FNB Cybersecurity Info: Phishing
October is Cybersecurity Awareness Month and FNB wants to bring you valuable weekly tips and information that will help you protect your good name. Your accounts, social security number, and personal identification information doesn’t come with a built-in alarm, so we’re bringing you a variety of weekly tips to help keep your money and identity safe. We encourage you to stay tuned to GrowWithFNB.com throughout October and let’s #BeCyberSmart.
Last week, we touched on the topic of Phishing. This week we are going to dive deeper into this subject, as this is a huge issue in today’s society for both individuals and businesses. Phishing is a form of social engineering where a bad guy impersonates someone you think is legitimate in an attempt to gain access to your system or get you to do something for them. Phishing attacks can happen over the phone, across text messages, and most commonly over email. The FBI’s Internet Crime Complaint Center (IC3) recorded more than $3.5 billion in losses to individuals and businesses in 2019 with the most frequently reported complaints as phishing and similar ploys.
If you are not sure about an email, the best rule of thumb is to call and get confirmation from the sender. Compromised email accounts can lead to other issues with your banking, shopping, and more. What safeguards can you put in place for extra layers of protection? Create strong passwords that are long and complex. A helpful tip for creating strong passwords and being able to remember them is by using favorite movie quotes, song lyrics, book titles, and more.
Let’s talk about Business Email Compromise (BEC), also known as Customer/Corporate Account Takeover (CATO). According to the FBI’s IC3, BEC’s cost businesses over $1.7 billion in losses in 2019. Compromised business email accounts are extremely serious. Bad guys compromise and takeover your real business email address (almost always through a phishing email that tricked a user into giving up their password) and use it to impersonate you, steal money through conducting illegal payments, wire fraud, gift card purchases, go after payroll funds, and more.
- First and most importantly, train your staff about phishing emails and the risks of email compromise. Teach them how to avoid phishing scams and red flags to look out for. Train them not to give out passwords and other sensitive information.
- Keep your security up to date.
- Email filters don’t always work but they work better when kept up to date.
- Keep your antivirus up to date and install your system patches. Malware that tries to get installed will have a harder time if you do this.
- Communication is key! Encourage your staff to talk with their coworkers about possible phishing emails. Bad guys often take a “shotgun” approach and target many users at once hoping one person will allow the compromise.
- Verify, verify, verify! Just like at home if you were to get an email from someone and you’re unsure about it, call and check. A two-minute call can save you months or years of problems. What if your customer has experienced a business email compromise? Stay on your toes!
- Remember Week 1? Stay Security Aware! Check out the following resources below from the FBI and the FTC:
As we wrap up Week 3, we want to remind you that FNB (and any other financial institution) will not ever call, text or e-mail you and ask you for your debit card number, PIN number, social security number, account number and more. We already have your personal information securely on file at the bank from when you opened your accounts; therefore, we would never have reason to contact you again for them. As always, please contact your bank immediately if you feel like you’ve accidently fallen victim to a scam. We are here to help and guide you through the process and help protect your identity.