Cyber Security – Video Transcripts

Phishing and Smishing - Video Transcript

Fishing and Smishing, shady? Fishing is when a fraudster tries to steal personal information, often through email. To keep safe from fishers. Make sure you remember the "shady" approach to email security.

S-Secret. Always keep personal information secret, especially over email. This applies to your clients info as well. If you need to exchange personal or financial information, do so verbally over a secured email or through a secured form.

H- Hover over a link before clicking it. When you Hover, your email client will show you what the link points to. Also, never click a link to any financial website, type the address in manually or use a saved bookmark.

A-Attachments should not be clicked. Never click an attachment you weren't expecting. Even documents can have viruses embedded that can steal your info, damage your files or spy on you.

D-Difficult passwords help prevent people from hacking your accounts. Make sure that your password is strong and that you use a different password for each application. Acronyms can be a good way to generate and remember unique and secure email passwords like this. "I can't go five minutes without getting an email!" Turn into the password I-C-G-5-M-W-O-G-A-E-M-!

Y-You should ask yourself whenever you get an email, was I expecting this? You should be careful with every email you get, but make sure that you're extra careful about emails that you weren't expecting. Question. Always question electronic messages, especially if it's either making promises or threatening actions. Phishers often pose as your financial institution or the CRA to make you panic, or they will send emails from hacked accounts of friends or clients to lower your guard. Question and be skeptical until you are sure.

Conclusion, your credit union cares about your online safety and should be contacted if you have any concerns about cyber security and your account.

PC Hygiene – Video Transcript

PC Hygiene is how we keep our computers clean of malware that can damage our files or compromise our systems. Good software helps stop bad guys. Always allow updates for all your programs and run regular scans with the full antivirus suite.

These are good investments. Stay protected Remember, patches are important too. Always back up important files every day to an offsite storage device. Backups can help save you from both hacker attack and hardware failure. Don't forget to test your backup. Only trust your PC help to reputable professionals. Never let a stranger remotely access your system. Never pay out to ransomware they might just take your money or install another ransomware virus to hit you for another payout.

PROTECT.

P-Patch to stay up to date.

R-Run regular scams.

O-Only trust professionals.

T-Turn down a stranger's request to remote access your system.

E-Ensure your files are backed up.

C-Check your backup.

T-Threats happen. Be prepared.

Your credit Union cares about your online safety and should be contacted if you have any concerns about cyber security and your account.

Internet Safety – Video Transcript

The four cornerstones of Internet Security - Safe. The Internet is fraught with dangers. These four Internet safety cornerstones can help to keep your information secure.

SAFE.

S-Secure Passwords. Always use secure password. Never reuse passwords. If criminals obtain your username and password from one site, they will try other popular sites with the same credentials. Never share your Pin and never share your online banking login details.

A-Always type login addresses manually or use a saved bookmark. Never follow an email link to a login page. It may be a phishing email trying to trick you to go to a spoofed login page. It may look real, but it's not.

F-Financial Information shared on secure home Wi-Fi only. Assume that everything you do over public Wi-Fi is being launched, especially on mobile devices. Never do any financial site logins or transactions on a public wireless internet connection. If you need to conduct financial business in a coffee shop, turn off Wi-Fi and use your cellular data instead. Always assume that public Wi-Fi networks could be recording your actions.

E-Enable and install all updates and patches updates, remove vulnerabilities and keep your information and identity safe.

Your credit Union cares about your online safety and should be contacted if you have any concerns about cyber security and your account.

Are you under attack? – Video Transcript

Are you under attack? Social engineering is the art of manipulating end users into providing personal or confidential information. Attacks come in many forms. Learn to spot them.

ATTACK.

A-An email. Phishing emails may look legit. Always question links, attachments, threads or emails from someone unexpected.

T-Trick Websites. They are made to look like trusted websites, but often have spelling or grammar errors or a slightly different URL. Farming the data from these trick websites allows criminals to gather personal details and record your keystrokes.

T-Text Messages. Social engineers will send you a text and award a prize or make another very attractive offer. If you click on an unknown SMS message, it could put your mobile device at risk.

A-A telephone call. Oh sure, they say they're from Canada Revenue Agency or Microsoft, maybe even your financial institution. They want you to disclose personal information. Ask yourself, why would I provide those details if I didn't initiate the call?

C-Contest winner. Congratulations, you've won a big contest. Do you remember entering? If not, it may be an attempt to gather personal information. Don't fall for it.

K-Keyloggers. You're browsing a familiar um site and receive a pop up. That offer looks too good to be true. If you click. A social engineer may be trying to capture sensitive information. Social engineering is on the rise.

Watch for these signs of an attack and take these additional precautions. Ask Questions Don't feel pressured into providing any information you may not feel comfortable providing. Never share your ID, passwords or any answers to your security questions. Use caution when entering sensitive information with websites that don't begin with Https or when something arrives that you are not expecting. Then hang up, delete or exit and remember to report anything suspicious.

Your credit union cares about your online safety and should be contacted if you have any concerns about cyber security and your account.

Ransome – Video Transcript

You've been hacked!

Ransomware is malicious software that aims to restrict or deny access to your computer or files until you pay up - simply don't do it! Ransomware has been around for years cybercriminals attempt to infect computers, network files, cloud or other storage locations anywhere your most sensitive data is stored.

What does it look like and how do you know if you've been hacked?

Locker ransomware locks access to your computer. You'll see a pop-up when you try to log on. They'll tell you you've been caught doing something illegal and you must pay up to regain access. Don't do it!

It's not a fine, it's a cybercrime.

Crypto ransomware restricts your access to files by encrypting them. Encryption algorithms are serious business and often cannot be broken. What do you do after you've been infected? Shut down your computer immediately, disconnect any external media and take it to an authorized support center.

Never pay ransom unless you want them coming back for more and you are never really guaranteed that you'll gain access to the files you need. Luckily, you can restore your files from a backup. You've backed up your files, right? Prevention is the best form of defence against ransomware.

P - Perform regular updates and set them to automatic if you can.

R - Require USB or other data storage devices to be antivirus scanned before using them.

E - Execute software on your computer only if it has been downloaded from a reputable source.

V - Verify all emails, phone calls, or text messages received are related to you before opening or clicking any attachments and links embedded.

E - External storage should be used for backed-up files. Backing up your files is a must and highly recommended to be used.

N - Never be without malware protection software. There are many reputable security suites available at your local retailer to help keep you up-to-date and protected.

T - Trust your instincts and conduct online research if something does not feel right. Often people who have been victimized provide useful information online to warn others.

Your credit union cares about your online safety.

Stay Diligent – Video Transcript

Here are a few tips to stay diligent and protect yourself when doing your banking online.

D - Devices that are used to access your accounts should be protected by a pin. Always make it difficult for unauthorized users to gain access to your information.

I - Invest in a password manager to help you create strong passwords. If a password is compromised, it creates an opening for other sites to be attacked. Don't use the same password for more than one application or website. To avoid someone, compromising one account and then having full control to everywhere that same password is used.

L - Log out every time you finish your online banking and never save your password or username in your browser when using a device you don't trust.

I - Issues can be detected early by actively monitoring your accounts. Set automatic alerts to notify you of any vendor addition, new payments, email, money transfer, and any change to your passwords or personal info.

G - Guard against unauthorized account access by using enhanced login or multifactor authentication if it's available. Avoid the use of public WiFi or computers when accessing your financial information. If you're logging in to do your banking, use your home Internet or cellular data instead.

E - Engage in account transaction reviews and actively monitor your financial accounts. Small, unknown transactions might be the first sign of a hacker's attack.

N - Never disclose your personal or login information to anyone. Your credit union will never call, text, or email to ask for these types of personal details. Confirm the URL address when doing your online banking and always navigate to your bank or credit union's website rather than clicking on a link that is sent to you.

T - Take the time to verify your antivirus software is up to date on every device in your household, including mobile devices. Don't forget your phones and tablets.

Web browsers and operating systems must have the most recent security patches in place in order to protect you and your account information. Protect your personal information and your finances by staying diligent when you bank online.

Your credit union cares about your online safety.

Fraud and Privacy Part 1 – Video Transcript

Protect your privacy and don't become a fraud victim - Part One Spotting the Red Flags of an Online Scam.

Have you ever been targeted by fraudsters using email or telephone scams to get your private information? Once scammers have your information, they can use it to access your financial accounts, change your passwords, and even steal your identity. But you can reduce your chance of being a fraud victim by learning how to spot the red flags that you're being scammed.

How Fraud Occurs
Fraudster's two most common ways to get your personal information are telephone scams and email phishing scams in most scams, perpetrators try to instill a sense of fear or urgency in their messages to try to get you to act without thinking. And if anyone asks you to make a payment with gift cards, it's a clear red flag that you're being scammed. There's no way to pay bills, fines or fees using gift cards.

Telephone Scams
The government Agency Scam is one of the most popular telephone scams, callers pretend to be from legitimate government agencies like the Canada Revenue Agency, Canadian Border Services, or even RCMP. The caller will usually explain a false situation like you haven't paid all your taxes and demand that you send money to settle your account or face a serious consequence like the potential of being arrested. The red flag here is that government agencies don't ask you to send money or personal information over the telephone.

The Special Offer Telephone Scam
Another common red flag is when you get a call with a special offer or to tell you that you've won some money and to claim the prize, all you need to do is confirm your identity. This one can be hard to spot. The questions might seem harmless relating to your personal life or things that are most important to you, but that's the sort of information that your bank or other organizations use to identify you when you call. Except now that the fraudsters have it, they can use it to get into your bank accounts and change your passwords so that you can't access your money.

The Charity Scam
Maybe the worst type of phone scam is when callers try to take advantage of your generosity. Posing as representatives of charitable or not-for-profit organizations, callers will direct you to a fake website to make a donation. You should only use your credit card online with known reputable organizations. If callers aren't willing to give you the information you need or something just doesn't seem right, trust your instincts and disconnect.

Phishing Scams
Phishing is perhaps the oldest online scam. Phishing scammers use malicious emails to try to get passwords and financial data from you. They are literally phishing for your personal information. Like telephone scams, there are many different types of phishing scams to watch out for.

Deceptive Phishing
In deceptive phishing, a bogus email will take you to a fake site that is designed to look like a real company site. Once there, you're asked to enter your personal information, which the scammers record.

Spear Phishing
Spear phishing is more directly targeted at the email recipient. The email can look like it's from a trustworthy source and may even be personalized with your name, like deceptive phishing clicking on a link in a spear phishing email may send you to a legitimate-looking but fraudulent website. The link in the email might also trigger the download of malware onto your computer.

Phishing
Phishing is yet another form of phishing. If you've been targeted for a phishing attack, you may get an email claiming that the sender needs to verify your personal information or there is a problem with your account.

The Romance Scam
There's one scam that may be done by email, by telephone, or both. The scammer won't ask for money upfront, but the scam can cost the victim tens of thousands of dollars. Romance scammers hunt social media and dating sites for their next target. They get into an online relationship with the victim and they can carry on the scam for weeks or months to make it look like they're really interested and even in love with the victim. Romance scammers will say they're from another city or country. That way, claiming to be short of cash, they can ask the victim to send money for a plane ticket to meet the victim. Another frequent romance scam tactic is to claim that a loved one is in need of an expensive medical procedure. Of course, if the victim sends any money, the phony lover is never heard from again. You should always be on the lookout for fraud and privacy scam red flags but there are other red flags that you should be aware of if you don't want to become a victim.

Red flags that you might be waving
Red flags that scammers look for to identify you as a possible target. Even what seems like a normal activity can give fraudsters everything they need to log into your accounts. Keep all of the following in mind as you go through your day to lower your chance of attracting scammers:
Using Social Media posts as a source for passwords
Be careful how you use social media. Your posts could provide answers to your security questions.

If you post a lot of windsurfing images, don't make windsurfing your password using the same password more than once passwords are always difficult to remember, but you should avoid using the same password across many websites. If an attacker gets that password, they can easily use it on another site. Each password should be unique, and you can use a password manager to keep track of them all.

Using Unprotected Email Accounts
You use your email account to access many other accounts, so protecting it is very important. Make sure the email account used for your financial institution is protected with a long password and any other security features available, like multiple levels of authentication.

What you'll learn in Protecting Your Privacy and Don't Become a Fraud Victim - part two. We've covered a lot of ground in looking for the red flags of an online scam and avoiding not raising any red flags ourselves. But we're just getting started in protecting your privacy and don't become a fraud victim Part two - Protecting yourself when there are no red flags.

You'll learn how to spot when you're being victimized by a scammer, even when there are no signs of a scam.

Fraud and Privacy Part 2 – Video Transcript

Protecting your privacy and Don't Become a Fraud Victim - Part Two

Protecting yourself when there are no red flags. In protect Your Privacy and Don't Become a Fraud Victim Part One we learned how to spot the red flags of being victimized by two of the most common scams telephone and email phishing. But even if you get really good at spotting all the red flags of fraud and privacy scams, you still can be victimized without knowing it. The following tips will give you another layer of protection for when there are no red flags to warn you.

Create Alerts and Notifications

Create alerts and notifications to uncover suspicious activity in your account and pay attention to all the alerts and notifications you get, even those you didn't create. You should set up alerts for the following areas:

Bill payments and eTransfers alerts for bill payments and eTransfers will tell you when money is being taken out of your account.
New bill payment or eTransfers recipients alerts for new recipients of bill payments or eTransfers will let you know if a bogus recipient has been added to your account login.
Notices if you get a notice that your account was logged into and it was not you, you should notify your bank.
Password Changes if you're notified of a password change you did not make, contact your bank as soon as possible.

What can you do if you've become a victim of fraud?
No matter how many layers of protection you give yourself, you still may become the victim of a fraud or privacy scam. If it happens to you, try not to panic, the sooner you take action, the better. Collect your thoughts - it's important to take the time to collect your thoughts, stay calm and think about what you have to do. That starts with gathering together relevant documents, receipts and copies of emails and other messages.

Contact your financial institutions as soon as you can report the incident to the financial institution where the fraud occurred. You should place flags on all of your accounts, change all your passwords, and report the fraud to the Equifax and TransUnion Credit Bureaus.

Call the Police it's also important to report the incident to your local police and ask them for a file number. Contact the Canadian Antifraud Center, 1888-495-8501 https www.https://www.antifraudcentre-centreantifraude.ca/ you should also notify the Canadian Antifraud Center on their online fraud reporting system.

Finally, depending on the type of fraud or the type of information that was stolen, you should contact the respective authorities. For example, if you gave out your passport number, you should report the incident to Passport Canada. Falling victim to fraud or privacy scams can happen to anyone but the more you learn about spotting the red flags that give the scam away, the less chance you'll have of becoming a victim them.