Corporate Account Takeover & Information Security Awareness

Similar documents
Information Security Awareness

Corporate Account Takeover & Information Security Awareness. Customer Training

TRAINING FOR AMERICAN MOMENTUM BANK CLIENTS. Corporate Account Takeover & Information Security Awareness

The information contained in this session may contain privileged and confidential information. This presentation is for information purposes only.

Best Practices: Reducing the Risks of Corporate Account Takeovers

Don t Fall Victim to Cybercrime:

Member Municipality Security Awareness Training. End- User Informa/on Security Awareness Training

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

Business Internet Banking / Cash Management Fraud Prevention Best Practices

Remote Deposit Quick Start Guide

Payment Fraud and Risk Management

Corporate Account Take Over (CATO) Guide

Business ebanking Fraud Prevention Best Practices

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

Electronic Fraud Awareness Advisory

Protecting your business from fraud

BE SAFE ONLINE: Lesson Plan

Fraud Detection and Prevention. Timothy P. Minahan Vice President Government Banking TD Bank

Financial Fraud Threats & Preven3on. Mark Frank EVP, Senior Opera3ons Officer Colorado Business Bank

Malware, Spyware, Adware, Viruses. Gracie White, Scott Black Information Technology Services

Best Practices Guide to Electronic Banking

Online Cash Manager Security Guide

Deter, Detect, Defend

Retail/Consumer Client. Internet Banking Awareness and Education Program

WEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World

Network Security. Demo: Web browser

Get Started Guide - PC Tools Internet Security

Identity Theft Protection

Computer Protection. Computer Protection. Computer Protection 5/1/2013. Classic Battle of Good vs Evil. David Watterson & Ross Cavazos

How to Identify Phishing s

Common Cyber Threats. Common cyber threats include:

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

1. Any requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.

How to stay safe online

New York State Department of Financial Services. Report on Cyber Security in the Insurance Sector

Infocomm Sec rity is incomplete without U Be aware,

Preventing Corporate Account Takeover Fraud

Cyber Security. Securing Your Mobile and Online Banking Transactions

Learn to protect yourself from Identity Theft. First National Bank can help.

E Commerce and Internet Security

Information Security. Louis Morgan, CISSP Information Security Officer

What are the common online dangers?

Recognizing Spam. IT Computer Technical Support Newsletter

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

Internet basics 2.3 Protecting your computer

Network Security and the Small Business

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

Section 12 MUST BE COMPLETED BY: 4/22

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks

FAKE ANTIVIRUS MALWARE This information has come from - a very useful resource if you are having computer issues.

PC Security and Maintenance

Phishing Scams Security Update Best Practices for General User

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

Top tips for improved network security

Frequent Smart Updates: Used to detect and guard against new infections as well as adding enhancements to Spyware Doctor.

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Responsible Administrative Unit: Computing, Communications & Information Technologies. Information Technology Appropriate Use Policy

MacScan. MacScan User Guide. Detect, Isolate and Remove Spyware

K7 Mail Security FOR MICROSOFT EXCHANGE SERVERS. v.109

High Speed Internet - User Guide. Welcome to. your world.

& INTERNET FRAUD

Intercepting your mail. They can complete change of address forms and receive mail that s intended for you.

WHITE PAPER. Understanding How File Size Affects Malware Detection

Cyber Security Survival Guide

How To Protect Your Online Banking From Fraud

How to easily clean an infected computer (Malware Removal Guide)

USM IT Security Council Guide for Security Event Logging. Version 1.1

1. Threat Types Express familiarity with different threat types such as Virus, Malware, Trojan, Spyware, and Downloaders.

Frequently Asked Questions

NC DPH: Computer Security Basic Awareness Training

Thank you for choosing Zoom Internet!

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange

System Compatibility. Enhancements. Operating Systems. Hardware Requirements. Security

Countermeasures against Spyware

INTERNET & COMPUTER SECURITY March 20, Scoville Library. ccayne@biblio.org

Malware & Botnets. Botnets

Transcription:

Corporate Account Takeover & Information Security Awareness

The information contained in this session may contain privileged and confidential information. This presentation is for information purposes only. Before acting on any ideas presented in this session; security, legal, technical, and reputational risks should be independently evaluated considering the unique factual circumstances surrounding each institution. No computer system can provide absolute security under all conditions. Any views or opinions presented do not necessarily state or reflect those of Belmont Savings Bank or any other entity.

What will be covered?! What is Corporate Account Takeover?! How does it work?! Sta9s9cs! Current Trend Examples! What can we do to Protect?! What can Businesses do to Protect?

What is Corporate Account Takeover? A fast growing electronic crime where thieves typically use some form of malware to obtain login creden9als to Corporate Online Banking accounts and fraudulently transfer funds from the account(s).

Malware! Short for malicious so*ware, is soiware designed to infiltrate a computer system without the owner's informed consent.! Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, crimeware, most rootkits, and other malicious and unwanted soiware.

Domes9c and Interna9onal Wire Transfers, Business- to- Business ACH payments, Online Bill Pay and electronic payroll payments have all been used to commit this crime.

! Criminals target vic9ms by scams How does it work?! Vic9m unknowingly installs soiware by clicking on a link or visi9ng an infected Internet site.! Fraudsters began monitoring the accounts! Vic9m logs on to their Online Banking! Fraudsters Collect Login Creden9als! Fraudsters wait for the right 9me and then depending on your controls they login aier hours or if you are u9lizing a token they wait un9l you enter your code and then they hijack the session and send you a message that Online Banking is temporarily unavailable.

Statistics! Where does it come from?! Malicious websites (including Social Networking sites)! Email! P2P Downloads (e.g. LimeWire)! Ads from popular web sites! Web- borne infec9ons: According to researchers in the first quarter of 2011, 76% of web resources used to spread malicious programs were found in 5 countries worldwide ~ United States, Russian Federa9on, Netherlands, China, & Ukraine.

Rogue Software/Scareware! Form of malware that deceives or misleads users into paying for the fake or simulated removal of malware.! Has become a growing and serious security threat in desktop compu9ng.! Mainly relies on social engineering in order to defeat the security soiware.! Most have a Trojan Horse component, which users are misled into installing.! Browser plug- in (typically toolbar).! Image, screensaver or ZIP file aeached to an e- mail.! Mul9media codec required to play a video clip.! SoIware shared on peer- to- peer networks! A free online malware scanning service

Rogue Software/Scareware! Form of malware that deceives or misleads users into paying for the fake or simulated removal of malware.! Has become a growing and serious security threat in desktop compu9ng.! Mainly relies on social engineering in order to defeat the security soiware.! Most have a Trojan Horse component, which users are misled into installing.! Browser plug- in (typically toolbar).! Image, screensaver or ZIP file aeached to an e- mail.! Mul9media codec required to play a video clip.! SoIware shared on peer- to- peer networks! A free online malware scanning service

Rogue Software/Scareware! Form of malware that deceives or misleads users into paying for the fake or simulated removal of malware.! Has become a growing and serious security threat in desktop compu9ng.! Mainly relies on social engineering in order to defeat the security soiware.! Most have a Trojan Horse component, which users are misled into installing.! Browser plug- in (typically toolbar).! Image, screensaver or ZIP file aeached to an e- mail.! Mul9media codec required to play a video clip.! SoIware shared on peer- to- peer networks! A free online malware scanning service

Rogue Software/Scareware! Form of malware that deceives or misleads users into paying for the fake or simulated removal of malware.! Has become a growing and serious security threat in desktop compu9ng.! Mainly relies on social engineering in order to defeat the security soiware.! Most have a Trojan Horse component, which users are misled into installing.! Browser plug- in (typically toolbar).! Image, screensaver or ZIP file aeached to an e- mail.! Mul9media codec required to play a video clip.! SoIware shared on peer- to- peer networks! A free online malware scanning service

Phishing! Criminally fraudulent process of aeemp9ng to acquire sensi9ve informa9on (usernames, passwords, credit card details) by masquerading as a trustworthy en9ty in an electronic communica9on.! Commonly used means:! Social web sites! Auc9on sites! Online payment processors! IT administrators

Phishing! Criminally fraudulent process of aeemp9ng to acquire sensi9ve informa9on (usernames, passwords, credit card details) by masquerading as a trustworthy en9ty in an electronic communica9on.! Commonly used means:! Social web sites! Auc9on sites! Online payment processors! IT administrators

E-mail Usage CAUTION! What may be relied upon today as an indica9on that an email is authen9c may become unreliable as electronic crimes evolve. This is why it is important to stay abreast of changing security trends.

E-mail Usage! Some experts feel e- mail is the biggest security threat of all.! The fastest, most- effec9ve method of spreading malicious code to the largest number of users.! Also a large source of wasted technology resources! Examples of corporate e- mail waste:! Electronic Gree9ng Cards! Chain Leeers! Jokes and graphics! Spam and junk e- mail

What we can do to PROTECT? Provide Security Awareness Training for Our Employees & Customers Review our Contracts Make sure that both par9es understand their roles & responsibili9es Make sure our Customers are Aware of Basic Online Security Standards Stay Informed Aeend webinars/seminars & other user group mee9ngs Develop a layered security approach

Layered Security Layered Security approach Monitoring of IP Addresses New User Controls Administrator can create a new user. Bank must ac9vate user. Calendar File Frequencies, and Limits Dual Control Processing of files on separate devices recommended Fax or Out of Band Confirma9on Secure Browser Key Paeern Recogni9on SoIware

What can Businesses do to Protect? Educa9on is Key Train your employees Secure your computer and networks Limit Administra9ve Rights - Do not allow employees to install any Iware without receiving prior approval. Install and Maintain Spam Filters Surf the Internet carefully Install & maintain real- 9me an9- virus & an9- spyware desktop rewall & malware detec9on & removal soiware. Use these tools gularly to scan your computer. Allow for automa9c updates and scheduled ans. Install routers and firewalls to prevent unauthorized access to ur computer or network. Change the default passwords on all network vices. Install security updates to opera9ng systems and all applica9ons they become available. Block Pop- Ups Implement dual controls for ACH and wires if possible+

What can Businesses do to Protect?! Do not open aeachments from e- mail - Be on the alert for suspicious emails! Do not use public Internet access points! Consider purchasing electronic thei insurance! Reconcile Accounts Daily! Note any changes in the performance of your computer Drama9c loss of speed, computer locks up, unexpected reboo9ng, unusual popups, etc.! Build an Incident Response Plan:! Make sure that your employees know how and to whom to report suspicious ac9vity to at your Company & the Bank Contact the Bank if you: >Suspect a Fraudulent Transac9on >If you are trying to process an Online Wire or ACH Batch & you receive a maintenance page. >If you receive an email claiming to be from the Bank and it is reques9ng personal/company informa9on.

Questions or Comments businessbankingclientservices@belmontsavings.com 617-489-1397

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information