Protect Yourself Against Phishing

Click here to load reader

  • date post

    05-Jan-2016
  • Category

    Documents

  • view

    48
  • download

    5

Embed Size (px)

description

Protect Yourself Against Phishing. The good news:. The number of US adult victims of identity fraud decreased from 9.3 million in 2005, to 8.4 million in 2007. Total one year fraud amount decreased from $55.7 billion in 2006 to $49.3 billion in 2007. The bad news:. - PowerPoint PPT Presentation

Transcript of Protect Yourself Against Phishing

  • Protect Yourself AgainstPhishing

  • The good news:The number of US adult victims of identity fraud decreased from 9.3 million in 2005, to 8.4 million in 2007.

    Total one year fraud amount decreased from $55.7 billion in 2006 to $49.3 billion in 2007

  • The bad news:Even though the number of victims and dollar amounts are down, its still a significant problem. The crooks committing the crimes are becoming smarter making it more difficult to isolate attempts at identity theft.

  • What is identity theft?

    Someone uses your personal identifying information to commit fraud or theft.

  • How can someone steal my identity?Dumpster divingShoulder surfingPretext callingMail theftWorkplaceSkimmingTheftChange of addressPhishing

  • What is phishing?Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. http://en.wikipedia.org/wiki/Phishing

  • What is phishing?

  • How to identify a phishing email: Typically use a generic greeting Frequently the messages will refer to an urgent problemMay ask for personal account information such as: Account numbers Date of birth Internet passwords and user names

  • How to identify a phishing email (cont): Provide links that include a legitimate companys name or web address, but the legitimate company has been spoofed. Fraudulent emails will disguise or forge the senders email address so they look legitimate. E-mails & pop-up websites may include incorrect grammar.

  • SCU examples:The following slides are actual examples of phishing emails members and non-members have received.

  • What steps should you take? Call or visit your local SCU branch office Call 1-800-936-7730 Email us at security@servicecu.org

  • Remember . . .Service Credit Union will NEVER ask for your account information, PIN, password, or other personal information in an unsolicited request via email.

  • If youve opened the email, dont follow the link.Dont reply to the email.Dont email personal or financial information.If youve received a phishing email:

  • If youve received a phishing email (cont.): Forward the email to spam@uce.gov Forward any SCU emails to security@servicecu.org Report the incident to the Internet Crime complaint Center at www.ic3.govFile a complaint at www.ftc.gov or call toll free 1-877-382-4357, TTY: 1-877-653-4261

  • Protect yourself! Install and update current virus software Install firewall software to partially guard against spyware Use a secure browser

  • More information?For more information on how to protect yourself and additional links to sites dedicated to protecting yourself against phishing, visit: servicecu.org scambusters.org antiphishing.org

  • Questions?

    nlayton@servicecu.orgsecurity@servicecu.org

    Welcome to Service Credit Unions online seminar, Protect Yourself Against Phishing.

    Over the past few weeks many members and non-members have been targeted by scam artists sending emails claiming to be Service Credit Union. This webinar will alert you to what emails you could expect from Service Credit Union and what we wouldnt send out. Much of this information, is applicable to phishing in general, however, not specific to Service Credit Union.Phishing is one of the many forms of identity theft. There is some good news, however. As consumers become more vigilant in educating themselves on identity theft.

    The good news is read slide.

    After slide

    The next few slides will be a refresher on identity theft.

    What is identity theft? We hear about identity theft all the time television and magazines frequently have stories about victims of identity theft. Simply put identity theft is when someone gets hold of some of your identifying information and they use this to commit fraud or theft.

    There are several ways your identity may be stolen.

    Here are but a few ways that people can steal your identity:Dumpster Diving is when someone goes through your dumpster, garbage, or trash.Should surfing, the crook looks over your shoulder to try to see you entering a pin, or see your account numberPretext calling placing a call and pretending to be someone theyre not.Mail theftWorkplace Skimming is a small device that the crook will place in an ATM card reader. Sometimes they stick out of the ATM. Dont use it if it looks at all suspicious. Also use a secure ATM, one with cameras.TheftChange of address the criminal will change your address and have your information sent to a different address. Of course this gives the criminal access to your statements and account numbers.Phishing which is what this online seminar will cover..

    The focus of todays webinar is on phishing.

    What exactly is phishing? Read definition.

    Todays webinar will provide you with ways to protect yourself from phishing. Much of what Ill discuss is information on Service Credit Unions website. I will also provide you with links to other sites, which will give more information about phishing, how to protect yourself as well as where to report it.

    Since October 25 of this year, Service Credit Union has been the target of many phishing scams. We wanted to point out a few today, while these are credit union examples, much of what youll see can easily be applied to other scams you may receive via email. Many financial institutions are victims of this type of scam. For example, Capital One, Pay pal, Bank of America, Citibank, Citizens, eBay are only a few of the reputable companies which have been scammed.

    The last slide explains what phishing is but why is it called phishing? The crooks put out a line in this case in the form of emails. They are fishing for information and their hope is that there are a few people out there who will take the bate. Dont be one of them!

    You may be concerned as to how these scammers got hold of your email addresses, how did they even know you were a Service Credit Union member? Well they dont. Scammers procure masses of email addresses from various sources. They send out a blanket of emails knowing some of the emails will be sent to credit union members.

    Here are a few ways that you can identify a phishing email. Often times if there is a suggestion of urgency, the recipient is more apt to give out confidential information.

    Spoofing is a legitimate website which has been copied for fraudulent use.Before I show you bogus emails, I am going to show you a sample of a legitimate email from Service Credit Union. This is a sample of eNews. To get eNews you must sign up. It comes in the body of an email. Notice that no where does it suggest urgency. The necessity of updating your information. If you had any concern about any of the links, you could easily access this information by going to the official SCU website.

    Now, onto some actual examples, some members and non-members have received.This may look legitimate, but if you are a credit union member, there are two obvious errors,The first is referring to contacting customer service. If you belong to a credit union you are a member.Secondly, credit unions are not insured by FDIC, they are insured by NCUA.

    This is an email that was sent out a few weeks ago. SCU has sites in several Wal-Mart stores in New Hampshire. So the connection of Service Credit Union and Wal-Mart may not seem unusual. However this email has some obvious grammatical errors in the copy.

    This starts right out by addressing the member as customer. There is a typical grammatical error, but it also includes a link. While the link looks legit, if you would click on it, it would take you to a fraudulent website, but if you enter the address of the link in your browser, you will be directed to Service Credit Unions actual website to log on.

    This emphasizes to login as soon as possible.

    This email also has grammatical errors, but a few other clues are:the greeting is Dear Service Credit Union, which obviously wouldnt be the recipients name and its signed by Service Credit Union.this link may look legitimate, but in this particular example, when you ran your cursor over the link, a totally different address came up

    the urgency to update your information immediately.

    Like the previous examples, this email also has some grammatical errors, but this particular email has a different twist. Its asking you to call an 800 number. If called, they answered by saying Service Credit Union followed by asking for a lot of personal information.

    What do you do if you get this kind of information. This email looks legitimate, so how would you know? How can you protect yourself?

    If you feel that youve received a phishing email from the credit union, please do one of the following:Read slide

    By alerting the credit union that youve received a bogus email, you give us an opportunity to shut down the site.Here are a few tips to remember if you happen to receive a phishing email. Read slide

    If you arent sure that that the email is legitimate or not, contact the supposed sender, but DO NOT use any type of link or phone number within the body of the email. Either get the number from the phone book, a statement, the official website, or the back of your credit card.

    Here are a few ways to protect yourself before youre a victim of a phishing attempt.

    Much of the information Ive provided today comes from the Service Credit Union website, but there is a lot more information on the site.

    The last two websites provide names of various virus software as well as provide you with other information on protecting yourself. Scambusters puts ou