Your identity is one of the most valuable things you own.
Personal Identity Theft
It’s important to keep your identity from being stolen by someone who can potentially harm your good name and financial well-being. Identity theft occurs when someone uses your name, address, Social Security Number, credit card or financial account numbers, passwords and other personal information without your knowledge to commit fraud or other crimes. While the words may sound like a foreign language — Phishing, Pharming, Vishing, Spyware, Dumpster Diving — they are actually techniques used by thieves to put your identity and finances at risk. And their attacks grow more frequent and sophisticated every year. Identity theft is the fastest growing crime in the United States. According to the US Department of Justice statistics, it’s now passing drug trafficking as the number one crime in America.
• Phishing – the attempt to acquire sensitive information by masquerading as a trustworthy entity in an email
• Pharming – cyber-attack intended to redirect a website’s traffic to another, fake site.
• Vishing – using the telephone in an attempt to scam the user into surrendering private information that will be used for identity theft
• Spyware – software that enables a user to obtain covert information about another’s computer activities by transmitting data covertly from their hard drive
• Dumpster Diving – sifting through waste to obtain items that have been discarded by their owner containing sensitive information that will be used for identity theft
Business Identity Theft and Corporate Account Takeover
All America Bank encourages its business customers to perform a self-assessment of risks associated with the customer’s computer systems and business practices. This risk assessment should include an assessment of the risks associated with the following systems and other information technology that may apply, as well as mitigating controls that are in place to prevent the risks:
• Is a firewall utilized?
• Is anti-virus protection provided?
• Does the company maintain a web page?
• Do employees have limited access to the internet?
• Is an anti-phishing system employed?
• Are employees allowed to access personal email accounts?
• Is there a prohibition on sending non-personal company information, such as bank account number by unsecured email?
• Is email SPAM filter being used?
• Are procedures utilized that require dual control over important functions?
• Are employees’ duties clearly defined by job description?
• Are employees required to swap duties?
• Do employees go through security awareness training?
• Do employees lock their workstations when they leave them?
• Is wireless technology used on the network?
• How are passwords protected?
• Do you create back-up copies of information?
• Are critical systems located in a secure area?
The underlying purpose for the self-assessment is to determine where weaknesses exist and to identify controls that may help to mitigate these risks.
Corporate Account Takeover
Corporate Account Takeover is the business equivalent of personal identity theft. Hackers, backed by professional criminal organizations, are targeting small- and medium-size businesses to obtain access to their web banking credentials or remote control of their computers. These hackers will then drain the deposit and credit lines of the compromised bank accounts, funneling the funds through mules that quickly redirect the monies overseas into hackers’ accounts.
As a business owner, you need an understanding how to take proactive steps and avoid, or at least minimize, most threats.
• Use a dedicated computer for financial transactional activity. DO NOT use this computer for general web browsing and email
• Apply operating system and application updates (patches) regularly
• Ensure that anti-virus/spyware software is installed, functional and is updated with the most current version
• Have host-based firewall software installed on computers
• Use latest versions of Internet browsers, such as Explorer, Firefox or Google Chrome with “Pop-up” blockers and keep patches up to date
• Turn off your computer when not in use
• Do not batch approve transactions; be sure to review and approve each one individually
• Review your banking transactions and your credit report regularly
• Contact your Information Technology provider to determine the best way to safeguard the security of your computer and networks
Call us immediately at 888-210-2028 if you believe that your All America Bank® account has been compromised or you feel you need to consider additional authentication options.