Banking #3 "Brand Fishing" Target
Banking has overtaken retail as the No. 3 most likely industry target for hackers seeking to acquire and misuse customers’ personal information. These bad actors often pose as representatives of your financial institution in their attempts to get at your login information or account data.
Only technology and shipping companies are more susceptible to being targeted by phishing scammers, as reported by Check Point Research in its Brand Phishing Report for Q1 2021. (Check Point Research is the threat intelligence arm of Check Point Software Technologies Ltd., a leading provider of cybersecurity solutions globally.)
Microsoft continued to be the brand most targeted by brand phishing, representing 39% of all global brand phishing attempts. International shipper DHL came in second, with 18% of such attempts. Rounding out the top 10 brands were: Google (9%), Roblox (6%), Amazon (5%), Wells Fargo (4%), Chase (2%), LinkedIn (2%), Apple (2%) and Dropbox (2%).
“Criminals increased their attempts in Q1 2021 to steal people’s personal data by impersonating leading brands, and our data clearly shows how they change their phishing tactics to increase their chances of success,” said Omer Dembinsky, Data Research Manager at Check Point Research, in a press release. “The change seen this past quarter was in the industry of banking.”
Read more here www.forbes.com
Synthetic identity fraud is reported to be the fastest-growing type of financial crime (Off-site) in the United States, accounting for billions in losses annually. Moreover, the use of multiple definitions for synthetic identity fraud throughout the industry poses a fundamental problem – inconsistent categorization and reporting, making it difficult to identify and mitigate this type of fraud.
To respond to this challenge, the Federal Reserve convened a cross-industry focus group of 12 fraud experts in the fall of 2020 to develop a recommended definition of synthetic identity fraud.
“A shared understanding of what constitutes synthetic identity fraud is expected to improve its detection, measurement and mitigation in the payments industry,” said Jim Cunha, senior vice president at the Federal Reserve Bank of Boston. “Consistent use of this definition within and across organizations can enable us to discuss, identify and classify synthetic identity fraud in a similar manner.”
This spring, the focus group concluded their work with the recommendation that the following definition be used by the payments industry as it relates to synthetic identity fraud:
Synthetic identity fraud (SIF) is the use of a combination of personally identifiable information (PII) (Off-site) to fabricate a person or entity in order to commit a dishonest act for personal or financial gain.
To supplement the definition and further educate the industry, the group also outlined identity elements that may be used to create a synthetic identity, common uses of synthetics and the potential applications of the definition. Learn more about the focus group’s efforts and the development of this definition.
Microsoft Exchange Hack
What is Cryptocurrency?
Working in the banking world today, this is a question we get a lot.
The following article was written by Kate Ashford for Forbes, and can answer questions for our customers that may not have much exposure to cryptocurrency.
SolarWinds: What You Should Know
The following link will take you to a blog written by Steve Sanders.
CSI continues to monitor and access the situation.
COVID-19 Vaccine: Scammers Won't Be Far Behind
Reports about the release of COVID-19 vaccines by the end of the year are promising, but plans for distribution are still being worked out.
Here’s what we know right now: Two vaccine manufacturers (Pfizer/BioNTech and Moderna) have submitted applications for Emergency Use Authorization to the Food and Drug Administration (FDA). The FDA could complete its review of these applications by the third or fourth week of December 2020. Additional vaccine manufacturers are expected to apply for FDA authorization in 2021. The Advisory Committee on Immunization Practices (ACIP), an independent group of experts convened by the Centers for Disease Control and Prevention (CDC), has already recommended that health care workers and residents of long-term care facilities should receive the first available doses. As additional data is available, more vaccines are authorized by the FDA, and vaccine production increases, ACIP will continue to update its recommendations.
Once the FDA authorizes one or more vaccines from pharmaceutical manufacturers, vaccines will be distributed to federal- and state-approved locations. For most people living in the U.S., states and territories will make the final decisions on who will get the vaccines and when. States are also working on their own specific vaccination plans. You may want to check with your state for specific information regarding distribution plans in your state. More information on where and how to get a COVID-19 vaccine will be available once vaccines are authorized and/or being shipped out.
While we wait for a timeline and more information, there’s no doubt scammers will be scheming. Here’s what you need to know to avoid a vaccine-related scam:
- You likely will not need to pay anything out of pocket to get the vaccine during this public health emergency.
- You can’t pay to put your name on a list to get the vaccine.
- You can’t pay to get early access to the vaccine.
- No one from a vaccine distribution site or health care payer, like a private insurance company, will call you asking for your Social Security number or your credit card or bank account information to sign you up to get the vaccine.
- Beware of providers offering other products, treatments, or medicines to prevent the virus. Check with your health care provider before paying for or receiving any COVID-19-related treatment.
If you get a call, text, email — or even someone knocking on your door — claiming they can get you early access to the vaccine, STOP. That’s a scam. Don’t pay for a promise of vaccine access or share personal information. Instead, report it to the FTC at ReportFraud.ftc.gov or file a complaint with your state or territory attorney general through consumerresources.org, the consumer website of the National Association of Attorneys General.
Stay connected to stay informed. Subscribe to consumer alerts from the FTC. When you do, you’ll get updates delivered right to your email inbox. You may also want to check your state or territory attorney general’s website for consumer alerts and other helpful information.
Black Friday & Cyber Monday Cybersecurity Tips
The bad guys are at it again with holiday phishing scams, and this time from the comfort of your user's home. Because we are in the middle of a pandemic, retailers have already started online Black Friday deals that attract scammers.
Cyber Monday will also be bigger than ever before. That means you and your users need to be extra cautious when shopping online over the Black Friday and Cyber Monday weekend.
According to TechCrunch, estimates of ecommerce growth rates by 18% will continue to increase during the holiday season. The growth in e-commerce will result in an increase of online scams. Since the beginning of November, Checkpoint research showed the first half of November already showed an 80% increase in phishing campaigns relating to sales & shopping special offers.
It's Holiday Season for the bad guys too! But not the way you might think. They go into scam-overdrive mode. Black Friday and Cyber Monday are the busiest online shopping days and the bad guys are planning to get rich with your money. So, here are this year's Top 10 Holiday Cybersecurity Alert Tips:
- Keep all devices up to date with basic security measures to lessen your chance of becoming the victim.
- Only connect to known Wi-Fi networks; beware of network names that have typos or extra characters.
- Use strong, unique passwords on all accounts. This is a good time to update passwords!
- Be safe on all social media; don't overshare and take the time to review your privacy settings on the platforms you use.
- Keep an eye on your bank accounts and monitor your credit report regularly.
- Be careful with messages regarding shipping changes. Always use official channels to stay updated.
- Watch out for holiday greeting cards that may not be the sender you think! Don't open these unless you're certain you can trust who they came from.
- Keep devices in view (or know where they are) throughout the course of all holiday travel.
- Pay close attention to the websites you visit and shop on. It's safest to only use those you trust.
- Be wary of ads, giveaways, and contests that seem too good to be true. These run rampant during the holiday season!
Letter from the President
November 9, 2020
The Indiana Department of Revenue (DOR) is warning residents of a tax scam as reported by the IRS. One can only assume we will be seeing the same thing as Illinois residents. This scam is sent through text message and is trying to trick individuals into providing personal information to receive a $1,200 Economic Impact Payment.
The scam text reads:
“You have received a direct deposit of $1,200 from COVID-19 TREA FUND. Further action is required to accept this payment into your account. Continue here to accept this payment…”.
The text includes a link to a fake web address.
The IRS has advised people who receive this text scam to take a screen shot of the text message and include the screen shot and email to email@example.com with the following information:
- Date/Time/Time zone that they received the text message
- The number that appeared on the Caller ID
- The number that received the text message.
More information regarding the scam can be found at irs.gov.
President & CEO
Listed are some topics and tips on Cybersecurity.
Cybersecurity & Infrastructure Security Agency
Link on how to shop smarter online this Holiday Season.
Federal Deposit Insurance Corporation
Link on Cybersecurity protection topics and tips.
Federal Trade Commission
Link to Small Business Cybersecurity tips and topics.
US Gov't Charges Six Members of GRU
The United State Government has formally charged six members of GRU, Russia's Military Intelligence Agency, for carrying out cyber attacks aimed at causing monetary losses and distabilization.
For more information, please click on the link below.
July 21st, 2020
July 21, 2020
WE ARE HERE TO HELP
THE FIRST BANK AND TRUST COMPANY OF MURPHYSBORO is working with federal and state banking agencies, as well as other financial institutions to consider all reasonable and prudent steps to assist customers affected by the Coronavirus (COVID-19). In addition, the bank is monitoring information issued by international and U.S. health organizations. Regulatory agencies have encouraged financial institutions to work with customers impacted by the Coronavirus. Customers experiencing difficulties beyond their control should work directly with their financial institutions. Should you wish to discuss, please call us at 618.687.1711 or firstname.lastname@example.org.
BEWARE OF SCAMS
If you receive calls, emails, or other communications claiming to be from the FDIC or another federal agency, and offering COVID-19 related grants or payments in exchange for personal financial information, or a charge of any kind, please do not respond. These are scams. Additional guidance on how to report COVID-19 scams is available from the U.S. Department of Treasury website. You can also read the FDIC's Special Edition of FDIC Consumer News for COVID-19.
WHAT WE ARE DOING
· We encourage customers to use our mobile and online banking services, as well our ATMs and night depositories.
· We have instituted and enhanced preventative cleaning measures at branch and office locations to protect health of both customers and employees.
· We are providing personalized assistance to customers who have been financially impacted by coronavirus.
· We are Informing customers about COVID-19-related scams and encouraging them to vigilantly protect their personal information.
· We are participating in the Small Business Administration’s Payroll Protection Program and have obtained over $1,000,000 in such loans for our business customers.
· We are tailoring our already personized service even more for our customers who have been severely impacted.
· Some of our employees have preexisting breathing issues so, we encourage our customers and employees to maintain proper social distancing whenever possible and to wear masks when not possible.
Michael Cripps,President & CEO