooked!
|
|
- Esmond Woods
- 8 years ago
- Views:
Transcription
1 Phishing for Fraud: Don't Let your Company Get Hooked! March 2009 Approved for 1 CTP/CCM recertification credit by the Association for Financial Professionals 1
2 Today s Speakers: Joe Potuzak is Senior Vice President and Payment Solutions Risk Manager. Joe has more than 20 years experience in commercial lending, operations and payments risk management roles. Rachel M. Floars is Senior Vice President and Electronic Delivery Systems Risk Manager. Rachel has more than 25 years experience in operations and risk management roles. 2 2
3 Today s Agenda: of Fraud of Fraud Preventing Fraud 3 3
4 Polling Questions How would your company categorize its current level of concern related to fraud? Very High High Moderate Low Very Low / No Concern How would your company categorize its current level of resources (people, processes, systems) allocated to fraud detection and prevention? Have more than enough resources allocated Have the right level of resources allocated Don t have enough resources allocated No resources currently allocated 4 4
5 Association for Financial Professionals (AFP) Payments Fraud & Control Survey March corporate cash managers, analysts, directors, asst. treasurers & controllers surveyed: Fifteen Industries Revenue Size Ownership Manufacturing (21%) Retail (11%) Insurance (9%) Energy (9%) Less than $100MM (9%) $ MM (34%) $1B+ (57%) Publicly owned (47%) Privately held (32%) Non-profit (11%) Government (10%) 5 5
6 AFP Payments Fraud & Control Survey March % of organizations experienced attempted or actual payments fraud in 2007: of Fraud Loss Size Median loss Check fraud (94%) ACH debit (26%) Corporate cards (13%) Consumer ACH and/or card payments (10%) ACH credits (4%) Wire transfer (3%) Prepaid/gift cards (1%) No loss (63%) Less than $25,000 (25%) $25,000 99,999 (7%) $100,000+ (7%) $13,
7 Additionally, Organizations are experiencing the following impacts: Disabled websites unavailable for use by their clients. Office computers that are shut down by viruses. Compromise and theft of sensitive client and / or employee information. Manipulation or destruction of important organizational data by a former disgruntled Employee. Malicious use of their systems to attack another system. 7 7
8 Polling Question Which is the most effective source currently used for maintaining knowledge of evolving fraud trends and schemes? Advisories / information from your financial institution. Industry associations. Newspapers and periodicals. Peer networking. Software / hardware / processing vendors. 8 8
9 Check Fraud Check fraud is widespread despite significant decline in check usage.* Growth in check fraud is outpacing growth in electronic payments fraud.* Accounts payable/disbursement accounts most frequent target (84%).* Payroll accounts second most frequent target (34%).* Examples: Counterfeit checks imprinted with organization s MICR line but other business name. Altered payee names or amounts. Forged signatures. Lost, stolen or counterfeit employee paychecks. Fraudulent checks identified with positive pay and represented as ACH debits. *Source: AFP 2008 Payments Fraud and Control Survey 9 9
10 ACH & Wire Fraud 15% of organizations surveyed experienced financial losses from ACH fraud in 2007.* Failure to adopt effective internal controls and bank fraud control services cited as most frequent reasons for ACH loss.* Examples: Fraudulent ACH debits posted to business account. Misdirected outgoing wire or ACH payment. Fictitious employee added to ACH payroll file. Keying errors. *Source: AFP 2008 Payments Fraud and Control Survey 10 10
11 Online Payments Fraud Two Components of Online Payments Fraud: THEFT of consumer / business payment information / credentials FRAUDULENT USE of consumer / business payment information / credentials for unauthorized financial activity Scams / Schemes may have varied Goals: Target only the theft of information / credentials. Objective is to use fraudulently at a later time in the same or another channel, or sale in market. Target both the theft of information / credentials & immediately use for unauthorized financial activity. Objective is to get in and out before victim and/or FI becomes aware
12 Online Payments Fraud A primary theft scam / scheme is Phishing / Spamming Services, which attempt to entice an recipient into clicking on a fraudulent link. November 2008 online fraud data.* 207 global bank brands targeted in online phishing attempts (24% increase from October 2008). 10,626 actual phishing attacks. 53% of worldwide phishing attacks targeted at U.S. banks. *Source: RSA Security, Inc., Online Fraud Report 12 12
13 Online Payments Fraud (Continued) Bogus Website requesting entry of consumer / business payment information / credentials. Automatic download of malicious software (malware) to victim s computer. You ve Got Mail CLICK 13 MALWARE EXAMPLES Keystroke Logging Hidden URL redirect Trojan Remote Control SQL Injection Captures and records user keystrokes Unknowingly redirects user to bogus URL Looks like a desirable function, but when selected allows unauthorized access to computer Allows a fraudster to control computer from remote location Allows fraudster to execute unauthorized SQL commands, Used to steal information from a database 13 13
14 Online Payments Fraud (Continued) Easy to Spot Graphics Pop-Ups Used Victim s Knowledge of Scheme The Evolution Of Phishing Malware Spear Phishing Targets Companies Hishing Embeds malware into Hardware Wishing Targets Individuals Sishing Entices users to click on advertising links???????????? 14 14
15 B2B Card Payments Fraud* Purchasing and Travel & Entertainment cards. 73% of AFP survey respondents indicate that their organization uses corporate cards. 13% reported attempted or actual payments fraud. Purchasing cards more likely to be involved in fraud than T&E cards (75% versus 46%). Likely perpetrator is an unknown external party or employee versus vendor. *Source: AFP 2008 Payments Fraud and Control Survey 15 15
16 Consumer Electronic Payments Fraud* 43% of respondents accept ACH and/or card payments from consumers. Most fraud involves credit cards. Credit cards (89%) ACH (38%) Signature debit cards (24%) PIN debit cards (11%) Channels used to commit consumer ACH and/or card payments fraud resulting in financial loss. Online via the Web (71%) In person (e.g. store or branch location) (63%) Over the phone (46%) 1/3 of organizations reported an increase in consumer electronic payments fraud from 2006 to *Source: AFP 2008 Payments Fraud and Control Survey 16 16
17 Consumer Electronic Payments Fraud (Continued) Failure to safeguard consumer data when accepting electronic payments can result in a data security breach. A data security breach can be costly in terms of investigative, legal, reputation, financial impacts. Examples 2007 loss of data for 45 million credit card holders by TJX (parent company of TJ Maxx) resulted in $256MM in investigative, legal and enhanced security costs. Heartland Payment Systems stock price fell 42% in the days following its January 20, 2009 announcement of a security breach
18 Polling Question Which type of fraud causes your company the most concern? Check Fraud ACH and Wire Transfer Fraud Online Payments Fraud B2B Payments Fraud Consumer Electronic Payments Fraud 18 18
19 Preventing Check Fraud Migrate to safer electronic payments services. Direct deposit of pay via ACH and payroll cards. Integrated payables. Implement positive pay, reverse positive pay and payee positive pay services. Reconcile accounts and review activity daily; report suspicious items promptly. Segregate duties (check issuance, approval). Limit number of authorized signers. Limit posting of checks to deposit-only accounts. Obtain CD-ROM paid check imaging. Use larger font for check printing and asterisks to prevent adding payees. Place out going mail in a safe and secure location
20 Preventing Check Fraud (Continued) Utilize checks with security features. Store check stock, signature stamps, facsimile signatures and check stock in secure environment with inventory control. Shred confidential documents no longer needed
21 Preventing ACH and Wire Fraud Reconcile accounts daily. Return unauthorized ACH debits timely. No later than the opening of business on the second banking day following the Settlement Date of the original entry (ACH Rules). Use ACH debit blocks, filters and positive pay services. Provide trading partners with a Universal Payment Identification Code (UPIC) in lieu of account number. UPIC is a unique bank account identifier issued by financial institutions that allows organizations to receive electronic payments without divulging confidential banking information
22 Preventing Online Payments Fraud Implement policies and procedures. User access and password management. Acceptable use of the Internet policy. Prompt updates of employee access as changes warrant (re-assignments, terminations, etc.) Periodic online fraud report sort of State of the Union of online fraud in your company. When and how Social Security numbers can be used / displayed / printed. Institute an employee education and awareness program (to include both new employees and periodic refresher training for existing employees). General education of risks, social engineering scams, and controls. More specific education on topics that may be directly targeting your business spear phishing Policies and procedures. Advisories
23 Preventing Online Payments Fraud (Continued) Protect essential hardware and software Manage both physical and systems access. Desktops versus laptops. Back up files incrementally (daily) and fully (weekly / offsite). Test restore function. Check browser configuration for appropriate settings. Consider encryption of sensitive data. Ensure that anti-virus updates, spy-ware updates, and operating systems and browser patches are current. Implement a firewall, selected based upon your business needs, and ensure that it is enabled and configured for automatic updates (if available). Segregate responsibilities for payments template maintenance, entry and approval to limit internal fraud and exposure to phishing. Take steps to securely dispose of assets (hardware, software, records). As warranted, use multi-factor authentication tools (tokens, digital certificates, etc.) Assign dual system administrators for online cash management services
24 Preventing Online Payments Fraud (Continued) Use bookmarks in your web browser for entities with which you regularly communicate. Navigate pop-ups wisely. Consider using a pop-up block function in your browser. Do not enter personal information. Legitimate entities don t ask for personal info via a pop-up. Never click inside a pop-up window to close. Either click X at the top right corner or (based on the operating system) hold down Alt and F4 to close current window. Be cautious about all communications you receive. Install a phishing filter on your application Do not be intimidated by a caller or an that has a complaint and/or suggests dire consequences if response is not immediate. Be cautious of unsolicited . Do not feel obligated to open. Instead, just delete. Do not open attachments or click on hyperlinks in unsolicited . If unsure of the authenticity, verify. The key is to know the origin through information you have verified yourself. Never give out your password, account number, ID or credentials via , the Web, text messages, or the telephone
25 Preventing Online Payments Fraud (Continued) Know the warning signs of when you may have a problem! Know your computer(s). If acting strangely (slow response times, excessive popups, etc. check it out! Know when to expect your account statements. If they are late and/or do not arrive, contact your financial institution to find out why. If your FI offers, take advantage of online functionality that allows more frequent review of activities. Look for unauthorized charges on your statements. If identified, notify your FI immediately. Consider mobile / alerts / notifications for high risk activities. Know how to respond in an event! Quarantine any computer suspected of being compromised. Forward suspect phishing s to the FTC at spam@uce.gov. Apply additional scrutiny or controls to transactions following attacks. If you think you ve been scammed, visit
26 Preventing B2B Card Payments Fraud* Require original receipts for purchases or confirmations of Web purchases from employees. Define spending limits by employee or level. Assign a permanent administrator to train cardholders and monitor usage. Develop a detailed cardholder agreement that both employees/cardholders and supervisors must sign. Conduct surprise audits of compliance with card usage policies. *Source: 2008 Payments Fraud and Control Survey 26 26
27 Preventing Consumer Electronic Payments Fraud Cards Utilize Address Verification Service (AVS), Card Verification Number (CVV2, CVC2, etc.), Verified by Visa and Master Card SecureCode to protect against card fraud. Ensure card processing system and hardware is Payment Card Industry (PCI) compliant. Mandatory for merchants/processors accepting Visa, Master Card, AMEX and Discover. Specific requirements for firewalls, network security, encryption and protection of card holder data. For more information visit
28 Preventing Consumer Electronic Payments Fraud (Continued) ACH Delay shipping goods until period for ACH returns has elapsed. Ensure ACH Web payment capability complies with ACH Rules. Employ fraudulent transaction detection system. Verify routing numbers. Secure Internet session (minimum 128 bit SSL encryption technology). Conduct annual security audit
29 Other Fraud Measures Employees Conduct background checks. Require mandatory vacations. Delete online user IDs as part of exit process. Monitor and respond to suspicious behavior. Randomly audit work activities. Implement dual control for sensitive treasury management transactions. Set and review internal controls, procedures and employee limits. Investigate customer claims of non-receipt of payment. Promptly report suspected payments fraud to law enforcement and your bank
30 Concluding Thoughts Designate a principal individual or unit responsible for fraud. Approach fraud as a business, versus technology, function. Ask questions to understand your risk exposure. Identify and inventory assets. Identify and stay current on the threats to your assets. Implement a good mix of solutions that best meets your business needs
31 Thank you for participating today. Evaluation You will receive a short webinar evaluation request via . Your feedback is very important to us. Contact Information For additional information, please call to reach a BB&T Payments Consultant. Or visit html Member FDIC 31 31
Remote Deposit Quick Start Guide
Treasury Management Fraud Prevention How to Protect Your Business Remote Deposit Quick Start Guide What s Inside We re committed to the safety of your company s financial information. We want to make you
More informationOnline Cash Management Security: Beyond the User Login
Online Cash Management Security: Beyond the User Login Sonya Crites, CTP, SunTrust Anita Stevenson-Patterson, CTP, Manheim February 28, 2008 Agenda Industry Trends Government Regulations Payment Fraud
More informationProtecting your business from fraud
Protecting your business from fraud KEY TAKEAWAYS > Understand the most common types of fraud and how to identify them. > What to do if you uncover fraudulent activity or suspect you are a victim of fraud.
More informationFraud Detection and Prevention. Timothy P. Minahan Vice President Government Banking TD Bank
Fraud Detection and Prevention Timothy P. Minahan Vice President Government Banking TD Bank Prevention vs. Detection Prevention controls are designed to keep fraud from occurring Detection controls are
More informationCAPITAL PERSPECTIVES DECEMBER 2012
CAPITAL PERSPECTIVES DECEMBER 2012 MITIGATING PAYMENT FRAUD RISK: IT S A WAR ON TWO FRONTS Payment fraud continues to be one of the biggest risk management challenges facing corporate treasury managers
More informationDon t Fall Victim to Cybercrime:
Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security
More informationBusiness ebanking Fraud Prevention Best Practices
Business ebanking Fraud Prevention Best Practices User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters, numbers, and special
More informationPayment Fraud and Risk Management
Payment Fraud and Risk Management Act Today! 1. Help protect your computer against viruses and spyware by using anti-virus and anti-spyware software and automatic updates. Scan your computer regularly
More informationSound Business Practices for Businesses to Mitigate Corporate Account Takeover
Sound Business Practices for Businesses to Mitigate Corporate Account Takeover This white paper provides sound business practices for companies to implement to safeguard against Corporate Account Takeover.
More informationBusiness Internet Banking / Cash Management Fraud Prevention Best Practices
Business Internet Banking / Cash Management Fraud Prevention Best Practices This document provides fraud prevention best practices that can be used as a training tool to educate new Users within your organization
More informationBest Practices Guide to Electronic Banking
Best Practices Guide to Electronic Banking City Bank & Trust Company offers a variety of services to our customers. As these services have evolved over time, a much higher percentage of customers have
More informationReliance Bank Fraud Prevention Best Practices
Reliance Bank Fraud Prevention Best Practices May 2013 User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters and numbers.
More informationBest Practices: Reducing the Risks of Corporate Account Takeovers
Best Practices: Reducing the Risks of Corporate Account Takeovers California Department of Financial Institutions September 2012 INTRODUCTION A state led cooperative effort, including the United States
More informationIdentity Theft, Fraud & You. Prepare. Protect. Prevent.
Prepare. Protect. Prevent. Identity Theft, Fraud & You Fraud and identity theft incidents claimed fewer victims in 2010 than in previous years. But don t get too comfortable. Average out-of-pocket consumer
More informationRetail/Consumer Client. Internet Banking Awareness and Education Program
Retail/Consumer Client Internet Banking Awareness and Education Program Table of Contents Securing Your Environment... 3 Unsolicited Client Contact... 3 Protecting Your Identity... 3 E-mail Risk... 3 Internet
More informationONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS
$ ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS Boston Private Bank & Trust Company takes great care to safeguard the security of your Online Banking transactions. In addition to our robust security
More informationElectronic Fraud Awareness Advisory
Electronic Fraud Awareness Advisory Indiana Bankers Association Fraud Awareness Task Force February, 2012 Electronic Fraud Awareness Advisory Purpose/Summary The Indiana Bankers Association (IBA) was involved
More informationAvoid completing forms in email messages that ask for personal financial information.
INTERNET FRAUD Online scams and viruses are constantly evolving and they threaten the security of computers worldwide. As criminals evolve their tactics, you need to keep your PC's security software (virus
More informationIdentity Theft Protection
Identity Theft Protection Email Home EDUCATION on DANGER ZONES Internet Payments Telephone ID theft occurs when someone uses your personal information with out your knowledge to commit fraud. Some terms
More informationPayments Fraud Best Practices
Stephen W. Markwell Disbursements Product Executive J.P. Morgan Pamela R. Malmos Director Finance, Treasury Operations ConAgra Foods, Inc. Fraud Prevention Laura Howley, CTP Director, Global Treasury Operations
More informationOIG Fraud Alert Phishing
U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION Washington, D.C. 20507 Office of Inspector General Aletha L. Brown Inspector General July 22, 2005 OIG Fraud Alert Phishing What is Phishing? Phishing is a
More informationsuntrust.com 800.SUNTRUST
suntrust.com 800.SUNTRUST SunTrust Bank is an Equal Housing Lender. Member FDIC. 2010 SunTrust Banks, Inc., SunTrust, Live Solid. Bank Solid., SunTrust Rewards, and Signature Advantage Checking, are federally
More informationHow To Help Protect Yourself From Identity Theft
How To Help Protect Yourself From Identity Theft January 20, 2015 Bryan Strong Senior Vice President and Director Information Security This complimentary interactive webinar is sponsored by Zions Bank
More informationLearn to protect yourself from Identity Theft. First National Bank can help.
Learn to protect yourself from Identity Theft. First National Bank can help. Your identity is one of the most valuable things you own. It s important to keep your identity from being stolen by someone
More informationPreventing Corporate Account Takeover Fraud
Preventing Corporate Account Takeover Fraud Joe Potuzak Senior Vice President Payment Solutions Risk Manager Member FDIC 1 About Our Speaker Joe Potuzak is the Risk Manager for BB&T s Payment Solutions
More informationYour security is our priority
Your security is our priority Welcome to our Cash Management newsletter for businesses. You will find valuable information about how to limit your company s risk for fraud. We offer a wide variety of products
More informationOnline Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange
The responsibility of safeguarding your personal information starts with you. Your information is critical and it must be protected from unauthorised disclosure, modification or destruction. Here we are
More informationOnline Banking Fraud Prevention Recommendations and Best Practices
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee at Continental National Bank of Miami needs to know
More informationCorporate Account Take Over (CATO) Guide
Corporate Account Take Over (CATO) Guide This guide was created to increase our customers awareness of the potential risks and threats that are associated with Internet and electronic- based services,
More informationPROTECT YOUR COMPUTER AND YOUR PRIVACY!
PROTECT YOUR COMPUTER AND YOUR PRIVACY! Fraud comes in many shapes simple: the loss of both money protecting your computer and Take action and get peace of and sizes, but the outcome is and time. That
More informationThe information contained in this session may contain privileged and confidential information. This presentation is for information purposes only.
The information contained in this session may contain privileged and confidential information. This presentation is for information purposes only. Before acting on any ideas presented in this session;
More information2014 Payments Fraud Survey
2014 Payments Fraud Survey Summary of Consolidated Results Payments Information & Outreach Office Federal Reserve Bank of Minneapolis December 2014 Topics Survey Methodology & Respondent Profile Fraud
More informationOnline Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts
A Guide to Protecting Your Identity and Accounts As part of SunTrust s commitment to protecting your accounts and identity, we ve created the Online Fraud & Identity Theft Guide, which provides information
More informationCorporate Account Takeover & Information Security Awareness. Customer Training
Corporate Account Takeover & Information Security Awareness Customer Training No computer system can provide absolute security under all conditions. NO SECURITY MEASURE OR LIST OF SECURITY MEASURES CAN
More informationTorn Identity: Preventing New Forms of Corporate Identity Theft
Torn Identity: Preventing New Forms of Corporate Identity Theft Bonnie J. Hertz, CTP Cash Manager North Pacific Group, Inc. Greg Hansen VP, Product Management Wells Fargo Bank 1 Agenda Overview of fraud
More informationBusiness Online Banking & Bill Pay Guide to Getting Started
Business Online Banking & Bill Pay Guide to Getting Started What s Inside Contents Security at Vectra Bank... 4 Getting Started Online... 5 Welcome to Vectra Bank Business Online Banking. Whether you re
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More informationE-MAIL & INTERNET FRAUD
FRAUD ALERT! FRAUD ALERT! Guarding Against E-MAIL & INTERNET FRAUD What credit union members should know to counter Phishing Pharming Spyware Online fraud On-Line Fraud Is Growing E-Mail and Internet Fraud
More informationInformation Security Awareness
Corporate Account Takeover & Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation
More informationPayment Systems Department
v Note: Please follow these guidelines for your safety as you enjoy the convenience of technology. However these guidelines are general; therefore, specific precautions may be taken as warranted by the
More informationCorporate Account Takeover & Information Security Awareness
Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is for information purposes
More informationDeception scams drive increase in financial fraud
ADDRESS 2 Thomas More Square London E1W 1YN WEBSITE www.financialfraudaction.org.uk DIRECT LINE 020 3217 8436 NEWS RELEASE EMAIL press@ukcards-ffauk.org.uk Deception scams drive increase in financial fraud
More informationICCCFO Conference, Fall 2011. Payment Fraud Mitigation: Securing Your Future
ICCCFO Conference, Fall 2011 Payment Fraud Mitigation: Securing Your Future Presented by: Brian Irwin, CTP Vice President Fifth Third Bank Commercial Treasury Management And Claire Dittrich Executive Consultant-
More informationCorporate Account Takeover & Information Security Awareness
Corporate Account Takeover & Information Security Awareness 1 The information contained in this presentation may contain privileged and confidential information. This presentation is for information purposes
More informationOCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875
OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 Understanding Information Security Information Security Information security refers to safeguarding information from misuse and theft,
More informationTHE HOME LOAN SAVINGS BANK. Corporate Account Takeover & Information Security Awareness
THE HOME LOAN SAVINGS BANK Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is
More informationBANKOH BUSINESS CONNECTIONS WIRE TRANSFER GUIDE
BANKOH BUSINESS CONNECTIONS WIRE TRANSFER GUIDE Revision 2/2013 1 of 35 Contents GENERAL INFORMATION... 3 Wire Transfers... 3 Types of Wires... 3 Wire Templates... 3 Bankoh Business Connections Wire Cut-off
More informationWith the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful.
With the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful. Breach Overview Q: Media reports are stating that Target experienced a data breach. Can you provide more
More informationITSC Training Courses Student IT Competence Programme SIIS1 Information Security
ITSC Training Courses Student IT Competence Programme SI1 2012 2013 Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1 Course Outline What you should know
More informationGuide to credit card security
Contents Click on a title below to jump straight to that section. What is credit card fraud? Types of credit card fraud Current scams Keeping your card and card details safe Banking and shopping securely
More informationCyber - Security and Investigations. Ingrid Beierly August 18, 2008
Cyber - Security and Investigations Ingrid Beierly August 18, 2008 Agenda Visa Cyber - Security and Investigations Today s Targets Recent Attack Patterns Hacking Statistics (removed) Top Merchant Vulnerabilities
More informationFraud Guide Fraud Protection
Fraud Guide Fraud Protection A simple guide on how to protect yourself against fraud. A simple guide on how to protect yourself against fraud It seems like every day there are new reports of different
More informationFraud Protection, You and Your Bank
Fraud Protection, You and Your Bank Maximize your chances to minimize your losses Presentation for Missouri GFOA April 2011 By: Terry Endres, VP, Government Treasury Solutions Phone: 314-466-6774 Terry.m.endres@baml.com
More informationMifflinburg Bank & Trust. Corporate Account Takeover & Information Security Awareness
Mifflinburg Bank & Trust Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This presentation is
More informationlocation of optional horizontal pic Corporate and Investment Banking Business Online Information Security
location of optional horizontal pic Corporate and Investment Banking Business Online Information Security Business Online Information Security Risk reduction: Ensuring your sensitive information is secure
More informationProtect yourself online
Protect yourself online Advice from Nottinghamshire Police s Pre Crime Unit Get daily updates: www.nottinghamshire.police.uk www.twitter.com/nottspolice www.facebook.com/nottspolice www.youtube.com/nottinghampolice
More informationBUSINESS ONLINE BANKING AGREEMENT
BUSINESS ONLINE BANKING AGREEMENT This Business Online Banking Agreement ("Agreement") establishes the terms and conditions for Business Online Banking Services ( Service(s) ) provided by Mechanics Bank
More informationEAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy )
EAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy ) Background Due to increased threat of identity theft, fraudulent credit card activity and other instances where cardholder
More informationBusiness Identity Fraud Prevention Checklist
Business Identity Fraud Prevention Checklist 9 Critical Things Every Business Owner Should Do Business identity thieves and fraudsters are clever and determined, and can quickly take advantage of business
More informationIntercepting your mail. They can complete change of address forms and receive mail that s intended for you.
At SunTrust, we re committed to protecting your accounts and identity. That s why we ve created this Identity Theft Guide. This guide provides information about online fraud and identity theft, as well
More informationSection 5 Identify Theft Red Flags and Address Discrepancy Procedures Index
Index Section 5.1 Purpose.... 2 Section 5.2 Definitions........2 Section 5.3 Validation Information.....2 Section 5.4 Procedures for Opening New Accounts....3 Section 5.5 Procedures for Existing Accounts...
More informationSafeguarding Your information and accounts
Safeguarding Your information and accounts D Bank with confidence The security of your funds and information is a top priority at Liberty Bank. We do our utmost every day to prevent fraud and identity
More informationCOLUMBUS STATE COMMUNITY COLLEGE POLICY AND PROCEDURES MANUAL
PAYMENT CARD INDUSTRY COMPLIANCE (PCI) Effective June 1, 2011 Page 1 of 6 (1) Definitions a. Payment Card Industry Data Security Standards (PCI-DSS): A set of standards established by the Payment Card
More informationCal Poly PCI DSS Compliance Training and Information. Information Security http://security.calpoly.edu 1
Cal Poly PCI DSS Compliance Training and Information Information Security http://security.calpoly.edu 1 Training Objectives Understanding PCI DSS What is it? How to comply with requirements Appropriate
More informationTHE UNIVERSITY OF NORTH CAROLINA AT GREENSBORO IDENTITY THEFT PREVENTION PROGRAM
Program Adoption THE UNIVERSITY OF NORTH CAROLINA AT GREENSBORO IDENTITY THEFT PREVENTION PROGRAM As a best practice and using as a guide the Federal Trade Commission s ( FTC ) Red Flags Rule, implementing
More informationProtecting Yourself from Identity Theft
Protecting Yourself from Identity Theft Identity theft is everywhere. In fact, according to a 2013 report by Javelin Research, there is one incident of identity fraud every two seconds. While we cannot
More informationThe University of North Carolina at Charlotte Identity Theft Prevention Program
The University of North Carolina at Charlotte Identity Theft Prevention Program Program Adoption As a best practice and using as a guide the Federal Trade Commission s ( FTC ) Red Flags Rule ( Rule ),
More informationDeter, Detect, Defend
Deter, Detect, Defend Deter Never provide personal information, including social security number, account numbers or passwords over the phone or Internet if you did not initiate the contact Never click
More informationTRAINING FOR AMERICAN MOMENTUM BANK CLIENTS. Corporate Account Takeover & Information Security Awareness
TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS Corporate Account Takeover & Information Security Awareness The information contained in this session may contain privileged and confidential information. This
More information01.230 IDENTITY THEFT PREVENTION PROGRAM (RED FLAGS)
01.230 IDENTITY THEFT PREVENTION PROGRAM (RED FLAGS) Authority: Board of Trustees History: Effective May 1, 2009 (approved initially April 24, 2009) Source of Authority: Related Links: Responsible Office:
More informationProtecting your business from some of the current fraud threats
Protecting your business from some of the current fraud threats This literature provides guidance on fraud prevention and is provided for information purposes only. Where noted the guidance provided has
More informationGladiator NetTeller Enterprise Security Monitoring Online Fraud Detection INFORMATION SECURITY & RISK MANAGEMENT
Gladiator NetTeller Enterprise Security Monitoring Online Fraud Detection INFORMATION SECURITY & RISK MANAGEMENT Gladiator NetTeller Enterprise Security Monitoring Online Fraud Detection Foreword The consumerization
More informationDEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C. 20301-6000
DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C. 20301-6000 CHIEF INFORMATION OFFICER October 1, 2015 MEMORANDUM FOR SECRETARIES OF THE MILITARY DEPARTMENTS CHAIRMAN OF THE JOINT CHIEFS OF
More informationSecure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines
Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines 1. Implement anti-virus software An anti-virus program is necessary to protect your computer from malicious programs,
More informationThe 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance
Date: 07/19/2011 The 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance PCI and HIPAA Compliance Defined Understand
More informationSafe Practices for Online Banking
November 2012 Follow these guidelines to help protect your information while banking online. At First Entertainment Credit Union, our goal is to provide you with the best all around banking experience.
More informationFranchise Data Compromise Trends and Cardholder. December, 2010
Franchise Data Compromise Trends and Cardholder Security Best Practices December, 2010 Franchise Data Security Agenda Cardholder Data Compromise Overview Breach Commonalities Hacking Techniques Franchisee
More information1. Any email requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.
Your identity is one of the most valuable things you own. It s important to keep your identity from being stolen by someone who can potentially harm your good name and financial well-being. Identity theft
More informationInformation carelessly discarded into the trash can be stolen when a thief digs through the garbage.
Identity theft occurs when someone wrongfully acquires and uses a consumer s personal identification, credit, or account information. Identity theft can wreak havoc on an individual s credit report, cause
More informationOnline security. Defeating cybercriminals. Protecting online banking clients in a rapidly evolving online environment. The threat.
Defeating cybercriminals Protecting online banking clients in a rapidly evolving online environment The threat As the pace of technological change accelerates, so does the resourcefulness and ingenuity
More informationOnline Banking Customer Awareness and Education Program
Online Banking Customer Awareness and Education Program Electronic Fund Transfers: Your Rights and Responsibilities (Regulation E Disclosure) Indicated below are types of Electronic Fund Transfers we are
More informationCYBERCRIME: What your Bank should be doing to Protect your Business. David Pollino Senior Vice President Fraud Prevention Officer
CYBERCRIME: What your Bank should be doing to Protect your Business David Pollino Senior Vice President Fraud Prevention Officer Agenda Changing Landscape Case of Efficient Services Escrow Group Six key
More informationHow to complete the Secure Internet Site Declaration (SISD) form
1 How to complete the Secure Internet Site Declaration (SISD) form The following instructions are designed to assist you in completing the SISD form that forms part of your Merchant application. Once completed,
More informationCONSIDERATIONS BEFORE MOVING TO THE CLOUD
CONSIDERATIONS BEFORE MOVING TO THE CLOUD What Management Needs to Know Part II By Debbie C. Sasso Principal In part I, we discussed organizational compliance related to information technology and what
More information6-8065 Payment Card Industry Compliance
0 0 0 Yosemite Community College District Policies and Administrative Procedures No. -0 Policy -0 Payment Card Industry Compliance Yosemite Community College District will comply with the Payment Card
More informationVisa CREDIT Card General Guidelines
Visa CREDIT Card General Guidelines General Account Information Phone Numbers and Addresses It is very important to keep us up-to-date with your correct address and phone number. Card reissues/replacements
More informationCyber Security. Securing Your Mobile and Online Banking Transactions
Cyber Security Securing Your Mobile and Online Banking Transactions For additional copies or to download this document, please visit: http://msisac.cisecurity.org/resources/guides 2014 Center for Internet
More informationFraud Information and Security
Fraud Information and Security Updated: January 13, 2015 How We Protect You At WySTAR Global Retirement Solutions security is a top priority. We understand that your trust in us depends on how well we
More informationWhen registering on a jobsite, first ensure that the site is reputable and has a physical address and landline phone number.
Job searching online has become the most popular method of finding employment. Searching for the type of job you want is fast and easy, and you can see new jobs as soon as employers / agencies post them.
More informationCustomer Awareness for Security and Fraud Prevention
Customer Awareness for Security and Fraud Prevention Identity theft continues to be a growing problem in our society today. All consumers must manage their personal information wisely and cautiously to
More informationProtect Yourself Against Identity Theft
Protect Yourself Against Identity Theft Watch out for Phishing Attacks! A Message from District Attorney P. David Soares Dear Friends, In the age of the Internet, the information highway runs right into
More informationPersonal Online Banking & Bill Pay. Guide to Getting Started
Personal Online Banking & Bill Pay Guide to Getting Started What s Inside Contents Security at Vectra Bank... 4 Getting Started Online... 5 Welcome to Vectra Bank Online Banking. Whether you re at home,
More informationIRS & Partners Combat Tax-Related Identity Theft What s New for 2016
IRS & Partners Combat Tax-Related Identity Theft What s New for 2016 General Scope of Identity Theft Identity theft costs U.S. victims more than all property crimes combined Identity theft remains number
More informationCITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY
CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY Policy Number: 2008-02 Date Adopted: October 27, 2008 Department: Administrative SUBJECT: IDENTITY THEFT PREVENTION PROGRAM I. OBJECTIVE: A. To protect
More informationData Management Policies. Sage ERP Online
Sage ERP Online Sage ERP Online Table of Contents 1.0 Server Backup and Restore Policy... 3 1.1 Objectives... 3 1.2 Scope... 3 1.3 Responsibilities... 3 1.4 Policy... 4 1.5 Policy Violation... 5 1.6 Communication...
More informationMalware & Botnets. Botnets
- 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online
More informationBattling Payment Fraud: The Never Ending Story. Presented by: Peter Tristani, Vice President, Payments and Remittance
Battling Payment Fraud: The Never Ending Story Presented by: Peter Tristani, Vice President, Payments and Remittance Agenda Overview Fraud: The Big Picture Evolving Fraud Impact of Fraud on Corporations
More informationOnline Cash Manager Security Guide
Online Cash Manager Security Guide You re the One who can protect your business from the threat of a Corporate Account Takeover. 102 South Clinton Street Iowa City, IA 52240 1-800-247-4418 Version 1.0
More informationTEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL
TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL Title: Computer and Network Security Policy Policy Number: 04.72.12 Effective Date: November 4, 2003 Issuing Authority: Office of the Vice President for
More informationI dentity theft occurs
1.3.1.F1 Identity Family Economics and Financial Education W h at i s I d e n t i t y T h e f t? I dentity theft occurs when someone wrongfully acquires and uses a consumer s personal identification, credit,
More information