 |
Rates | GCFlash | Contact Us | Assets for Sale | Search | Site Map |
| About GCF | Online Banking Center | Personal Banking | Commercial Banking | Tools | Favorites | Our Communities | Contact Us |
|
||||
|
||||
|
|
||||
 |
||||
 |
SECURITY CENTER
|
ONLINE BANKING SECURITY ALERT
A new variant of the Zeus Trojan has been reported that targets online banking user names and passwords. The virus hides inside advertisements on legitimate web sites. Once the user clicks, malware is downloaded that lays dormant until the user visits their online bank site. It then captures login credentials and records account details, then proceeds to transfer your money to other bank accounts. PC users running Windows XP SP3, Vista or 7 have not been affected by this threat, nor have those with the latest anti-virus updates. The security in these products detects the code and stops the download. Threats have become increasingly more sophisticated, but so has the prevention. Vigilance remains your best defense. If you are using Windows XP SP2 or any version earlier, or don't automatically update your anti-virus software, get the latest product versions now. Configure your products to update automatically to eliminate your risk of becoming a victim. For more on how cybercriminals manage to hide such malware on legitimate sites, read the July 6, 2010 edition of GCFlash. Find complete coverage on the Zeus Trojan in the August 17, 2010 issue of GCFlash. NEW ATM CARD SCAM
A new scam email has been circulating, informing recipients their ATM card is in the sender's possession and outlining specific steps to retrieve it. View the entire message here. Note the poor grammar and spelling, typical of fraudulent activity. Should you receive this message, do NOT follow the retrieval instructions. DEBIT CARD SECURITY ALERT
New Development Reported 7-1-10: Increased fraudulent activity detected when cards used at hotels/motels. Please be advised that GCF Bank has been tracking fraudulent debit card activity since February of this year. We believe the point of compromise is software being used by liquor stores in our geographical location. At this time, GCF Bank is advising you that using your GCF Bank ATM/Debit card at liquor store, may potentially put your card information at risk of being compromised. While we understand the convenience of using your debit card will be lost when shopping at liquor stores, we feel it is also necessary for us to protect our customers by letting you know it may be safer to use cash at these merchants. If your card has been used at one of these merchants during the time frame we feel a compromise may have taken place, you will be receiving an email and/or written communication alerting you of this situation, with further information on how GCF Bank will be proceeding and instructions on what steps you need to take. GCF Bank recommends you monitor your account activity closely and alert us to any potential fraudulent activity as soon as possible. Should you have any questions regarding this activity please feel free to contact the Electronic Banking Dept by phone at (856) 589-6600, extension 300. Find details on recent security threats impacting our customers on our new Alerts page. Concerned about identity theft? So are we! This short video explains what we're doing to protect our valued customers. Information is your best prevention against cybercrime. This page is intended to help you better understand the types of threats consumers face today when conducting business online, provide tips to help prevent you from becoming a target and resources for victims. Most electronic fraud falls into one of three categories: PHISHING: Fraudulent e-mails, appearing to be from a trusted source such as your bank or credit card carrier, direct you to Web sites. Once there, you are asked to verify personal information such as name, account and credit card numbers, passwords and the like. These sites are often designed to look exactly like the site they are imitating. The information you provide is used to hijack your accounts and your identity. E-mails that warn you, with little or not notice, that your account will be shut down unless you reconfirm certain information, are very likely to be phishing. A newer tactic is to "confirm" personal credentials they supposedly have in their file, displaying false information. You call to correct the erroneous data and unwittingly provide them with the tools they need to steal your identity. Use a phone number or Web site address you know to be legitimate to check the source. PHARMING: Or "domain spoofing" is an attack in which a user can be redirected from a legitimate site to a fraudulent site and then fooled into entering sensitive data such as a password or credit card number. The fraudulent site often looks like the legitimate site e.g. your bank). It is different from phishing in that the attacker does not have to rely on having the user click a link in an e-mail to deceive the user. Even if the user correctly enters a Web address into a browser's address bar, the attacker can still redirect the user to a malicious Web site. MALWARE: Software designed to infiltrate or damage a computer system without the owner's knowledge or consent. It is a blend of the words "malicious" and "software." It includes computer viruses, worms, trojan horses, spyware, adware and other malicious and unwanted software. It's that time of the year again. What time, you may wonder? Doesn't matter. Whatever the time or event may be, you can count on scammers using it as a ruse to ply their trade. Read more UNDERSTANDING FIREWALLS
A recent survey of U.S. and U.K. computer users revealed that 25 percent did not know whether they had any privacy protection. Over half admitted they had no idea what the privacy settings on their browsers were. Do you know what keeps your computer safe? As the name implies, the firewall serves as a boundary to restrict information traveling between your computer and a network or the Internet. If used properly, the firewall is your defense against someone trying to hack into your system. If it's configured wrong, you're opening the door for an identity thief. Read more NOT SO PRIVATE
Back in the late '90s, when we installed our first computer network at GCF, there was much debate over whether we really needed all that fancy stuff. Technology was for the big guns at the time. An institution our size didn't REALLY need such automation. I can remember one department head that was meticulous in her job. She was a wonderful woman with a dedication and work ethic that's hard to find today. She would run numbers forward, backward and sideways if she could to validate her conclusions. That is, as long as she used a pencil and a ledger sheet. Holding that paper firmly in hand was material proof of a job well done. I sometimes wish life was that simple once again. Sure, that piece of paper could have been compromised. It could have missed the shredder and gotten thrown directly into the trash where a cleaning person could have stumbled on it. A disgruntled employee could have intercepted it and used that valuable information to make the bank look bad. But that would have been the worst of it. Read more... HELP FOR CYBERCRIME VICTIMS
Three Florida men were arrested for credit card fraud, and charged with the Heartland Payment systems security breach reported in last week's edition of GCFlash. More arrests are expected to follow. The men hacked into the processor's SQL database that stored credit card information and stole names, credit card numbers and expiration dates. No other personal information was compromised. To understand the full implications of this breach, let's first review the processing of credit card transactions. A customer walks into their favorite store, or visits an online merchant, and purchases an item. The merchant swipes their card, submitting the information electronically to the financial institution or organization they use to process the service and verify the transaction. Authorization is returned to confirm the transaction is valid. The information is then stored in a batch, which the merchant transmits to the processor later in the day to collect payment. Read more... PHISHING FOR TROUBLE
Despite efforts to curb phishing attacks, more aggressive tactics and black market tool kits have led to an increase in the crime according to a report by U.K. security firm MessageLabs. Their September 2007 report reveals that one in every 87.2 e-mails is a phishing attack, up from one in 93.3 in January 2007. The company finds phishing e-mails comprise 56 percent of all malware threats reported, such as viruses and Trojans. One factor contributing to the rise is the availability of phishing kits that make sophisticated attacks simple to carry out by even the most non-technical criminals. The technique allows each compromised computer within a botnet to host multiple phishing sites at the same time. These sites are then replicated across the entire botnet, making them harder to shut down. Read more... STOP SPYWARE BEFORE IT STOPS YOU
Are you inundated with constant pop up ads? Is your computer performing sluggish? Has your home page changed seemingly by itself? Your computer could be under the control of spyware. Spyware, and its counterpart adware, are computer programs that install themselves without your knowledge. While most offenders are advertising ploys that are merely annoying, others can suck up valuable computer resources or track your keystrokes and send your personal info back to their creator to steal your identity. Read more... FOOLING KEYLOGGERS
Keeping abreast of current events just might be the greatest benefit seen from the advent of global communications. Even if you live on a faraway tropical island, you're connected to the rest of the world through the Internet. And also prey to the same scams, threats and trickery you tried to escape when you chose to leave the "real" world. Informed readers already know that the greatest online identity theft risk comes through keyloggers. This type of software was developed to help companies monitor employee computer usage to assure they were using it for business purposes. But it didn't take long for crooks to see its potential. By installing the software without the user's knowledge, they could capture login names and passwords to a text file they could email back to themselves. Read more... |
