Take Charge: Fighting Back Against Internet Threats
Federal Financial regulators are reporting that Internet threats have changed significantly over the past several years. Sophisticated hacking techniques and growing organized cyber-criminal groups are increasingly targeting financial institutions, compromising security controls, and engaging in online account takeovers and fraudulent electronic funds transfers.
In order to help ensure the security of your online transactions, we want you to know that we here at Forcht Bank are concerned with the security of your information and we take all possible measures to insure your information is kept secure.
Some of the newest attacks and techniques include:
key-logger software programs record the keystrokes entered on the PC and transmit a record of those keystrokes to fraudsters over the internet. The chart to the left breaks down malware by categories.
Man in the Middle (MIM)
In MiM attacks, the fraudster inserts himself between the customer and the financial institution and hijacks the online session. This method enables the fraudster to intercept the credentials submitted by the customer and log into the customer's account.
Man in the Browser (MIB)
In MiB attacks the fraudster places malware inside the customer's browser. While sitting inside the browser the malware is capable of stealing sensitive information and tampering with in-flight transactions. The malware can also inject fraudulent transactions into already authenticated sessions.
What can you do to fight back?
Use of Complex Passwords
- Keep your password secret, never share it or write it down
- Use alphanumeric passwords, which are at least 8 characters. Do not use phone number, I/C, birthdates
- Do not allow others to watch while you key in your password
- Report lost or stolen password
- Passwords should be changed immediately in response to evidence of password or system compromise
- Passwords should be changed often (at least every 30-90 days)
- Try not to reuse passwords
- Never use your Internet banking password for other web-based services such as e-mail or online shopping
- Do not keep your password in computers or mobile phones
- No employee of the bank should ask for your password
Password selecting methods
- Method 1
- Select two words or numbers which are easy to remember using some rules to combine them E.g., select '0509' and 'LAKE'
- The resulting password is: '0L5A0K9E'
- Method 2
- Using a phrase E.g., 'Catsupby3'
- Protect your PC from viruses and malicious programs by ensuring Anti-virus software are installed and running on your PC. Virus signatures should be updated regularly
- Do not install unlicensed software on your PC
- No downloading of programs from unknown or unreliable sources on the Internet
- If you are using a laptop, do not store your Internet Banking password in the laptop
- Do not use shared or public PC's for Internet Banking (i.e. Cyber cafes, PC's at public library, Airports)
- For IT savvy users, you may want to install a firewall program in your home PC to guard against external attacks
- Do not store your user ID and password when using Internet Explorer
- Internet Explorer browser should be configured to disable the password caching function
- Always remember to log-out
- Clear your browser cache after you have logged out from every Internet Banking session
- Broswers should be upgraded to support SSL 128-bit encryption or a higher encryption standard
- Check that the bank's website address changes from http://to https:// and a security icon that looks like a lock or key appears when the authentication and encryption is expected
- Check your account and transaction history details regularly
- At log-on time, if possible, check that the system's displayed time and date of last use reconciles to the time and date of your last legitimate use
In the event of compromise
Contact Forcht Bank as soon as possible and report the incident. Federal regulations provide consumers with some protections for electronic fund transfers.
- These regulations generally apply to accounts with Internet access and/or credit/debit cards. For example, these federal laws establish a $50 limit on a consumer's liability for unauthorized electronic fund transfers.
- Note, however, that in order to take advantage of these protections, you must act in a timely manner. So make sure you notify Forcht Bank immediately if you believe your account information has been stolen or compromised.