Sun, Sand, and Cyber Security

Every summer, vacationers put their house lights on timers and their mail on hold when they travel away from home. It’s just as important when taking a vacation to take similar precautions with good cyber habits. Many cyber criminals specifically target travelers…

Criminals often set online lures to sell fake vacations or tickets. These may be just simple advertisements or sophisticated scams using realistic websites, complete with phone operators that will “assist” you.

Home Alone
Social media posts with pictures of tourist attractions may update your friends and family, but they also tell criminals that you’re on vacation and your house is empty. Other older posts may contain personal details or pictures of your home, telling thieves what items of value are in the house or how to circumvent security systems.

Stolen “Keys”
Sensitive data, such as login names and passwords, are especially valuable to criminals. One way criminals obtain such data is by installing a “keylogger” on hotel public computers. The keylogger records every keystroke typed on the computer and then transmits that information to the criminal.

Missed Connection
Some cyber criminals specialize in “sniffing” the Wi-Fi and public networks in airports and coffee shops, allowing the criminal to collect and read all information sent over a wireless network.

Other criminals use a practice called “juice jacking”, where the criminal rigs a public charging kiosk to siphon information directly from your device when you plug into it.

Who’s the Boss?
The cyber security threat doesn’t end with you; Social engineers often use information about a boss’ vacation to gain physical access or commit financial fraud. The social engineer knows that they can reference the boss and the boss will not be reachable to verify whether he/she really did order the “repairman” or gave instructions for a fraudulent wire transfer.

When in Rome…
Different countries have different laws, which may allow government employees or law enforcement full access to your device without your knowledge or permission. Some countries are known to collect all data residing in that country, while others collect data from devices left in hotel rooms. This may be very important in countries that do not have the same freedom of speech as the United States. Some of these countries are known to have jailed tourists who posted negative comments online about the government or who posted criminal activities online, such as the use of alcohol or drugs.

Luckily, with a little care it’s possible to avoid these problems. Follow these simple tips to ensure that the only memories from your vacation are good ones:

Easy Tips to Protect Yourself

• Use discretion when posting personal information on social media. This information is a treasure-trove to social engineers. Do not post information about travel plans or details; save the pictures and updates until after you return home.
• Set email away messages to only respond to known contacts in your address book.
• Disable geo-locational features, such as automatic status updates and friend finder functionalities.
• Remind friends and family members to exercise the same caution.

Easy Tips to Protect Your Devices

• Keep your electronic devices with you at all times.
• Before traveling abroad, change all passwords that you will use while traveling, and upon return change the passwords of any accounts that were accessed while abroad. This includes passwords used by social media websites and email providers, for which you have automatic logins.
• Do not access sensitive accounts (e.g. banks, credit cards, etc.) or conduct sensitive transactions over public networks, including hotel and airport Wi-Fi and business centers, or Internet cafés.
• Use up-to-date anti-virus, anti-spyware, and anti-adware protection software; apply recommended patches to your operating system and software.
• Use wired connections instead of Bluetooth or Wi-Fi connections, whenever possible.
• Do not plug USB cables into public charging stations; only connect USB powered devices using the intended AC power adapter.
• Know the local laws regarding online behavior, as some online behaviors are illegal in certain countries.

Telephone Phishing Scam Alert

There is a telephone phishing scam underway in our area that we want our customers to be aware of. The victims of this scam receive a bogus text or telephone message that is supposedly from their bank, which is mentioned by name. The message claims that the customer’s debit card has been deactivated, and tells them to call a phone number provided in the message. When the customer calls that number, they are told to enter their debit card information and a replacement card will be issued.

Under no circumstances would MutualOne Bank contact you in this manner. If you receive such a message or experience any other suspicious or questionable activity regarding your account, please notify us immediately by calling us directly at (508) 820-4000.

Resources to protect consumers

Screen shot 2013-03-07 at 11.37.37 AM

While National Consumer Protection Week, will end on Saturday, the information shared through the website remains a valuable resources for consumers looking to protect their rights and make better-informed decisions about their finances.

Visitors to the site will find a wealth of information on everything from preventing identity theft, and protecting your home and business, to buying products & services, and investing your money.

For more information visit the National Consumer Protection Week website at ncpw.gov.

VIDEO: What is Identity Theft?

The Federal Trade Commission has created this informative video for consumers with 5 easy ways you can protect yourself from becoming a victim.

If you believe you have been a victim of identity theft, please visit your local branch, or contact Client Services at (508) 820-4000.

Please note by clicking on the link to YouTube, you are leaving the MutualOne Bank web site to enter a web site created, operated and maintained by a private business or organization. MutualOne Bank provides this link as a service to our web site visitors. We are not responsible for the content, views, or privacy policies of this site. We take no responsibility for any products or services offered by this site, nor do we endorse or sponsor the information it contains.

Tis the season to safeguard your computer

Special thanks to Matt Lidestri, manager of Security and Internet Products for COCC, a Connecticut-based firm specializing in outsourced information technology and support, for providing this valuable information for our customers.

Not everyone will be looking for sweaters and smartphones this holiday season. In fact, once the tinsel gets tossed and the decorations are packed away, data security will resume its title role, center stage.

The following is a list of gifts that keep on giving and cost little or nothing. Happy holidays!

Back to the Internet

Have you ever noticed when you are shopping online that advertisements seem to focus on just the items you want? That’s the latest technique for tying your online behavior to online advertising – it allows advertisers to place their messages on pages you view just when you’re about to buy a rival’s product.

The latest version of the Firefox browser enables users to stop the madness by opting out of online behavior tracking. Other Firefox features include the ability to protect your browsing history, remove any trace of visiting a particular web site, and to know if content on any given page is legitimate. Hackers often inject evil scripts onto innocent-looking web pages – a technique known as cross-site scripting attacks. This feature gives you a chance to walk away.

Blocking Traffic

Last year, we recommended Comodo, a free firewall to protect customers from malware at home. Let me repeat to anyone who doubts whether they need a firewall in their house – you do. The average time to infect an unprotected computer on the Internet remains under five minutes.

This year, we are recommending another free tool to protect yourself and your family from malware and adult content (gambling, pornography, etc.), on the Internet. K9 by Blue Coat uses the same advanced web filtering technology deployed by companies and governments worldwide — all with a user-friendly interface that allows you to control Internet use in your home.

New Windows

In the past, security literature cited a common culprit – Microsoft – for security weaknesses. Not anymore. The new Windows 7 operating system is fast, easy to use, and has some excellent features that help consumers stay safe. Windows 7 is the product of Microsoft’s Security Development Lifecycle (SDL), which has contributed in developing higher quality code. In addition, it ships with better protection via User Account Control (UAC), which was first introduced in Windows Vista. Any time a program wants to make a major change to your computer, the UAC alerts you and asks for permission. This is a significant defense against hackers and malicious software, since they often change settings and install software to do their dirty work.

For those who prefer a different experience with their PC, there is Ubuntu, a very common user-friendly Linux operating system. The price is right – free – and it provides exceptional device support, an intuitive interface, and strong security. Since most viruses target Windows-based systems at this point in time, using Ubuntu can reduce the likelihood of successful malware infections. If you have family or friends who are prone to tripping across malware, I’d highly recommend giving Ubuntu a closer look.

The New You

Even if you install tons of security solutions, you will still need a sure-fire method for reducing your risk of hacker attacks. Here it is: create at least one ‘regular’ user account on your computer, and use that account exclusively for day-to-day use.

Why is a ‘regular’ user account so effective? Malware often needs to make changes to the system in order to be effective – from hooking into the OS (operating system) to enable keylogging to installing services for persistence between reboots. If you sign in as a regular user with no administrative rights, malware cannot be installed automatically or by simply clicking an “ok” button. That’s good news for the good guys.

Reduce the Junk

Finally, I leave you with a highly effective strategy to stem the tide of junk email: Create a separate junk email account and use it to sign up for promotions, Groupons, and charities. Review this account just once a week, and delete most everything in it, confident that real email from friends, family, and companies that you actually do business with won’t be clouded by spam. Or, forward email from your “junk account” to your real webmail account and create rules to direct these messages to a different folder. This provides easy access to these messages without cluttering your inbox.

Please note: Framingham Co-operative Bank provides these links as a service to our web site visitors. We are not responsible for the content, views, or privacy policies of these sites. We take no responsibility for any products or services offered, nor do we endorse or sponsor the information contained.