Cybersecurity and Banking
Cybersecurity in banking and financial institutions has never been more important. The cyber crimes committed by hackers grow in complexity every year in an eternal game of cat-and-mouse as countermeasures are devised, subverted, improved, and subverted once again. Banks, credit unions, and other financial institutions enjoy enormous trust from the public with regards to how they safeguard financial data and this is a trust that needs to be maintained as much as possible. Data security is not just a matter of protecting members and assets, but of preserving the faith of the people.
Consequences of Cyber Crime
Most cyber crimes can be categorized as either data breaches or sabotage. Breaches are relatively straightforward in the sense that they involve breaking through existing cybersecurity measures and harvesting financial data, client details, and other important forms of information. Sabotage is anything that is meant to impair or cripple operations such as denial-of-service attacks, releasing disabling viruses, or otherwise disrupting systems and infrastructure. Regardless of which type of attack is experienced, any or all of the following consequences are possible, among others.
The financial and personal information of members and clients can be used to steal identities and cause further monetary and personal damage to the victims as their lives are turned upside-down.
When data theft and fraudulent activity happens, half of banks affected receive less than a penny per dollar in reimbursement on the stolen funds. When combined with the money needed to repay customers and replace things like credit and debit cards, there is no way to ignore the financial impact a failure in cybersecurity can cause.
Protection cannot begin without a proper understanding of what exactly needs protecting and why. Any financial institution should have a risk assessment process in place that can classify various types of data and information by how damaging its loss or exposure would be to critical operations, business partners, members, etc. Once this is done, the next step is to identify any vulnerabilities that may exist. This can be complicated where cybersecurity and banking is concerned since, while a hole in a fence is obvious, a hole in a network protocol can be less intuitive. Fortunately, specialized firms exist that can provide vulnerability assessment services and help recognize vulnerabilities that need acting on.
Maximizing Protection of Financial Data
Things like risk assessments and vulnerability detection are important, system-level procedures for enhancing cybersecurity. However, there are also steps that can be taken on a more individual basis. Employees and members alike can benefit from employing the following tips to keep themselves smart and secure online.
Check Links Before Clicking
The link on a web site or email is not necessarily the one you will be directed to. Hover the mouse (without clicking!) over the link and see where the destination URL appears. Make sure that it says the correct destination. If the link is to a web site you already know and use, you can also try simply typing the URL you know into the address bar rather than clicking on an unsolicited link. There are also checkers, such as VirusTotal, which can be used to verify suspected links.
Use Secure Web Sites for Financial Transactions
Any time a web site wants to conduct a financial exchange is one that warrants a high level of scrutiny. The most immediate and prudent thing you should do is make sure the web site is actually secure. Look to the left side of the address bar for a padlock icon to indicate that the site is encrypted and its security is verified. Also make sure that the address begins with “https://”, which indicates that the site encrypts the data it receives and sends.
Use Official Banking Apps
Most banks, credit unions, or other financial institutions nowadays will offer specialized apps that let you conduct remote banking activities from a mobile device. Acquiring these apps from the official site removes the risk of inadvertently giving details to an imposter through your phone.
Use Two-Level Authentication
One of the strongest ways to protect access to an account is to use two-level authentication. When employed, entering the username and password is only the first step in logging in. A one-time code will then be sent to your phone and must be quickly entered in order to proceed further. Two-level authentication can be set on a per-computer basis, meaning that the code will be required if someone tries logging in from any other terminal. Even if your password is stolen, the account will remain secure.
Set Strong Passwords
A strong password is one that is about 20 characters long, mixes uppercase and lowercase letters, symbols, numbers, is unique to the account, and is changed at least once every 30 days. This results in a password that is both difficult to guess or crack and, even if one account becomes compromised, the unique nature means none of your other accounts are in danger.
Whenever you finish using an electronic banking platform, log out directly rather than closing the window. It will take time for your session to time out and this window can be harnessed in order to get access to sensitive financial data. Private browsing sessions can also be used to stop your browser from recording your web history, login credentials, and any cookies the site may have employed.
Don’t Reply or Act on Unknown Emails
A classic phishing scheme is to send out an official-looking email that uses a threat or alleged emergency to get you to click on a link and log in to your account. The link, however, takes you to a look-alike web page that will steal your information. Alternatively, the email may have an attachment that it wants you to download or open, releasing malware or viruses into the system. Do not click on links or attachments from any unsolicited email that you receive. If you are unsure whether an email is legitimate, call your bank or financial institution instead.
Get a Good Antivirus Program and Keep It Updated
Research and acquire an effective antivirus program rather than rely on the default one your computer came with (i.e.: McAfee). Make sure to update it regularly since this is how the software gets new virus and malware IDs that it uses to spot and dispose of threats. Keeping up-to-date with software versions also goes for things like Adobe, Java, and your web browser of choice.
LUSO Federal Credit Union is a member-owned, not-for-profit financial cooperative that is dedicated to providing members with quality financial services and products. We have a vested interest in making sure our members can have successful and safe financial lives and take cybersecurity and fraud detection seriously.
Feel free to contact our Ludlow branch toll free at 1-844-LUSO-FCU or our Wilbraham branch at 1-800-808-5876 for more information on how to stay safe and secure.