Preventing and Defending Yourself Against Cyber Attacks

Most people keep their “life” on their smartphones, tablets, and computers. People store emails, texts messages, photos, passwords, address and contact information for family and friends, a even credit card information. Imagine if someone got a hold of these devices. Cyber criminals could use this information to steal your money or commit other forms of identity theft.
What is Cyber Crime and How Does It Work?

Cyber criminals want to steal from you. Once someone has access to your personal information, they can make purchases on an existing account, open new accounts redirected to their address, take out a loan for a vehicle or home in your name, or empty your bank account, leaving you with a financial mess in their wake.

Sometimes, in the case of unauthorized use of an existing credit card, the bank or merchant bears the financial loss. Other times you can lose money, suffer from bad credit for years, and spend hours undoing the acts of criminals. In 2015 consumers and businesses lost over $158 billion dollars due to cyber crime.

One challenge consumers face is the advancement of technology and the ever changing methods of cyber crime. Staying ahead of criminals who circumvent the laws and programs designed to stop their practices takes vigilance for both consumers and businesses.

Identity theft can occur when you pay your bill at a restaurant to organized crime rings that gather and sell customer data. Advanced criminal activity can involve trolling on unsecured networks to using sophisticated hacking systems to break into business websites. Regardless of how it happens, it can take time and money to address the problem.

Most Prevalent Types of Schemes

A.    Email Spam. A spammer will send an unsolicited email, with a link or attachment, often appearing to be from a vendor or person you know. When you open the document, it downloads malware that can now track your online movements. When you log into your bank website, the thief can see your account and obtains your passwords.

The Solution: Control spam filters to catch links from unknown sources. Keep virus protection updated and never open links from unknown sources. Keep software from your browser, email provider, and other common programs up to date and delete spam on a regular basis.

B.    Phishing.  Phishing emails imitate companies you are likely to do business with or places you carry an account. Any email asking for personal information is considered phishing. If you follow the link, you land on a website that looks like the real company website - only it is an imposter that will give criminals your personal information.  A phishing email may come from your bank alerting you to a locked account and the need to reset your password. If you don’t do business with the company, it is easy to identify a phishing email. However, banks and financial institutions send similar emails that are real making it easier to be deceived.

The Solution: If you recognize and do business with the company that is soliciting you, instead of clicking on the link, go directly to the website through the search engine. Sign in and check for messages regarding your account. You can also call the 800 number (not the number provided in the email) for an update on the account status. Many companies encourage you to forward such emails to them allowing them to take action against the illegal activity. To report the spam to the government agency forward the email to [email protected]

C.    Social Media Attacks. Advertising on social media has become mainstream. Sharing information and news has become the norm. You might see posts with breaking news or a medical breakthrough, enticing you to follow the link to the story, only to find they are requesting personal information.

The Solution: By increasing privacy settings on social media accounts, and using caution when following sensational posts, you can reduce the incidents of fraud. Another important precaution is to never provide personal information on these websites, including notifications about being away from home.

How to Respond When Financial Data is Compromised

Identity theft can cost you both time and money as you try to undo the damage of a cyber attack. Here are a few key steps to remember, if it happens to you.

Shut It Down. As soon as you notice a problem call your financial institution and shut the account down.   This action will prevent further losses and protect you against liability. Typically when fraud involves a credit card or bank account you have zero liability as long as you notify the financial institution as soon as you become aware of the problem.

To find fraud check statements closely as they come in each month to compare with your purchases.

Monitor Your Credit. After an attack, it becomes essential to monitor your credit, so you can quickly identify and stop any new accounts, activity or fraud that may occur over the coming months.   In some cases, you may qualify for free credit monitoring for a year. In all cases, when you experience fraud you can qualify you for a free copy of your credit report to review its accuracy and close any accounts resulting from the breach. A credit review will help you identify new and fraudulent accounts opened in your name but will not address individual charges made on open accounts.

Check All Accounts. If you notice fraud on one account, check every account closely for at least 90 days to ensure the problem is not widespread.

Report the Fraud to The Federal Trade Commission (When fraud occurs on multiple accounts, you should report the event to the FTC which will then work to stop the fraud. They only handle cases that impact multiple accounts. You may file a complaint online at FTC Complaint or call 1-877-ID-THEFT (438-4338).

File a Police Report. Make sure to retain your rights: Companies may request a copy of a police report to prove the fraud happened. It also gives you the right to free copy of your credit file, even if you have already received a free copy inside of 12 months.

Place a Fraud Alert on Your Credit File. A fraud alert requires banks to take additional steps before extending credit attached to your social security number. It is free to file, and when you file with one credit bureau, they notify the other two. The fraud alert lasts for 90 days and is free to file. With a police report, you can extend the alert an additional 90 days without having to re-file.

One of the best ways to prevent fraud is to pay attention to when and how you access information. Addressing fraud means paying attention to statements and reporting unauthorized charges immediately to minimize the damage.