Online Banking Login Security Statement

Security Tips & Alerts

Technology Topic of the Month

Avoiding Ratting/ Get Safe Online

You use your computer or mobile device for many everyday private or confidential tasks, which is why it is essential to take precautions to protect it from viruses and spyware. One type of spyware becoming increasingly common is known as a RAT (Remote Access Trojan), which criminals can use to access your computer or mobile device to take control of it to obtain your private information or spy on you. This is known as ratting.

RATs are usually downloaded invisibly with a program requested by you- for example a game- or sent to you as an email attachment. They can perform actions similar to legitimate software. RATs can be difficult to detect because neither do they usually show up in lists of the programs or tasks you are using, nor can you generally notice that they are affecting your device's performance.

RATs being used to take control of webcams is becoming increasingly common, with the objective of the resulting video or images being used for blackmail or other inappropriate purposes.

The Risks

  • Being spied on (including being recorded) via your own webcam. In some cases, they are designed to do so without activating the indicator light, so you are unaware that you are being watched.
  • Having your online behavior monitored (including which websites you are visiting, who you are emailing, what you are typing.
  • Having your confidential information accessed- including bank account and social security details.
  • Being used as part of a botnet to distribute viruses and other malware.
  • Having your files and file systems deleted, downloaded or altered.

How to Avoid Ratting

  • Ensure you have effective and updated antivirus/antispyware software and firewall running whenever your computer or mobile device is switched on.
  • Do not be tempted to download programs or apps that are not from a trusted source, as they could contain RATs and other malware.
  • Download updates to your programs and apps when prompted to do so... they often include security fixes.
  • Take great care a bout opening attachments in emails, even if they seem to be from people you know.
  • Avoid suspicious website and torrent downloading. Many such downloads are not only against the law, but also a major gateway for this type of cyber-attack.
  • Cover your webcam when not in use, whether it is a built-in or clip-on device.

If you think you have been the victim of being spied on vial your web cam

Report the incident to your local police.

Spam and Scam Email/ Get Safe Online

email is both an excellent communication tool and also a way that companies can inform you about their latest products and services. however, email is frequently used to deliver unwanted material which is at best, annoying and at worst, malicious- causing considerable harm to your computer and yourself.

These include the following:

Spam (or Junk) email

The vast majority of email sent every day is unsolicited junk mail.

Examples include:

  • Advertising, for example online pharmacies, dating, gambling.
  • get rich quick and work from home schemes.
  • Hoax virus warnings.
  • Hoax charity appeals.
  • Chain emails which encourage you to forward them to multiple contacts (often to bring ' good luck').

How spammers obtain your email address

  • Using automated software to generate addresses.
  • Enticing people to enter their details on fraudulent websites.
  • Hacking into legitimate websites to gather user's details.
  • Buying email lists from other spammers.
  • Inviting people to click through to fraudulent websites posing as spam email cancellation services.
  • from names/addresses in the cc line, or in the body of emails which have been forwarded and the previous participants have not been deleted.

The very act of replying to spam email confirms to spammers that your email address exists.

How to spot a scam

Spam emails may feature some of the following warning signs:

  • You don't know the sender.
  • Contains misspellings designed to fool spam filters.
  • Makes an offer that seems too good to be true.
  • The subject line and contents do not match.
  • Contains an urgent offer end date ( for example "Buy now and get 50% off )
  • Contains a request to forward an email to multiple people, and may offer money for doing so.
  • Contains a virus warning.
  • Contains attachments, which could include, exe files.

The Risks

  • It can contain viruses and spyware.
  • It can be a vehicle for online fraud, such as phishing.
  • Unwanted email can contain offensive images.
  • Manual filtering and deleting is very time-consuming.
  • It takes up space in your inbox.

email Scams

Scams are generally delivered in the form of a spam email (but remember, not all spam emails contain scams). Scams are designed to trick your into disclosing information that will lead to defrauding you or stealing your identity.

Examples of email scams include:

  • emails offering financial, physical or emotional benefits, which are in reality linked to a wide variety of frauds.
  • These include emails posing as being from "trusted" sources such as your bank, the Inland Revenue or anywhere else that you have an online account. They ask you to click on a link and then disclose personal information..

Phishing emails

Phishing is a scam where criminals typically send emails to thousands of people. These emails pretend to come from banks, credit card companies, online shops and auction sites as well as other trusted organizations. They usually try to trick you into going to the site, for example to update your password to avoid your account being suspended. The embedding link in the email itself goes to a website that looks exactly like the real thing but is actually a fake designed to trick victims into entering personal information.

  • The email itself can also look as if it comes from a genuine source. fake emails often (but not always) display some of the following characteristics:
  • The sender's email address is different from the trusted organization's website address.
  • The email is sent from a completely different address or a free webmail address.
  • The email does not use your proper name, but uses a non-specific greeting such as "Dear customer."
  • A sense of urgency; for example the threat that unless you act immediately your account may be closed.
  • A prominent website link. These can be forged or seem very similar to the proper address, but even a single character's difference means a different website.
  • A request for personal information such as username, password or bank details.
  • You weren't expecting to get an email from the organization that appears to have sent it.
  • The entire text of the email is contained within an image rather than the usual text format. The image contains an embedded link to a bogus site.

Use email safely

  • Do not open emails which you suspect as being spam.
  • Do not forward emails which you suspect as being spam.
  • Do not open attachments from unknown sources.
  • Do not readily click on links in emails from unknown sources. Instead, roll your mouse pointer over the link to reveal its true destination, displayed in the bottom left corner of your screen. Beware if this is different from what is displayed in the text of the link from the email.
  • Do not respond to emails from unknown sources.
  • Do not make purchases or charity donations in response to spam email.
  • Don't click on "remove" or reply to unwanted email.
  • Check junk mail folders regularly in case a legitimate email gets through by mistake.
  • When sending emails to multiple recipients, list their addresses in the 'BCC' (blind copy) box instead of in the 'To box'. This way, no recipient will see the names of the others, and if their addresses fall into the wrong hands, there will be less chance of you or anybody else receiving phishing or spam emails.
  • Similarly, delete all addresses of previous parties in the email string, before forwarding or replying..
  • If you are suspicious of an email, you can check it is on a list of known spam and scam emails that some internet security vendors such as MacAfee and Symantec feature on their websites.
  • Most Microsoft and other email clients come with spam filtering as standard. Ensure yours is switched on.
  • Most spam and junk filters can be set to allow email to be received from trusted sources, and blocked from untrusted sources.
  • When choosing a webmail account such as Gmail, Hotmail and Yahoo! Mail, make sure you select one that includes spam filtering and that remains switched on.
  • Most internet security packages include spam blocking. Ensure that yours is up to date and has this feature switched on.

Fraud Prevention Quiz

Are you protecting your identity and financial information?

1. Social networking on websites can be a fun and convenient way to meet people and stay connected. What information do you include on your social networking profile? (Select all that apply)

a) My date of birth, including the year

b) My phone number

c) My physical address

d) None of this information appears publicly on my profile.

e) None, I do not have a social networking profile.

2. Are you reviewing your credit report annually or subscribing to a reporting service that notifies you of changes to your credit report?

a) Yes

b) No

3. Which of the following kinds of documents do you shred before throwing away. (Select all that apply)

a) Unwanted credit offers

b) Transaction and ATM receipts

c) Cancelled checks

d) Financial statements

e) Expired bank cards

f) None, I do not shred these items

4. Answer True or False to the following statements:

I receive my financial information (bank statements, credit card statements, checks, or other notices )online or in a secure mailbox.

a) True

b) False

I review my financial statements or account activity online regularly and report any discrepancies or suspicious transactions immediately.

a) True

b) False

5. In the past month, have you updated the anti-virus software on your computer(s)?

a) Yes

b) No

6. Libraries, copy centers, and other locations have computers available for public use. Do you use these computers to access personal or financial account information?

a) Yes

b) No

7. Answer True or False to the following statements regarding your online banking password:

I change my password regularly (every 30 to 60 days)

a) True

b) False

I use my date of birth, Social Security number, or other personal information for my password.

a) True

b) False

I choose passwords that contain a combination of letters, numbers, and special characters.

a. True

b. False

8. Imagine you receive an email with the following message:

EMAIL CHANGE NOTIFICATION

Dear Customer!

Thank you for banking online at grandviewbank.com. Our records indicate that you recently added or made a change to your email address(es). This notification is to confirm that you initiated this change.

If you feel you have received this email in error and did not add or change your email address(es), please click here.

Sincerely,

Online Banking Team

What are most likely to do?

a.) Click on the link and sign into an online banking session.

b) Respond to the email sender asking for more information.

c) Delete the email.

d) Forward the email to grandviewbank.com and then delete it

e) Send it to a friend to see what she thinks

9. Mobile banking applications are programs you can download to your mobile device. If you have suspicions about the authenticity of a mobile banking app, what should you do? (Select all that apply)

a) Download it anyway because tools on the Web are always safe.

b) Contact the financial institution for instructions on how to access its mobile app.

c) Conduct your banking through the official mobile website instead of using the app.

d) Don't download the app

e) Verify that the name of the app publisher is correct.

10. If you receive a phone call from someone who claims to be an employee of your bank and the caller asks for your Personal Identification Number (PIN) or other confidential information, what would you do?

a) Provide the information requested so that your bank can confirm your identity.

Do not provide any information, ask the caller for the purpose of the call, and contact the bank directly regarding this inquiry.

Fraud Prevention Results

1. Social networking on websites can be a fun and convenient way to meet people and stay connected. What information do you include on your social networking profile?

Answer:  e) None of this information appears publicly on my profile.

if you participate in social networking, you should safeguard your information. Avoid sharing personal details that are used by financial institutions to identify you, such as your birth date, home address, mother's maiden name, schools attended,/mascots and pet's name. Fraudsters may use this type of information to help gain access to an account since they are common answers to security questions. So be sure to keep this information safe and update the privacy settings for your profile.

2. Are you reviewing your credit report annually or subscribing to a reporting service that notifies you of changes to your credit report?

Best answer: Yes

It's a good idea to review your credit report at least once a year for any suspicious or unauthorized activity. Each of the three major credit bureaus offers a free credit report once a year.

You can also purchase a daily credit monitoring service to receive notifications when something changes. this will alert you to possible unauthorized activity.

3. Which of the following kinds of documents do you shred before throwing away?

Best answer: All of the above

Many fraud and identity theft incidents happen as a result of mail and garbage theft. The safest way to protect your finances and identity is to shred documents containing personal or financial information before discarding. If you download or receive electronic documents, be sure to store them securely and delete when no longer needed.

4. Answer True or False to the following statements:

True. I receive my financial information (bank statements, credit card statements, checks, or other notices) online or in a secure mailbox.

True. I review financial statements or account activity online regularly and report any discrepancies or suspicious transactions immediately.

Depending on your needs and circumstances, reviewing financial statements or account activity online regularly may improve your ability to quickly identify suspicious or unknown transactions.

If you choose to receive paper copies of your information, you should promptly retrieve incoming mail to limit the opportunity for theft. Outgoing mail containing sensitive information should be dropped into a USPS mailbox, not left for carrier pickup.

5. In the past month, have you updated the anti-virus software on your computer.

Correct Answer: Yes

Antivirus software helps protect your computer from viruses, spyware, and other types of malware. Install, run, and update your anti-virus software regularly to help ensure that new viruses are detected and prevented from infecting your computer. You should also ensure your computer operating system, software, browser version and plug-ins are current. Before downloading an update to your computer program, first go to the company's website to confirm the update is legitimate.

6. Libraries, copy centers, and other locations have computers available for public use. Do you use these computers to access personal or financial account information?

Correct Answer: No

Conduct online banking activities on secure computers only. Public computers (computers at internet cafes, copy centers, etc) should be used with caution, due to shared use and possible tampering, viruses, hardware keystroke loggers, etc. Online banking activities and viewing or downloading documents (statements, etc.) should only be conducted on a computer you know to be safe and secure.

7. Answer True of False to the following statements regarding your online banking password:

Best Answer:

True. I change my password regularly (every 30 to 60 days).

False. I use my date of birth, Social security number, or other personal information for my password.

True. I choose passwords that contain a combination of letters, numbers, and special characters.

Do not use your Social Security number, date of birth, family names, or other personal information as a username or password. Change your usernames and passwords regularly and use combinations of letters, numbers, and "special characters", when possible, such as "pound" (#) and "at" (@) signs. Do not use your online banking password for other online accounts such as email, etc.

8. Best Answer: Delete the email

Be wary of emails that request you to click on a link in order to resolve a problem. Never open attachments, click on links, or respond to emails from suspicious or unknown senders. The email could be "phishing" attempts to convince you to divulge your personal information. These emails should be reported to the company they claim to represent and then deleted.

9. Mobile banking applications are programs you can download to your mobile device. If you have suspicions about the authenticity of a mobile banking app, what should you do?

Best answer:

b) Contact the financial institution for instructions on how to access its mobile app.

c) Conduct your banking through the official mobile website instead of using the app.

d) Don't download the app.

To ensure the safety of your personal and account information, download mobile apps from reputable sources only. download the Grandview Bank app by searching " Grandview Bank" in your phone's app store. If you have suspicions about the authenticity of a mobile banking app, web -enabled mobile phone users can bookmark grandviewbank' s official mobile banking site, to conduct your banking.

10. If you receive a phone call from someone who claims to be an employee of your bank and the caller asks for your Personal Identification Number (PIN) or other confidential information, what would you do?

Best Answer:  b) Do not provide any information, ask the caller for a reference number and his or her name, and contact the bank directly regarding this inquiry.

If you are uncomfortable with a phone call that was not initiated by you, hang up or ask for the purpose of the call. then contact the company using legitimate sources such as contact phone numbers found on the company's website, your bank statements, and those listed on your debit or credit card. Never share your PIN or passwords with anyone. memorize your PIN and don't write it down anywhere, especially not on your ATM or debit card.

 

Back to the top