Here at CTI Technology, we spend our time safeguarding critical data so our customers can focus on what they do best – running a business. Sometimes, the greatest threats to our data security come through emails. We’ve all been repeatedly warned to check for suspicious downloads, but often Trojan horses come with a logo from your local bank or credit union. Why rob a bank in person when you can just politely ask for someone’s account information… and get it?
Cyber bank robbers have the resources and the financial incentive to develop sophisticated techniques to convince unsuspecting victims to hand over information to them. In the online fraud world, it’s called “phishing.” Instead of putting a worm on the line, they just send you a friendly notice from “your bank” with a logo that looks real. Hackers can even uncover your location from your email address and use a regional bank logo. Even the most wary of email users can be caught off guard.
According to the Charlotte Observer, phishing schemes are on the rise because… well, they work. Criminals involved in phishing can be found all over the world, although Asia and Central Europe are hotspots and some of the fraudsters tap away on laptops eight to 12 hours a day in warehouse-sized buildings that can house 100 or more cybercriminals.
Email has become a central part of our lives, but it was never designed to be a secure communication medium. As such, banks don’t use it to request information from you. Never trust an email asking for bank account information. Call your local bank branch instead to verify an email communication that asks for sensitive information.
Here are some tips to keep you – and your company’s bank account – safe from cyber criminals:
- If you receive an email, check for misspellings and poor grammar. This is often a dead giveaway.
- Before clicking on a link, check the URL. Often the fake URL will have the bank name in it, but it will not be a direct bank link.
- Use two-factor authentication for your bank accounts.
- Don’t store your bank or personal security passwords on an online storage system or email system. If a hacker gets into your online account, they then also have access to your passwords and other sensitive information.
- Set limits on who and how much can be wired from your accounts and be sure to close any unused bank accounts.
- Trust your instincts if you get a bad feeling in your gut about an email or an attachment. Sometimes your subconscious sees patterns that you may not have consciously put together yet. If you have even the slightest doubt, delete the email and call your financial institution.
Any company can be vulnerable to attack. Recently in August, CSO reports that Ubiquiti Networks, Inc., a company that manufactures high-performance networking technology, fell prey to a more sophisticated email phishing scam, costing them more than $39 million. More importantly, it reminds us that even if companies use heavy encryption and coding to protect their data, security can easily be breached right through the front door. With the increased use of online banking and big potential payoffs for cyber criminals, this threat will only increase.