Don t Fall Victim to Cybercrime:

Transcription

1 Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business

2 Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security Best Practices Payment Fraud Overview NACHA Guidelines Bank Provided Tools and Services

3 Cybercrime Over the Years Verizon 2014 Data Breach Investigations Report

4 Cybercrime Crime conducted via the Internet or some other computer network The cybersecurity threat to our Nation is real, evolving and imminent. The recent Intelligence Community s 2013 Global Threat Assessment now indicates that cyber has surpassed terrorism as the number one U.S. national security threat U.S. House Homeland Security Committee, Sept 2013 Globally cybercrime costs a minimum of $300 billion a year, and may be much higher 1 in 327 s contains a virus 1 in 16 malware attacks were via Social Media US Bank 2014 Information Security State of the Union McAfee/Center for Strategic and International Studies 2013

5 Corporate Account Takeover Hacking of credentials and system to take over a company s bank account & send out funds Becoming more common as fraudsters start to go after smaller businesses where security is weaker Several methods available to obtain credentials and access to computers Computer Hacking Phishing/Social Engineering Malware

6 Computer Hacking Intentionally gaining unauthorized access to a computer or network Hackers may be motivated for multiple reasons including profit, protest, challenge or enjoyment Hacktivists are responsible for more data breaches than cybercriminals Can obtain credentials as a result of Phishing or Malware Verizon 2014 Data Breach Investigations Report

7 Phishing A type of hacking that requires an individual to voluntarily respond with information Fraudster masquerades as a trustworthy source to bait users to surrender personal information or unknowingly take actions against their best interest Spear Phishing attempts target a specific organization

8 Common Phishing Methods & Spam Poisoned Search Results Malicious Websites Phishing Fake Wireless Networks Tabnabbing Pop-Ups

9 & Spam Sending s to thousands of online users tricking them to believe it is coming from a reliable source and asking them to re-enter or update their personal information Often may entice users to open an attachment, download a file, or visit a fake website Spam is the delivery method of choice for Phishers and Virus attackers 120 Billion s are sent by Cybercriminals Every Day!

10 Malicious Websites Tricks users into giving up personal information or contains malicious software to plant on computer User DOES NOT need to click on anything in the website to infect the computer Social Media communications are a growing medium to entice users to navigate to malicious websites Once infected, phishers monitor the computer and intercept keystrokes to steal personal details and login credentials

11 Malicious Websites

12 Tabnabbing Takes advantage of the multiple tabs that users open in a browser and replaces the contents of an active browser with a malicious website When a user clicks back to a hijacked tab, they see a generic login page and believe their session has timed out and log-in again, allowing the fraudster to obtain login credentials

13 Pop-Ups Rogue pop-up windows may appear on legitimate websites requesting log-in credentials Phishers will often work to make these pop-up windows appear to be a part of website Legitimate organizations typically will not request your information in a pop-up box

14 Fake Wireless Network Fraudsters create a fake network that appears to be a legitimate public network (eg. at airports or coffee shops) When the user logs into the bogus network, the fraudster obtains their personal information or even takes complete control of the device

15 Malware = Malicious Software Malware is often attached to a phishing , included in a downloadable file, or present on a malicious website Comes in different forms, all have the purpose of infection

16 Malware: Trojan Horse 80% of malware detections are Trojans Trojans carry programs within the file you download that allows someone else to take complete access of your computer Due to their complexity, Trojans are much more difficult to remove than a virus US Bank The Shield: A Security Newsletter for Businesses

17 Malware: Viruses Program which reproduces itself by attaching to other executable programs Contains a payload designed to perform malicious activity such as: corrupting or deleting data on a computer spread a virus to other computers through resulting in additional phishing attempts deleting everything on the hard drive degrading your computer s performance by hogging memory or disk space

18 Malware: Worms Self replicating malware computer programs Difference between a virus and a worm, is a virus requires human intervention to spread, whereas a worm automatically spreads itself Worms almost always cause harm to the network, whereas viruses corrupt or modify files on a targeted computer

19 Malware: Spyware/Adware Spyware and advertising spyware (called adware) can collect personal or sensitive information and make changes to your computer that can be intrusive When used for malicious purpose, they can cause your computer to slow down or crash Make it very difficult to remove and to change your settings back to the way you had them Microsoft Safety & Security Center

20 Internet Security Breach Statistics Hacking 52% of Breaches Malware 42% of Breaches Physical Tampering 35% of Breaches Social Engineering/ Phishing 29% of Breaches Misuse 13% of Breaches 30% of corporate account takeovers are successful in sending out payment Verizon 2014 Data Breach Investigations Report 2013 Deposit Account Fraud Survey Report, American Bankers Association

21 Real Life Scenario Hacker takes over a client's computer Hacker generated fake security screen to gather login information Client received currently out of service notice from site while hacker worked in background to update account information in an existing ACH template Sent out payment for $87,000

22 Real Life Scenario Bank customer received from known vendor s address with attached invoice for payment Customer sent wire for $105,000 to requested account information listed on invoice Vendor stated that the payment was never received, which led the vendor to discover their had been compromised and the invoice sent was fraudulent

23 Internet Security Best Practices and Tools Prevention Account Controls Detections

24 Prevention Antivirus only catches 40% of documented malware Protect computers with antivirus, spam filters, firewalls, antispyware software and keep software up to date Define Company Information Security Policies & Procedures Internal employee education Dedicated PCs, filter & blacklist websites Remove unused programs Controlled use of administrative privileges Use specific address for Business purposes only Avoid clicking on links and attachments from unknown senders or that you are not expecting Use complex passwords and change them often, do not share passwords US Bank Cyber Security and the Banking Sector

25 Account Controls Online banking with multi-factor authentication Dynamic User Creation and controlled permissions Dual Control on all electronic payments Dedicated accounts based on type of activity Monitor accounts daily Account Alerts Secure check stock and eliminate paper statements Bank provided Fraud Prevention tools

26 Detections: Signs of Phishing s If it looks suspicious, don t click it 1. Sender s address 2. Attachments 3. Generic Greeting 4. False Sense of Urgency 5. Typos & Grammatical Errors 6. Links

27 Detections: Malware Indicators New login fields you have never seen before asking for additional information Error messages appearing during the session or after attempting to log in (ex: site down for maintenance) More pop-up windows than usual with concerning messages New toolbars or icons appear without you requesting to add them Unexpected errors or computer crashing Your contacts get or social media message from you that you did not send

28 What To Do If You Suspect An Attack Stop using the system, contact your IT Update your security software and run a system scan Change all of your passwords using an uncompromised computer Contact your Financial Institution to review account transaction history and lock online banking Report an Attack National Consumers League Fraud Center: Anti-Phishing Working Group: Internet Crime Complaint Center:

29 Payment Fraud Overview Check Fraud Altered/forged checks, counterfeit checks Check Fraud is still the most prevalent attempted fraud Traditional check security features (watermarks, microprint, etc) are becoming less relied upon because of the use of images and lack of obtaining the physical check ACH/Electronic Fraud Unauthorized electronic debits to bank account Unauthorized outgoing wires Less prevalent than check fraud, but there is a higher percentage of actual loss with electronic fraud

30 NACHA Guidelines for ACH Originators ACH Security Framework Rule requires all ACH Originating companies to have a written security policy for how they manage Protected Information Protect the confidentiality and integrity until its destruction Protect against anticipated threats or hazards to the security until its destruction Protect against unauthorized use that could result in substantial harm to a natural person Protected Information is the non-public information, including financial information, of a person that is used to create, or contained within, an ACH entry Name Account # Social Security # For more information, please visit the Better Business Bureau website

31 Bank Provided Tools & Services Ca$hTrac Online Banking for Daily Reconciliation and Account Alerts Dual Control & Limits for all Electronic Payments Positive Pay Check Fraud Prevention Tool: Performs a daily reconcilement of a company s issued checks to the checks presented for payment to FAB to identify potentially fraudulent items ACH Filters and Blocks ACH Filter Authorizations can be placed on each account to only allow those approved debitors and block all others

32 Thank you for attending today s session! Contact us for additional information and questions: Melissa Motino, FVP MMotino@firstambank.com Roula Arceo, VP RArceo@firstambank.com Dave Anderson, Officer DAnderson@firstambank.com Resources: Networx-Inc-eBankSafe.pdf