HTML Generator Sample Page
 
 

Customer Awareness



Distributed Denial of Service Attack (DDoS)

A denial-of-service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet. A distributed denial-of-service (DDoS) attack is a common attack used against businesses, including financial institutions, where the attack source uses more than one, often thousands, of unique IP addresses that are targeted at the victim causing on overload of activity rendering the service unavailable.

  • DDoS attacks do not steal money
  • DDoS attacks do not steal personal information although an attack may be used as a distraction while a hacker is attempting to steal information

If you experience a DDoS attack at your business, you should shift your attention to any payment systems or any recent online fund transactions you have. DDoS attacks do not involve the hacking of your business, but they are used as a distraction for other means of criminal activity that could include hacking or insider theft within your money payment systems or online banking (funds transfer and ACH) sessions. As a business, you should train your employees in the event you experience a DDoS attack, to first focus on and review all payments going in and out of your organization. You can then work with your vendor to remediate the attack against your systems.

At Central Bank, our employees and third party vendors are trained on DDoS attacks and we have systems in place to monitor and block these types of activities.

Equifax Breach

Equifax announced recently that an estimated 143 million Americans have been subject to one of the largest data breaches in U.S. history. Hackers gained accessed to files through a website application flaw from mid-May through July. Data included names, Social Security numbers, birth dates, addresses and, in some instances, driver's license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed.

  • Equifax is updating their webpage with important consumer information regarding the breach and how you can protect your credit.
  • The Federal Trade Commission is offering steps you can take to help protect your information from being misused.

Identifying and Reporting Common Scams

Don't be a victim! Please click here to be directed to an article that will help you identify and report scams.    .

Protect your company from BEC

Business email compromise (BEC)—also called “wire transfer phishing,” “impostor phishing,” and “CEO phishing”—is a type of cyber attack comprising low-volume campaigns of highly targeted phishing emails. These campaigns focus on one or two people within an organization, asking the recipient to transfer funds or private information of value such as W2 forms directly to attackers.

Please CLICK HERE to review a diagram on how BEC works.

Tips to Prevent BEC

From a technical perspective, you need a secure email gateway that supports advanced options for flagging suspicious messages based on attributes (such as direction and Subject line) and email authentication techniques. At a minimum, configure your email gateway to block messages that spoof your domain(s); this function is built into most secure email gateways. Another best practice is automatically adding the [EXTERNAL] tag or a similar designation to the subject line of emails sent from outside your organization.

From a human resources perspective, train your staff and put the effective processes in place. Here are a few basic guidelines:

  • Be suspicious
  • If something doesn't feel right, it probably isn't
  • Slow down
  • Check the Reply-To field
  • Check the domain
  • Watch for the use of personal accounts
  • Follow a process

Adding safeguards that include out-of-band contact (personal interactions outside the back and forth of email conversations) can save organizations hundreds of thousands or even millions of dollars. Vigilant employees are the last line of defense against these threats. You should create a culture in which employees ask questions, think carefully, and understand their important role in security.

Guide to Cybersecurity

Your home has locks on the doors and windows to protect your family and prevent thieves from stealing cash, electronics, jewelry and other physical possessions. But do you have deterrents to prevent the loss or theft of your electronic assets, including bank account and other information in your personal computers, at home and when banking or shopping remotely online?

Please CLICK HERE to review a guide with great information on what you can do to help prevent online fraud and theft.

Avoid ID Theft

Identity theft is a growing problem in the world, but there are certain things you can do to avoid ID theft. Below are different ways to deter, detect, and defend yourself against ID theft.

  • Central Bank will never initiate a request for sensitive information such as social security number, account number(s), PIN numbers or login information (id and/or passwords), nor will we ever request you to verify your account information via email.
  • Help us protect you by keeping your sensitive information such as social security number, account number(s), PIN number(s), ATM card(s) and checkbook(s) in a secure location and we strongly suggest that you do not share this information with anyone.
  • Email Disclosure: Information sent via email is not encrypted. Confidential information such as account and tax ID numbers should not be sent via email. The Central Bank is not responsible for the content or security measures provided by third party websites linked to this page.

The Federal Trade Commission wants you to help fight back against identity theft so for more information about ID theft, please visit their website at www.ftc.gov/idtheft.

DETER

Identity theft is a serious crime. It occurs when your personal information is stolen and used without your knowledge to commit fraud or other crimes. Identity theft can cost you time and money. It can destroy your credit and ruin your good name.

Deter identity thieves by safeguarding your information.

  • Shred financial documents and paperwork with personal information before you discard them.
  • Protect your Social Security number. Don’t carry your Social Security card in your wallet or write your Social Security number on a check. Give it out only if absolutely necessary or ask to use another identifier.
  • Don’t give out personal information on the phone, through the mail, or over the Internet unless you know who you are dealing with.
  • Never click on links sent in unsolicited emails; instead, type in a web address you know. Use firewalls, anti-spyware, and anti-virus software to protect
    your home computer; keep them up-to-date. Visit www.OnGuardOnline.gov for more information.
  • Don’t use an obvious password like your birth date, your mother’s maiden name, or the last four digits of your Social Security number.
  • Keep your personal information in a secure place at home, especially if you have roommates, employ outside help, or are having work done to your house.

DETECT

Detect suspicious activity by routinely monitoring your financial accounts and billing statements.

Be alert to signs that require immediate attention:

  • Bills that do not arrive as expected
  • Unexpected credit cards or account statements
  • Denials of credit for no apparent reason
  • Calls or letters about purchases you did not make

Inspect:

  • Your credit report. Credit reports contain information about you, including what accounts you have and your bill paying history.
    • The law requires the major nationwide consumer reporting companies – Equifax, Experian, and TransUnion – to give you a free copy of your credit report each year if you ask for it.
    • Visit www.AnnualCreditReport.com or call 1-877-322-8228, a service created by these three companies, to order your free credit reports each year. You also can write: Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281.
  • Your financial statements. Review financial accounts and billing statements regularly, looking for charges you did not make.

DEFEND

Defend against ID theft as soon as you suspect it.

  • Place a “Fraud Alert” on your credit reports, and review and reports carefully. The alert tells creditors to follow certain procedures before they open new accounts in your name or make changes to your existing accounts. The three nationwide consumer reporting companies have toll-free numbers for placing an initial 90-day fraud alert; a call to one company is sufficient:
    • Equifax: 1-800-525-6285
    • Experian: 1-800-EXPERIAN (397-3742)
    • TransUnion: 1-800-680-7289
    • Placing a fraud alert entitles you to free copies of your credit reports. Look for inquiries from companies you haven’t contacted, accounts you didn’t open, and debts on your accounts that you can’t explain.
  • Close accounts. Close any accounts that have been tampered with or established fraudulently.
    • Call the security or fraud departments of each company where an account was opened or charged without your okay. Follow up in writing, with copies of supporting documents.
    • Use the ID Theft Affidavit at ftc.gov/idtheft to support your written statement.
    • Ask for verification that the disputed account has been closed and the fraudulent debts discharged.
    • Keep copies of documents and records of your conversations about the theft.
  • File a police report. File a report with law enforcement officials to help you with creditors who may want proof of the crime.
  • Report the theft to the Federal Trade Commission. Your report helps law enforcement officials across the country in their investigations.
    • Online: ftc.gov/idtheft
    • By phone: 1-877-ID-THEFT (438-4338) or TTY, 1-866-653-4261
    • By mail: Identity Theft Clearinghouse, Federal Trade Commission, 600 Pennsylvania Ave., NW, Washington, DC 20580

Common Ways ID Theft Happens:

Skilled identity thieves use a variety of methods to steal your personal information, including:

  • Dumpster Diving. They rummage through trash looking for bills or other paper with your personal information on it.
  • Skimming. They steal credit/debit card numbers by using a special storage device when processing your card.
  • Phishing. They pretend to be financial institutions or companies and send spam or pop-up messages to get you to reveal your personal information.
  • Changing Your Address. They divert your billing statements to another location by completing a “change of address” form.
  • “Old-Fashioned” Stealing. They steal wallets and purses; mail, including bank and credit card statements; pre-approved credit offers; and new checks or tax information. They steal personnel records from their employers, or bribe employees who have access.

For More Information

To learn more about ID theft and how to deter, detect, and defend against it, visit www.ftc.gov/idtheft. Or request copies of ID theft resources by writing to:

Consumer Response Center
Federal Trade Commission
600 Pennsylvania Ave., NW, H-130
Washington, DC 20580