15 Alarming Cyber Security Facts and Stats
The cybersecurity industry is rapidly growing every day. Although more resources are being deployed to counter cyber-attacks, the nature of the industry still has a long way to go before we can catch up with these threats. It’s important for us to define what the current information security and cybersecurity industry look like considering these alarming 15 Cyber Security Facts and Stats.
1. 95% of breached records came from only three industries in 2016
Government, retail, and technology. The reason isn’t necessarily because those industries are less diligent in their protection of customer records. They’re just very popular targets because of the high level of personal identifying information contained in their records.
2. There is a hacker attack every 39 seconds
A Clark School study at the University of Maryland is one of the first to quantify the near-constant rate of hacker attacks of computers with Internet access— every 39 seconds on average, affecting one in three Americans every year —and the non-secure usernames and passwords we use that give attackers more chance of success.
3. 43% of cyber-attacks target small business
64% of companies have experienced web-based attacks. 62% experienced phishing & social engineering attacks. 59% of companies experienced malicious code and botnets and 51% experienced denial of service attacks. small organizations (those with fewer than 500 employees) spend an average of $7.68 million per incident.
4. The global average cost of a data breach is $3.9 million across SMBs
For most businesses this sum is crippling – not only monetarily but in reputation. For public companies, the cost is much greater since more is at stake, on average a data breach at a publicly-traded company would cost $116 million.
5. Since COVID-19, the US FBI reported a 300% increase in reported cybercrimes
As if a pandemic wasn’t scary enough, hackers leveraged the opportunity to attack vulnerable networks as office work moved to personal homes. As of this summer, they recorded 12,377 Covid-related scams.
6. 9.7 Million Records healthcare records were compromised in September 2020 alone
According to the HIPAA Journal, “83 breaches were attributed to hacking/IT incidents and 9,662,820 records were exposed in those breaches”.
7. Human intelligence and comprehension is the best defense against phishing attacks
According to Cofense thwarting phishing attempts comes down to user behavior and understanding is the best way to protect your business against some of the most common hacking methods.
8. Approximately $6 trillion is expected to be spent globally on cybersecurity by 2021
Organizations need to make a fundamental change in their approach to cybersecurity and reprioritize budgets to align with this newly defined reality of our modern society.
9. Connected IoT devices will reach 75 billion by 2025
The IoT market is due to reach 31 billion connected devices this year and by 2025 it will be roughly 75 billion IoT devices.
10. Unfilled cybersecurity jobs worldwide is already over 4 million
More than 500,000 cybersecurity jobs in the U.S. are unfilled, and postings are up 74% over the past five years. Of those jobs, cybersecurity engineers are some of the highest-paid positions started at $140K annually on average.
11. 95% of cybersecurity breaches are due to human error
Cyber-criminals and hackers will infiltrate your company through your weakest link, which is almost never in the IT department.
12. More than 77% of organizations do not have a Cyber Security Incident Response plan
What’s worse? An estimated 54% of companies say they have experienced one or more attacks in the last 12 months.
13. Most companies take nearly 6 months to detect a data breach, even major ones
Equifax, Capital One, and Facebook just to name a few. Information such as passwords, credit card details, and social security numbers may already be compromised by the time you’re notified.
14. Share prices fall 7.27% on average after a breach
The lowest point occurring up to 14 market days after a breach. Finance and payment companies saw the largest drop in share performance post-breach according to Comparitech.
15. Total cost for cybercrime committed globally will reach $6 trillion by 2021
Cybercrime is one of the greatest threats. Don’t think that all that money comes from hackers targeting corporations, banks, or wealthy celebrities. Individual users like you and me are also targets. If you’re connected to the Internet, you can become a victim of cyberattacks.
What does it all mean?
Ginni Rometty, IBM’s chairman, president and CEO, said: “Cybercrime is the greatest threat to every company in the world.” And she was right. During the next five years, cybercrime might become the greatest threat to every person, place, and thing in the world. With evolving technology comes evolving hackers. Our best defense is to stay informed and learn from, albeit scary, but useful cybersecurity statistics and facts.
Understanding the cyber terminology, threats and opportunities is critical for every person in every business across all industries. By providing advanced cyber training and education solutions in all departments of your business, from marketing and sales to IT and InfoSec, you are investing in your company’s protection against cyber threats.
President & CEO
Why Credit Card Shocks are Rising
A growing number of Americans are making an unsettling discovery while examining their credit card accounts. Embedded in the list of monthly transactions are charges for things they don’t remember buying or services they can’t recall receiving.
Federal fraud busters and other experts call the ploys behind these nasty surprises “dark patterns.” That term applies to tactics used by online companies, subscription services and even political fundraisers to trick consumers into triggering recurring credit card charges, make unintended purchases or give up personal information.
These can be items sneaked into web shopping carts. Or maybe while in the process of buying something online, you were tricked by the software into accepting more expensive item or monthly surcharge. Or perhaps a web company used visual fakery like hard to see opt-out buttons to deceive you into unintentionally opting in every month.
Tactics like these are sometimes illegal under a federal law that bans “deceptive practices of any kind,” says Katherine Roller, a Federal Trade Commission attorney. But many hide in the law’s shadows: there are no bright legal lines saying when type on a web page is too small or a box too hidden to pass from legal to illegal. And online businesses, fundraisers and, yes, crooks, know that.
“Dark patterns are surging right now,” Roller says. “They manipulate consumers into spending more than they intended, buying things they don’t want or staying subscribed to things they don’t need.”
Cracking down on dark patterns is a hot topic among anti-fraud experts. And lawmakers are looking into giving the FTC more explicit authority to regulate them, according to University of Chicago law professor Lior Strahilevitz.
A 2019 study found dark patterns in 11 percent of 11,000 shopping websites. “That’s a conservative estimate,” says lead author Arunesh Mathur, of Princeton University’s Center for Information Technology Policy. He also found them in political emails.
And everyone is at risk. “I’ve been fooled by them and so have computer experts who study them,” Strahilevitz says. Lawmakers’ efforts to root out the deception are likely to take a while. In the meantime, here’s how to spot and avoid six types of dark patterns.
1. Trick questions. Shopping websites may deploy double negatives or other convoluted wording to confuse you. In a study coauthored by Strahilevitz, half of the participants who chose a subscription service via a series of tricky questions thought they’d rejected it.
Outsmart them: If a question is hard to understand, read it through several times. On rare occasion, it’s an innocent case of bad wording. But often it is deliberately confusing. “If you read a question twice and don’t understand it, that’s your cue to exit,” Strahilevitz says.
2. Fool-the-eye fakery. Visual tricks can nudge you to click a bright red “yes” button instead of a muted gray “no” button, miss important info tucked in the fine print or force you to click through several screens to avoid an unwanted purchase, Mathur says.
Outsmart them: Always read all the fine print. Enlarge the type size on your computer if needed. And bring a healthy skepticism: Any signs of deceptive or coercive language should have you moving on.
3. Bullying buttons. Mathur found 164 websites that made shoppers click a button that said something like “No thanks, I’d rather pay full price,” or “I don’t want one-day delivery” to decline a purchase. Called “confirm-shaming,” this tactic aims to guilt you into an unwanted purchase, he says.
Outsmart them: Remember, you are in control. Shrug off the psychological tricks and only say yes to what you want, says Kelly Quinn, an associate professor at the University of Illinois at Chicago.
4. “End at midnight” and “just 1 left” blurbs. In Mathur’s study, 40 percent of discount countdown timers were fakes, the deal was still available when the timers ended.
Outsmart them: Don’t let the fear of missing out force you to make a hasty purchase, he says. Take your time comparing prices and options. For most consumer products or services, sales come and go all the time.
5. Sneaky extras. Mathur found 62 websites that preselected expensive products or pressured shoppers to choose them. Seven snuck extra items into their shopping carts.
Outsmart them: “Check your cart very carefully before you confirm a purchase,” Strahilevitz says. “I’ve seen subscriptions and donations added.”
6. Data grabs. Websites and apps make frequent attempts to acquire info like your cellphone number, address, and email. “Personal information is valuable,” Quinn says. “Companies sell it and use it to target ads at you.”
Outsmart them: Give away as little as possible online. Don’t provide your phone number for optional discounts or to place an order.
Michael Cripps,President and CEO
FRCH Fraudulent Phishing Emails
A Letter From The President
Google Play Updates Affecting Mobile Banking
Due to new Google Play Store requirements, Android phones on version 10 and lower can no longer access to the Mobile Banking application.
What does this mean?
The Google Play App store is used by many vendors (Google, Samsung, Motorola, etc.) to deliver applications to devices. Starting in August 2021, Google is enforcing new API (Application Product Interface) requirements that mean app support must be confined to Android version 11 or higher.
How does this impact my customers?
If a user's phone is unable to update to Android 11 and/or a third-party Mobile Banking application does not support Android upgrades, those users are unable to use the CSI Android Mobile Banking application.
This also removes the ability for a customer to make mobile deposits.
The customer can continue to access Internet Banking on their mobile device via their web browser.
Internet Explorer End of Life
Beginning in August 2021, Microsoft will be ending support for Internet Explorer. In preparation, Internet Explorer users accessing our Digital Banking will be re-directed to a message requesting that they update their browser. This new page will contain links where they can download suggested browser alternatives.
Online Shopping Scams
July 8, 2021
How to spot an online shopping scam
Over the past year we have changed our habits and taken more of our shopping online, and scammers have taken notice. Scammers are creating legitimate-looking sites using stolen images and fake assurances to take advantage of people purchasing from unfamiliar sellers. Some are even preying on people looking to buy a pet or other big-ticket item, touting fake offers for “contactless delivery” that could leave customers empty-handed and out hundreds or thousands of dollars.
Scammers have your online shopping on their radar.
Here is what to look for:
Unreal deals. Scammers may lure you in with a deeply discounted offer that seems too good to be true, only to tack on fees or fake COVID-related costs once you make the first payment.
Unknown sellers. Anyone can set up an online shop or post an ad on social media. If you can, have a video call with the seller to meet them and see what you are buying, especially if it’s a big-ticket item like a used car or pet. If you are looking for a pet, please consider adopting locally to help ensure a safe experience.
Pressure to buy. Be wary of any seller who pressures you to buy right away or asks you to pay using a digital payment service such as Zelle®, wire transfers, or even gift cards — none of which provide payment protection. Use a credit card if you can.
Bad reviews. Do an online search on the seller, product, and related scams by using terms like “review,” “complaint,” or “scam”. No reviews can be a red flag too. Get a second opinion from a friend or family member.
Be aware: Payment apps, gift cards, and wire transfers do not have protection like a credit card or debit card, so you may not get your money back once it has been sent.
President & CEO
Letter from the President
4 Warning Signs of Computer Viruses
Computer viruses can infect your computer in the blink of an eye, and many can do some serious damage to your system. So, watch out for these warning signs.
- Strange and frequent pop-ups.
If you are getting bombarded by pop-up ads, this may be a sign your computer is infected by a virus. Also beware of unusual alerts and ads that advertise anti-virus products.
- Messages you did not send.
If a friend says they received a fishy email or a social media message from you that you did not send, you might have a computer virus.
- Lockdown warning.
This might be the scariest virus symptom you will ever see: a pop-up message saying you are locked out of your computer. This is commonly called ransomware since the scammer tells you to send money to unlock your system. Take your computer to a computer repair professional.
- Very slow startup.
If your computer takes forever to boot up – and you have done all the usual troubleshooting, including reducing the number of programs that launch a startup – this may be a symptom of an infection.
President & CEO
IRS Warns University Students & Staff of Email Scam
The IRS yesterday issued a warning concerning an ongoing IRS-impersonation scam that appears to primarily target educational institutions, including students and staff who have ".edu" email addresses. The IRS has received complaints about the impersonation scam in recent weeks from people with such email addresses. The phishing emails appear to target university and college students from both public and private, profit and non-profit institutions.
The suspect emails display the IRS logo and use various subject lines such as "Tax Refund Payment" or "Recalculation of your tax refund payment." It asks people to click a link and submit a form to claim their refund. That form requests much more personal identification information than the IRS does on its "Where's My Refund?" webpage.
The IRS warned people who receive the scam email not to click on the link in the email message.
FTC Warns of Scams Regarding COVID-19 Payment
Acting Federal Trade Commission Chairwoman Rebecca Kelly Slaughter issued the following statement regarding the enactment of the American Rescue Plan Act of 2021: "For the millions of Americans who have taken a financial hit because of COVID-19, help is on the way in the form of much needed stimulus payments. This is great news. But we want to remind everyone that scammers always try to take advantage of big headlines to trick people out of their money. Specifically, know that:
The government will not ask you to pay anything up front to get this money.
The government will not call, text, email, or message you on social media to ask for your Social Security, bank account, or credit card number. Anyone who does is a scammer.
Anyone who tells you to pay by a wire transfer, gift card, or cryptocurrency is a scammer, regardless of their story.
If you spot one of these scams, or any scam, please tell the Federal Trade Commission at ReportFraud.ftc.gov. And to learn more about avoiding pandemic-related scams, visit ftc.gov/coronavirus."
A Message From The President
A few weeks ago, the Indiana Department of Revenue (DOR) sent a warning to residents of a tax scam as reported by the IRS. One can only assume we will be seeing the same thing as Illinois residents. This scam is sent through text message and is trying to trick individuals into providing personal information to receive a $1,200 Economic Impact Payment.
The scam text reads:
“You have received a direct deposit of $1,200 from COVID-19 TREA FUND. Further action is required to accept this payment into your account. Continue here to accept this payment…”.
The text includes a link to a fake web address.
The IRS has advised people who receive this text scam to take a screen shot of the text message and include the screen shot and email to firstname.lastname@example.org with the following information:
Date/Time/Time zone that they received the text message
The number that appeared on the Caller ID
The number that received the text message.
More information regarding the scam can be found at irs.gov.
President & CEO
Stimulus ATM Cards
If someone received their stimulus money on a debit card and they are wondering how to get the funds off the card, there are a couple options:
There are 3 ATMs in Murphysboro that you can use their PIN number and withdrawal the cash service charge free. The ATM’s are located at Walgreens, Huck's or Kroger. On the website that we have listed below, there is an ATM Locator tool that you can search by zip code to find other ATM’s.
You can go to www.eipcard.com and create an account and have money transferred to a bank account for no fee. They will have you set up a user name, security questions, have an email address and cell phone number for verification codes to complete registration.
You can simply use the card anywhere VISA is excepted for point of sale transactions until the balance is zero.
For Your Information
Our credit card program has a new website for you to pay your bills, access statements and redeem your reward points.
The new website is http://www.bankcardcenter.net.
You will need to set up a new profile, but that only takes a few minutes.
If you have any questions about this new website, please contact me.
- Troy Cripps,
The First Bank and Trust Company of Murphysboro
Customer Education and Awareness
In a more concerted effort to keep you informed of what is going on in the world of Cybersecurity and to give you more resources to protect yourself and your family, we are transforming our "President's Letter" page to a "Customer Education" page.
Here, you will be able to find articles and links to keep yourself informed in our evergrowing technological world. Don't worry though, when our President has something to tell you, you'll still be able to find it here.
FB&T Helping The Community
THE FIRST BANK AND TRUST COMPANY OF MURPHYSBORO is committed to supporting our customers and community, now more than ever. Through our partnership with @FHLBC (Federal Home Loan Bank of Chicago) we are provided $15,000.00 in grants to two local businesses on September 4, 2020.
The Federal Home Loan Bank of Chicago’s Targeted Impact Fund provides members with grants to support relief efforts for populations hardest-hit by COVID-19 as well as to promote equity and opportunity for communities of color.
In April of this year, THE FIRST BANK AND TRUST COMPANY OF MURPHYSBORO was able to provide $20,000.00 in grant money to two local businesses through the FHLBC’s Covid-19 Relief Program.
THE FIRST BANK AND TRUST COMPANY OF MURPHYSBORO has provided over $1,000,000.00 in PPP loans to our local businesses in an effort to keep small business alive in Murphysboro!
We have an app for that
Our app is now available!
If you are using Apple:
For Android users, use this link: