Avoiding Cyber Fraud

By | September 8, 2018

Here are some tips from the FBI you can use to avoid becoming a victim of cyber fraud:

Business

  • Ensure company policies provide for verification of any changes to existing invoices, bank deposit information, and contact information.
  • Consider requiring two parties sign off on payment transfers.
  • Contact requestors by phone before complying with e-mail requests for payments or personnel records.
  • Ensure that log-in credentials used for payroll purposes are unique.

Do Not

  • Do not give unknown, unverified persons remote access to devices or accounts.
  • Do not communicate with unsolicited email senders.
  • Do not act in haste. Criminals create a sense of urgency to produce fear and lure the victim into immediate action.
  • Do not fill out forms contained in e-mail messages that ask for personal information.
  • Do not sign in, if prompted to do so, in order to access an attachment. Businesses do not send attachments requiring you to login without establishing this as a normal protocol in advance. These will be separate accounts with unique credentials, not your windows or webmail login.
  • Do not use links to financial institutions you receive via email. Log on directly to the website instead of “linking” to it from an unsolicited e-mail.

Employees

  • Only open attachments from known senders. Even then be aware that if you are seeming something new it could be illegitimate. Take the time to verify it with the sender.
  • Always compare the link in the e-mail to the link you are actually directed to and determine if they match.
  • Use strong passwords and do not use the same password for multiple websites.
  • Store your passwords in an encrypted file and never in the cloud. Programs like KeePass can help.
  • Be aware that fraudulent e-mails requesting your personal information can be made to appear to be legitimate.
  • When providing personally identifiable information, credit card information, or other sensitive information to a website, ensure the transmission is secure by verifying the URL prefix includes https, or the status bar displays a “lock” icon and that the domain is that of the vendor.
  • Remember that legitimate customer, security, or tech support companies will not initiate unsolicited contact with individuals.
  • Be cautious of customer support numbers obtained via open source searching. Phone numbers listed in a “sponsored” results section are likely boosted as a result of Search Engine Advertising.
  • When you recognize fraudulent attempts to communicate with you cease all communication with the criminal.

Home

  • Ensure all computer anti-virus, security, and malware protection is up to date. If you do not have this on you home PC we can provide it for as little as $2 a month. In most cases your employer will cover the cost.
  • Install ad-blocking software that eliminates or reduces pop-ups and malvertising (online advertising to spread malware).
  • Do not store sensitive or embarrassing photos of yourself online or on your mobile devices.
  • Monitor your bank account statements regularly, as well as your credit report at least once a year for any fraudulent activity.
  • Request a free credit report every 12 months. Stager the request between the three credit agencies.
  • Ensure security settings for social media accounts are turned on and set at the highest level of protection.
  • Never provide personal information of any sort via e-mail.
  • If it looks too good to be true, it probably is.