Category Archives: Fraud Protection

TECH SUPPORT FRAUD

Below is an important update from the Federal Bureau of Investigations’ cybercrime webpage detailing the problem of technical support fraud, suggestions for protection and how to report it:

computer

Based on new reporting, the Internet Crime Complaint Center (IC3) is providing updated guidance regarding technical support fraud. Tech Support Fraud involves a criminal claiming to provide customer, security, or technical support in an effort to defraud unwitting individuals. This type of fraud continues to be a problematic and widespread scam.

In 2017, the IC3 received approximately 11,000 complaints related to tech support fraud. The claimed losses amounted to nearly $15 million, which represented an 86% increase in losses from 2016. While a majority of tech support fraud involves victims in the United States, IC3 has received complaints from victims in 85 different countries.

Criminals may pose as a security, customer, or technical support representative offering to resolve such issues as a compromised e-mail or bank account, a virus on a computer, or to assist with a software license renewal. Some recent complaints involve criminals posing as technical support representatives for GPS, printer, or cable companies, or support for virtual currency exchangers.

As this type of fraud has become more commonplace, criminals have started to pose as government agents, even offering to recover supposed losses related to tech support fraud schemes or to request financial assistance with “apprehending” criminals.

HOW THE FRAUD OCCURS

Initial contact with the victim typically occurs through the following methods:

Telephone: A victim receives an unsolicited telephone call from an individual claiming the victim’s device or computer is infected with a virus or is sending error messages to the caller. Callers are generally reported to have strong, foreign accents.

Search Engine Advertising: Individuals in need of tech support may use online search engines to find technical support companies. Criminals pay to have their fraudulent tech support company’s link show higher in search results hoping victims will choose one of the top links in search results.

Pop-up message: The victim receives an on-screen pop-up message claiming a virus has been found on their computer. In order to receive assistance, the message requests the victim call a phone number associated with the fraudulent tech support company.

Locked screen on a device: The victim’s device displays a frozen, locked screen with a phone number and instructions to contact a fraudulent tech support company. Some victims have reported being redirected to alternate Web sites before the locked screen occurs.

Pop-ups and Locked Screens

  • Often accompanied by a recorded, verbal message to contact a phone number for assistance.
  • Frequently programmed into links for advertisements or popular topics on social media.
  • Web addresses of popular Web sites (such as social media or financial Web sites) can be typo-squatted to result in a pop-up or locked screen if the victim incorrectly types the intended Web site address.

Phishing e-mail warning: The victim receives a phishing e-mail warning of a possible intrusion to their computer or an e-mail warning of a fraudulent account charge to their bank accounts or credit cards. The e-mail provides a phone number for the recipient to contact the fraudulent tech support.

Once the fraudulent tech support company representative makes verbal contact with the victim, the criminal tries to convince the victim to provide remote access to the victim’s device. If the device is a tablet or smart phone, the criminal often instructs the victim to connect the device to a computer. Once remotely connected, the criminal claims to find expired licenses, viruses, malware, or scareware. The criminal will inform the victim the issue can be removed for a fee. Criminals usually request payment through personal/electronic check, bank/wire transfer, debit/credit card, prepaid card, or virtual currency.

Another widespread issue is “the fake refund.” In this scheme, the criminal contacts the victim offering a refund for tech support services previously rendered. The criminal requests access to the victim’s device and instructs the victim to login to their online bank account to process a refund. As a result, the criminal gains control of the victim’s device and bank account. With this access, the criminal makes it appear as if too much money was refunded to the victim’s account and requests the victim return the difference back to the criminal’s company via a wire transfer or prepaid cards. In reality, there was no refund at all. Instead, the criminal transferred funds among the victim’s own accounts (checking, savings, retirement, etc.) to make it appear as though funds were deposited. The victim “returns” their own money to the criminal. The “refund and return” process can occur multiple times, resulting in the victim potentially losing thousands of dollars.

VARIATIONS AND TRENDS

Tech support fraud was originally an attempt by criminals to gain access to devices to extort payment for fraudulent services. However, criminals are creating new techniques and versions of the scheme to advance and perpetuate the fraud.

Re-targeting previous victims and contacts

  • Criminals pose as government officials or law enforcement. The criminal offers assistance in recovering losses from a previous tech support fraud incident. The criminal either requests funds from the victim to assist with the investigation or to cover fees associated with returning the lost funds.
  • Criminals pose as collection services claiming the victim did not pay for prior tech support services. The victim is often threatened with legal action if the victim does not pay a settlement fee.

Virtual currency

Virtual currency is increasingly targeted by tech support criminals, with individual victim losses often in the thousands of dollars.

  • Criminals pose as virtual currency support. Victims contact fraudulent virtual currency support numbers usually located via open source searches. The fraudulent support asks for access to the victim’s virtual currency wallet and transfers the victim’s virtual currency to another wallet for temporary holding during maintenance. The virtual currency is never returned to the victim, and the criminal ceases all communication.
  • Criminals who have access to a victim’s electronic device use the victim’s personal information and credit card to purchase and transfer virtual currency to an account controlled by the criminal.

Increasing use of victim’s personal information and accounts to conduct additional fraud

  • Criminals use the victim’s personal information to request bank transfers or open new accounts to accept and process unauthorized payments.
  • Criminals send phishing e-mails to the victim’s personal contacts from the victim’s computer.
  • Criminals download personal files containing financial accounts, passwords, and personal data (health records, social security numbers, tax information, etc.).

Additionally, IC3 complaints report:

  • Criminals who took control of victims’ devices and/or accounts and did not release control unless a ransom was paid.
  • Viruses, key logging software, and malware were installed on victims’ devices.
  • Criminals have become more belligerent, hostile, and abusive if challenged by victims.

SUGGESTIONS FOR PROTECTION

  • Remember that legitimate customer, security, or tech support companies will not initiate unsolicited contact with individuals.
  • Install ad-blocking software that eliminates or reduces pop-ups and malvertising (online advertising to spread malware).
  • Be cautious of customer support numbers obtained via open source searching. Phone numbers listed in a “sponsored” results section are likely boosted as a result of Search Engine Advertising.
  • Recognize fraudulent attempts and cease all communication with the criminal.
  • Resist the pressure to act quickly. Criminals will urge the victim to act fast to protect their device. The criminals create a sense of urgency to produce fear and lure the victim into immediate action.
  • Do not give unknown, unverified persons remote access to devices or accounts.
  • Ensure all computer anti-virus, security, and malware protection is up to date. Some victims report their anti-virus software provided warnings prior to attempt.

IF YOU ARE A VICTIM

  • Individuals who receive a pop-up or locked screen, should shut down the device immediately. Ignore any pop-ups instructing to not power off or restart the computer. Victims who reported shutting down the device and waiting a short time to restart usually find the pop-up or screen lock has disappeared.
  • Do not re-contact fraudulent tech scam companies. Expect additional fraudulent calls as these companies often share their customer database information.
  • Should a criminal gain access to a device or an account, individuals should take precautions to protect their identity. Immediately contact financial institutions to place protection on accounts as well as change passwords and actively monitor accounts and personal information for suspicious activity.

FILE A COMPLAINT

Individuals who believe they may be a victim of an online scam (regardless of dollar amount) should file a complaint with the IC3 at www.ic3.gov.screen-shot-2016-09-13-at-11-07-51-am The more often fraud and scams are reported, the better equipped law enforcement can be to address the issues.

To report tech support fraud, please be as descriptive as possible in the complaint including:

  1. Identifying information of the criminal and company. Include Web sites, phone numbers, and e-mail addresses used by the criminal and company or any numbers you may have called.
  2. Account names and numbers and financial institutions receiving any funds (e.g., bank accounts, wire transfers, prepaid card payments, virtual currency wallets) even if the funds were not actually lost.
  3. Description of interaction with the criminal.
  4. The e-mail, Web site, or link that caused a pop-up or locked screen.

Complainants are also encouraged to keep all original documentation, e-mails, faxes, and logs of all communications.

Because scams and fraudulent Web sites appear very quickly, individuals are encouraged to report possible Internet scams and fraudulent Web sites by filing a complaint with the IC3 at www.ic3.gov.screen-shot-2016-09-13-at-11-07-51-am To view previously released PSAs and Scam Alerts, visit the IC3 Press Room at www.ic3.gov/media/default.aspx.screen-shot-2016-09-13-at-11-07-51-am

screen-shot-2016-09-28-at-7-28-21-pm_______________________________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Regents Bank Websites

This icon appears next to every link that directs to a third party website not affiliated with Regents Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Regents Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Regents Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

CNBC/Survey Monkey Poll Reveals Small Business Vulnerability to Cyberattack

Protection concept. Protect mechanism, system privacy.

“Hackers have breached half of the 28 millionscreen-shot-2016-09-13-at-11-07-51-am small businesses in the United States, according to the 2016 State of SMB Cybersecurity Report,” says a recently-released CNBC/SurveyMonkey Small Business Survey article about cyber security.

Through a survey of 2,000 small business owners across the nation conducted in April, the CNBC/Survey Monkey team found that only two percent of small business owners surveyed saw cyber security as “the most critical issue they face.”

Many business owners are more concerned about personnel, competition or benefits issues, but the resulting lack of focus on cyber security, combined with an attitude of ‘we’re too small to be targeted,’ may make these businesses more vulnerable to cyberattack, the article stated.

The article also cited Hemu Nigam, founder of SSP Blue, an internet security consulting business, and the former vice president of internet enforcement at the Motion Picture Association of America, who said, “Hackers love small businesses [because] they don’t have the resources to put in high-end cybersecurity protection and they may not be consciously aware they are a target.”

The cost of not having a high-end cybersecurity protection system can be high as well. For a retailer, a credit card data breach can range from “$200 per transaction to $395 per transaction” to respond adequately to the breach, according to the report.

Cyberattacks against businesses can come in many forms (we suggest reading through our blog archives to learn more about these types of attacks and defensive steps to take). The CNBC/SurveyMonkey article’s authors recommend the following precautionary measures:

  • Use large service providers like WordPress and Gmail for your company’s website and email since they already have complex protection systems built in.
  • Refrain from checking personal accounts from a company computer.
  • Use a cloud-based service rather than keeping your information local.

For more cybersecurity tips, please check out our blog post “Nine Tips for Better Cybersecurity” and “Cybersecurity Best Practices” on our website.

More information about the CNBC/Survey Monkey Small Business Survey can be found at the CNBC web page on the tech/cybersecurity page.

(Promoting cybersecurity best practices, Regents Bank recommends against clicking links provided by second-hand parties and chooses instead to provide written directions about how to find material we reference on our blog.)

screen-shot-2016-09-28-at-7-28-21-pm_______________________________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Regents Bank Websites

This icon appears next to every link that directs to a third party website not affiliated with Regents Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Regents Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Regents Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

FBI: How to Protect Your Computer

computer

Below are some key steps to protecting your computer from intrusion, as detailed on the Federal Bureau of Investigations’ cybercrime webpage:

Keep Your Firewall Turned On: A firewall helps protect your computer from hackers who might try to gain access to crash it, delete information, or even steal passwords or other sensitive information. Software firewalls are widely recommended for single computers. The software is prepackaged on some operating systems or can be purchased for individual computers. For multiple networked computers, hardware routers typically provide firewall protection.

Install or Update Your Antivirus Software: Antivirus software is designed to prevent malicious software programs from embedding on your computer. If it detects malicious code, like a virus or a worm, it works to disarm or remove it. Viruses can infect computers without users’ knowledge. Most types of antivirus software can be set up to update automatically.

Install or Update Your Antispyware Technology: Spyware is just what it sounds like—software that is surreptitiously installed on your computer to let others peer into your activities on the computer. Some spyware collects information about you without your consent or produces unwanted pop-up ads on your web browser. Some operating systems offer free spyware protection, and inexpensive software is readily available for download on the Internet or at your local computer store. Be wary of ads on the Internet offering downloadable antispyware—in some cases these products may be fake and may actually contain spyware or other malicious code. It’s like buying groceries—shop where you trust.

Keep Your Operating System Up to Date: Computer operating systems are periodically updated to stay in tune with technology requirements and to fix security holes. Be sure to install the updates to ensure your computer has the latest protection.

Be Careful What You Download: Carelessly downloading e-mail attachments can circumvent even the most vigilant anti-virus software. Never open an e-mail attachment from someone you don’t know, and be wary of forwarded attachments from people you do know. They may have unwittingly advanced malicious code.

Turn Off Your Computer: With the growth of high-speed Internet connections, many opt to leave their computers on and ready for action. The downside is that being “always on” renders computers more susceptible. Beyond firewall protection, which is designed to fend off unwanted attacks, turning the computer off effectively severs an attacker’s connection—be it spyware or a botnet that employs your computer’s resources to reach out to other unwitting users.

https://www.fbi.gov/investigate/cyberscreen-shot-2016-09-13-at-11-07-51-am

screen-shot-2016-09-28-at-7-28-21-pm_______________________________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Regents Bank Websites

This icon appears next to every link that directs to a third party website not affiliated with Regents Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Regents Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Regents Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

Defenses Against Cybercrime

Through our work in cyber and information security, we have formed relationships with professionals at Secure the Villagescreen-shot-2016-09-13-at-11-07-51-am and Citadel Information Group.screen-shot-2016-09-13-at-11-07-51-am They have kindly allowed us to post on our blog site some of the articles they have authored about cyber security. This articlescreen-shot-2016-09-13-at-11-07-51-am provides a great overview of the business email compromise scam and how to avoid being taken in by it.

Business E-mail Compromise: Don’t Be a Victim

By Stan Stahl, PhD, President of Citadel Information Group, Inc. & Founder and President of Secure the Village

What to Do: Implement very strong controls on wire transfers

Screen Shot 2017-05-02 at 5.47.51 PMAssume all email or fax requests from a vendor to change bank accounts are fraudulent. Assume all email or fax requests from the company President or others are fraudulent. Assume all email or fax requests to set-up a new vendor are fraudulent. Pick up the phone, call the party in question and verify the request is legitimate.

If you discover you are a Business Email Compromise victim, immediately contact the FBI’s Southern California Cyber Fraud unit at sccf@leo.gov. They have established banking relationships and are often able to recover funds if they are notified within 72 hours.

And talk to your banker. Make sure they have your back.

It’s also a good idea to check with your insurance broker to ensure that business email compromise losses are covered.

Background

Not too long ago, email scams were relatively easy to detect. They were often from unknown contacts and referenced bank or credit card information which was clearly incorrect. Sometimes, the emails would simply contain a link. As time has passed, fraudulent attempts to gain control of your online banking, your critical information, and your identity have become more skillful and harder to spot. These days’ emails often appear to come from recognized accounts, are well written, and–at least at first glance–seem legitimate.

The newest — and one of the costliest — in a long line of fraudulent e-mail scams is “Business E-Mail Compromise” (BEC).

Business Email Compromise (BEC) is a very sophisticated attempt to induce a business to willingly hand over their money to a cybercriminal. In Business Email Compromise (BEC), crooks spoof communications from executives or vendors at the victim firm in a bid to initiate unauthorized wire transfers.

According to the FBI, thieves stole nearly $750 million in such scams from more than 7,000 victim companies in the U.S. between October 2013 and August 2015. Business Email Compromise cost Ubiquiti Networks $46 million.screen-shot-2016-09-13-at-11-07-51-am

Collectively, Business Email Compromise has resulted in actual and attempted losses of over a billion dollars worldwide. The FBI reports, “…since the beginning of 2015 there has been a 270 percent increase in identified BEC victims. Victim companies have come from all 50 U.S. states and nearly 80 countries abroad.”

BECs can target businesses working with foreign suppliers or regularly performing wire transfer payments, although they have also targeted some that do not strictly fit this criterion. In order to solicit unauthorized transfers of funds, the scams compromise legitimate business e-mail accounts through social engineering or computer intrusion techniques. Prior to making contact, the scammers learn enough about their target to create emails that use language specific to the company and request wire transfers that seem legitimate.

For more information on BECs, see https://www.fbi.gov/news/stories/2015/august/business-e-mail-compromise/business-e-mail-compromisescreen-shot-2016-09-13-at-11-07-51-am and http://krebsonsecurity.com/2015/08/fbi-1-2b-lost-to-business-email-scams/screen-shot-2016-09-13-at-11-07-51-am

screen-shot-2016-09-28-at-7-28-21-pm_______________________________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Regents Bank Websites

This icon appears next to every link that directs to a third party website not affiliated with Regents Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Regents Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Regents Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

What should you do if you fall victim to a BEC scam?

bec-scam-graphicBy Michael S. Kim, Randall Arthur AND Kelly Spatola

Re-printed with permission by the Association for Financial Professionals, www.AFPonline.org.screen-shot-2016-09-13-at-11-07-51-am

KEY INSIGHTS:

  • Time is of the essence. The faster you notify law enforcement and your bank, the better chance you have of recovering stolen funds.
  • Go local. Don’t forget to pursue fraudsters in the country where they and your stolen funds are located.
  • You’ll need a local lawyer to help you navigate local courts.

At our firm, we see an increasing amount of business email compromise (BEC) scams. Treasury and finance professionals see this as well—but what can they do after their organization has fallen victim?

How do I know if my company has fallen victim? Two of the most common types of frauds are CEO fraud and invoice fraud. The former is well known by now; variations include CFO fraud and treasurer fraud. The latter, invoice fraud, occurs when the IT system of a customer or supplier of your organization is hacked. The fraudsters will identify invoices due and payable by the company to the customer, then alter the payment details on the invoices and resend them to the company with a request to redirect payment to a new bank account, which is under the control of the fraudster. It is not uncommon for the fraudster to have been hacking into the relevant IT system for a number of months prior to committing the fraud in order to monitor e-mail traffic and thus be able to convincingly impersonate the executive or customer. All this is well known, and many organizations are taking steps to prevent BEC scams. But what happens when it occurs?

Where do stolen funds usually end up, and can a victim possibly recover such funds? Funds misappropriated through BEC scams can ultimately end up in any jurisdiction in the world (but almost never in the country in which the defrauded company is located). In our experience, misappropriated funds often end up in jurisdictions such as Hong Kong, China, Cyprus, various Eastern European countries and various African countries. Misappropriated funds can be transferred in and out of bank accounts in an instant. Thus, the longer it takes to discover a fraud, the less chance a company has of recovering its stolen funds. BEC scams generally are uncovered soon after they are committed; large and unusual transactions are red flags which can be noticed by senior management not targeted by the fraudsters. Invoice fraud often takes much longer to be discovered—usually when an unpaid supplier or customer raises queries as to payment of its invoices, which could be weeks or even months after the fraud has been committed. If your company has been defrauded, the key to recovering misappropriated funds is to take immediate action, both in your company’s local jurisdiction, as well as the jurisdiction to which the funds have been remitted. Any delays can severely jeopardize the chances of recovery.

What should a company do after discovering that it has been defrauded? Once a company discovers that it was the victim of fraudulent activity, it should take the following steps:

Immediately report the fraud to the bank from which funds were fraudulently transferred. Wire transfers are not always instantaneous. Rather, for a variety of reasons, the bank may delay processing a wire transfer—particularly a transfer of large sums of money. Such delays may give both the victim and the victim’s bank the opportunity to cancel or unwind a fraudulent transfer, if they act quickly enough. In our experience, companies that quickly discover and report fraudulent activity to their banks are more likely to recover stolen funds.

Report the fraudulent conduct to law enforcement agencies in the jurisdiction to which the funds were transferred. If possible, defrauded companies should contact these agencies at the same time as they contact their bank, because local police, including police in Hong Kong and China, may be able to freeze the account receiving the stolen funds, thereby stopping the funds from being withdrawn or further transferred.

Inform your company’s in-house counsel of the loss. In-house counsel will need to determine, among other things, whether the loss suffered is covered by the company’s existing insurance policies. If the loss is covered, your company should promptly inform its insurance company of the loss to ensure timely compensation under its policies.

Finally, retain local counsel in the jurisdiction to which the funds were transferred. Local counsel will be able to advise on the best legal strategy to recover the stolen funds—for example, commencing a civil proceeding to obtain a freezing order or a disclosure order. Local lawyers can also facilitate communications with local law enforcement agencies, as discussed in more detail below, thus increasing the chances of funds being frozen before they are further dissipated.

What is the best way to report to and follow up with local authorities? Communicating with law enforcement agencies in a different time zone and in a different language can be challenging and inefficient. Victims of fraud also often make the mistake of reporting crimes through an authority’s online reporting system, which can cause delays in processing the report (and thus increase the risk of the funds leaving the account before steps can be taken to freeze the account). We have found that taking the following steps will maximize a company’s chances of early and effective police intervention:

Contact law enforcement agencies through an agent that lives in the jurisdiction and speaks the native language—preferably local lawyers who are accustomed to dealing with the police and can quickly take steps to begin recovery of the stolen funds should they have been successfully frozen.

If possible, communicate with law enforcement officials face-to-face, as this will help in expediting their investigations.

Provide law enforcement officials with detailed information about the fraud and related wire transfers, including any and all evidence in support. For example, any email correspondence with the fraudsters and wire confirmations showing the name and bank accounts of the recipients.

How does a company obtain a freezing order from local courts? It is often the case that the victim of the fraud cannot (or does not want to) rely on local enforcement to freeze the recipient’s bank account. This may be due to the police not having sufficient powers in the relevant jurisdiction to freeze the account, or the amount that has been stolen is of a sufficient value that the victim wants take additional action to try and secure the funds. In this case, the victim should apply to the local court for a freezing order. Freezing orders—known as a Mareva injunction in Hong Kong or a property preservation order in China—prohibits the recipient of stolen funds from disposing of its assets, including withdrawing the stolen funds from the account. The bank will also freeze the account upon being served with such an order, making it impossible for the account holder to access the funds in the account. In most BEC and invoice fraud cases, the victim can apply for a freezing order on an urgent and ex parte basis—i.e., the victim is not required to notify the account holder about the application unless and until a freezing order is issued by the court. Although this significantly speeds up the process, note that it can take up to a day or two to compile all of the evidence needed and prepare the application, during which time funds can be transferred or withdrawn. It is thus important to retain local counsel early to aid in these efforts, so as not to further delay the process. Given their draconian nature, there are often potential obstacles and pitfalls to be to be aware of when preparing an application for a freezing order. While the standard for granting such an order is high in most jurisdictions, if the victim can produce concrete evidence of the fraud, most courts will be inclined to issue a freezing order, at least at the ex parte stage. Also, some courts require that the victim provide a sum of money to the court—i.e., a bond—to obtain a freezing injunction. Companies should discuss with counsel whether and under what circumstances a freezing order might be possible and what requirements will need to be met to make such an application.

How does a company obtain information about the whereabouts of the stolen funds? It is not uncommon for fraudsters to quickly and repeatedly transfer stolen funds to different banks in an attempt to evade detection. The most efficient way of tracing the funds is through the recipient banks themselves. Often, however, banks and the police are unwilling or unable to provide information about bank accounts without a court order. Therefore, consideration should be given to applying to the local court for a “disclosure order.” This is an order requiring the bank to provide information about the account holder and whether and where funds were subsequently transferred. This can either be done as part of the freezing order application or as a stand-alone application (if, say, for example, the victim has become aware that the funds are no longer in the account but still wants to trace the onward remittance of the funds). It should be noted that courts will often give banks a generous amount of time to comply with disclosure orders, typically seven to 14 days. Such delays may hinder tracing efforts, as it is very likely that fraudsters will continue to move the funds through different banks meaning it can often be difficult to locate the ultimate destinations of the funds. Again, it is important for a victim to move quickly when making a disclosure application in order to give itself the best chance of successfully tracing and freezing stolen funds.

What should a company do after the funds are successfully frozen? Once the stolen funds (or some portion thereof), are successfully frozen, a victim should commence civil proceedings against the recipient for the return of those funds. If the recipient does not appear or otherwise defend the proceedings and commits an act of default, then a judgment can be entered against the recipient. A victim can then seek to enforce the judgment by applying for a third-party payment order (also known as a garnishee order) against the banks where the funds are held. Such an order requires the bank to remit the funds in the account to the victim in satisfaction of the judgment.

Michael S. Kim is co-founder and Randall Arthur and Kelly Spatola are attorneys with Kobre & Kim.

screen-shot-2016-09-28-at-7-28-21-pm_______________________________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Regents Bank Websites

This icon appears next to every link that directs to a third party website not affiliated with Regents Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Regents Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Regents Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

We’re Working with You to Battle Cyber Crime

IMG_8357

Since 2013, cyber criminals have attacked over 22,000 businesses via business email scams with losses totaling over $3.1 billion. Businesses of any size are vulnerable. Experts estimate that 80% of cyber attacks are avoidable through basic cyber hygiene.  By implementing a variety of safety and prevention measures, you can significantly reduce the chances of your business suffering losses due to cyber crime.

To help businesses understand the risks and the ways they can help protect themselves from this growing threat, we recently hosted a cyber security seminar in San Diego. We want to share a few of the key takeaways from our panel of experts in law enforcement, information security and insurance. Here’s what we learned from Howard Miller, CRM, CIC, of L/B/W Insurance and Financial Services, Kimberly Pease, CISSP, of Citadel Information Group, Gary Hayslip, CISSP, CCSK, of City of San Diego and John Caruthers of the FBI’s National Security Cyber Squad.

  • Employee training throughout your organization is critical. Make sure you have clear policies about cyber security and that they are clearly communicated to your staff, contractors and anyone else who has the ability to expose your company to risk. Educate all of your employees about the risks of clicking on links in emails and sharing business information via phone or email with people they don’t know or trust.
  • Limit access to software to employees who really need it and make sure that each employee has their own log-in (don’t have employees share log-ins) so you can track activity back to a specific person.
  • Keep software updated regularly. Cyber thieves exploit vulnerabilities in older versions of software.
  • Use two-factor authentication to access your internet email and other sensitive applications such as online banking. Two-factor authentication requires you to use a one-time password in addition to your regular password, making it more difficult for hackers to hack.
  • Make sure your back-up files are capturing all of your critical data and that your employees are following your prescribed protocol for backing up their files. Also make sure you are backing up your files in a different physical location so you can use them in the event of a natural disaster.
  • Look at your third party vendor contracts to understand what cyber risk you might assume through your relationship with that vendor, particularly with cloud providers who typically accept little, if any, liability associated with cyber crime.
  • Take information security as seriously as operations and finance.
  • Create a VPN (virtual private network) to secure communications to your business network that are initiated by authorized employees using devices outside of your network.
  • Secure your wi-fi with a password and encryption.
  • Use different passwords for different sites and make them long and complex.
  • Check any existing cyber security insurance you may have to look for gaps or exclusions in the coverage. Business interruption is typically limited to physical causes so most insurance won’t cover business interruption due to a cyber attack.
  • Before your business is targeted by cyber criminals, establish a relationship with your local FBI office. They’re the lead federal agency for investigating these kinds of attacks.

For banking (online as well as offline), the following recommendations were made:

  • Use dual control for all ACH and wire transfers. Dual control means that another person or account has to authorize a transfer in addition to the person who initiates it.
  • Never trust wire instructions or other funds transfer instructions sent via email. Always call the person or company to verify the instructions.
  • Set up alerts that automatically notify you about log-ins, password changes, transfers, etc. This way if an unauthorized change is made, you know and can respond quickly.
  • Use Trusteer Rapport software (available free) to provide a secure web channel between your computer and the bank’s online banking site.
  • Use our ACH Fraud Protection Service, which enables business clients to review ACH transactions before they are complete and to choose to pay or return each item.
  • Use ACH blocks or restrictions, if you know you won’t be using these electronic payments, or if you want to limit ACH withdrawals to only specific vendors.

To address the risks of funds transfer fraud and cyber deception, our bank has also introduced a new way for our business banking clients to protect themselves through a first-of-its-kind cyber insurance group policy. The policy provides gap insurance, since most cyber crime insurance policies don’t cover losses for money sent out of a business banking account “voluntarily;” that is, when someone in your firm is tricked into sending funds to a cyber criminal posing as a trusted colleague or vendor. For more information on this policy, please visit grandpointinsurance.com.

Insurance Products are:
Screen Shot 2016-06-23 at 9.12.21 AM
Insurance Products are offered through Grandpoint Insurance Services, Inc., a non-bank insurance agency affiliate of Grandpoint Bank, and facilitated through LBW Insurance & Financial Services, Inc., an unaffiliated insurance agency.

screen-shot-2016-09-28-at-7-28-21-pm

fbtwitterLinkedIngp

FBI Article: Ransomware

ransom

We receive a lot of positive feedback when we run articles from the FBI’s cyber crime division. We’re pleased the Bureau has encouraged us to share their articles on this topic, so we want to share a recent post from their website about ransomware. Ransomware refers to a malware that restricts access to the infected computer/network and demands that the operators pay some sort of ransom to regain control of their network. We hope this article is helpful to you. Please let us know if you have information or ideas on this topic that our readers may want to hear.

You can find this article, as well as many other articles you may find valuable to keep your business and staff secure against cybercrime, at this web address: https://www.fbi.gov/investigate/cyberscreen-shot-2016-09-13-at-11-07-51-am

For more information about fraud protection tools and product features provided by Regents Bank, please visit our website.

Ransomware 

Hospitals, school districts, state and local governments, law enforcement agencies, small businesses, large businesses—these are just some of the entities impacted by ransomware, an insidious type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them.

The inability to access the important data these kinds of organizations keep can be catastrophic in terms of the loss of sensitive or proprietary information, the disruption to regular operations, financial losses incurred to restore systems and files, and the potential harm to an organization’s reputation. Home computers are just as susceptible to ransomware and the loss of access to personal and often irreplaceable items— including family photos, videos, and other data—can be devastating for individuals as well.

In a ransomware attack, victims—upon seeing an e-mail addressed to them—will open it and may click on an attachment that appears legitimate, like an invoice or an electronic fax, but which actually contains the malicious ransomware code. Or the e-mail might contain a legitimate-looking URL, but when a victim clicks on it, they are directed to a website that infects their computer with malicious software.

One the infection is present, the malware begins encrypting files and folders on local drives, any attached drives, backup drives, and potentially other computers on the same network that the victim computer is attached to. Users and organizations are generally not aware they have been infected until they can no longer access their data or until they begin to see computer messages advising them of the attack and demands for a ransom payment in exchange for a decryption key. These messages include instructions on how to pay the ransom, usually with bitcoins because of the anonymity this virtual currency provides.

Ransomware attacks are not only proliferating, they’re becoming more sophisticated. Several years ago, ransomware was normally delivered through spam e-mails, but because e-mail systems got better at filtering out spam, cyber criminals turned to spear phishing e-mails targeting specific individuals. And in newer instances of ransomware, some cyber criminals aren’t using e-mails at all—they can bypass the need for an individual to click on a link by seeding legitimate websites with malicious code, taking advantage of unpatched software on end-user computers.

The FBI doesn’t support paying a ransom in response to a ransomware attack. Paying a ransom doesn’t guarantee an organization that it will get its data back—there have been cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.

So what does the FBI recommend? As ransomware techniques and malware continue to evolve—and because it’s difficult to detect a ransomware compromise before it’s too late—organizations in particular should focus on two main areas:

  • Prevention efforts—both in both in terms of awareness training for employees and robust technical prevention controls; and
  • The creation of a solid business continuity plan in the event of a ransomware attack.

Tips for Dealing with Ransomware. While the below tips are primarily aimed at organizations and their employees, some are also applicable to individual users.

  • Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
  • Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
  • Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
  • Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
  • Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write-access to those files or directories.
  • Disable macro scripts from office files transmitted over e-mail.
  • Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).
  • Back up data regularly and verify the integrity of those backups regularly.
  • Secure your backups. Make sure they aren’t connected to the computers and networks they are backing up.

screen-shot-2016-09-28-at-7-28-21-pm_______________________________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Regents Bank Websites

This icon appears next to every link that directs to a third party website not affiliated with Regents Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Regents Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Regents Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

Regents Bank Makes First-of-its-Kind Cyber Crime Insurance Available!

cyber-security1-596x245

Regents Bank has introduced a new way for its business banking clients to protect themselves from financial losses due to funds transfer fraud and cyber deception through a first-of-its-kind cyber insurance group policy.

Grandpoint Bank created Grandpoint Insurance Services, Inc., a non-bank insurance agency affiliate, to develop the Client Cyber Crime Insurance product. The policy, offered to customers of Grandpoint Bank and its divisions, including Regents Bank, offers cyber crime loss coverage that is specifically geared to monetary losses. It was created as an affordable and easy alternative to individually underwritten, higher-priced commercial crime insurance policies.

The majority of businesses don’t realize that they have significantly more exposure for losses due to fraud than individual account holders, who are afforded certain regulatory protections. Businesses are often tricked into approving fraudulent transfers, notwithstanding internal controls to identify and prevent this kind of risk.  According to the FBI, since 2013, over 17,000 businesses have lost an aggregate of more than $2.3 billion to one type of cyber crime alone, known as the business email scam.

Even as monetary losses due to cyber crime have skyrocketed in recent years, many traditional commercial crime policies specifically exclude losses arising from cyber deception.

“We are excited to make this new coverage available to our business clients,” said Petra Griffith, Director of Product Development for Grandpoint Bank. “The policy focuses on the kinds of coverage that directly address the key fraud risks that businesses face – losses to their bank accounts through cyber crime.  Cyber crime is a major concern for businesses, especially since they are typically liable if cyber criminals steal funds from their business accounts. They often don’t have the appropriate insurance in place and are finding it more difficult to protect themselves in this ever evolving, increasingly sophisticated cyber crime environment.”

The Client Cyber Crime Insurance policy is available exclusively to business clients of Grandpoint Bank and its divisions, Regents Bank, Bank of Tucson, and The Biltmore Bank of Arizona, through Grandpoint Insurance Services, in partnership with LBW Insurance & Financial Services, Inc.  The policy is underwritten by Hiscox Inc., on behalf of Underwriters at Lloyd’s, London, which is rated A by A.M. Best. Insurance products are not a deposit, not FDIC insured, not federal government agency insured, not bank guaranteed.

The Client Cyber Crime Insurance group policy coverage helps reimburse funds in business deposit accounts lost due to funds transfer fraud and cyber deception and is offered at premiums that represent substantial savings from individual policies currently available on the market. Any business that has a deposit account at Grandpoint Bank or its divisions is automatically eligible to enroll in the policy and select from a range of coverages with premiums that start at $30 per month.

“Educating and alerting our clients, and the broader business community, about established and emerging cyber crime trends is a commitment we’re passionate about,” said Steve Sefton, President of Regents Bank. “We’ve been working for over a year to create a more powerful solution to help clients protect their financial assets against attacks by cyber criminals.”

For more information on the Client Cyber Crime Insurance, visit grandpointinsurance.com (California Insurance License #0K82434).

_____________________________________________________________________________________________________________

Insurance Products are:
Screen Shot 2016-06-23 at 9.12.21 AM
Insurance Products are offered through Grandpoint Insurance Services, Inc., a non-bank insurance agency affiliate of Grandpoint Bank, and facilitated through LBW Insurance & Financial Services, Inc., an unaffiliated insurance agency.

screen-shot-2016-09-28-at-7-28-21-pm

fbtwitterLinkedIngp

Cyber security alert … There are only two kinds, which one are you?

cyber

Thank you to article author Linda Drake of Trailblazer Advisors and to Inside Tucson Business for allowing us to republish this article on our blog.

A common meme in the imploding industry of information security is the assertion that there are only two kinds of companies:

Those that have been hacked and those who don’t know they’ve been hacked!

Which one are you?

There are some stunning statistics* that every small and medium-sized business should know that require your attention and action for your protection.

No business or organization can prevent data breaches. A single credit card data breach can cost your business $217 per incident

According to experts, the cost of a company-wide data breach costs a minimum of $10,000

92 percent of companies experiencing a breach did not know it (they were notified by a 3rd party)

75 percent of breaches occur in businesses with less than 100 employees.

Only 25 percent of breaches are IT or hacker-related; this means 75 percent of breach events are related to current/former employees, customers, vendors, contractors and organized crime or social engineering.

Yet, 83 percent of SMB’s do not have a formal cybersecurity plan.

Most importantly, 64 percent of companies with 500 or fewer employees go out of business within a year of being hacked!

If the last statement does not compel you to take action, close your business down now!

The age of the ‘Internet of Everything’ is upon us. Companies need to harness this technology as an asset or potentially endure irreparable harm.  According to Gartner Research, companies incur four times the expense to respond to data breach events than the installation of appropriate security technology to prevent it.  Of course, the actual expense of a breach does not include the correspondent frustration, aggravation and untold embarrassment.

As a business owner you may be asking yourself, am I really at risk?  “Indeed, you really are!” retorted Kathy Delaney Winger, Esq., an attorney who practices in the area of cybersecurity.   “All companies must protect ‘Personally Identifiable Information,’ commonly termed (PII).” PII can be defined as any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual’s identity, such as name, social security number, date and place of birth, mother’s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information.”

“The truth is,” stated Kathy, “the definition of information is very broad, as is your obligation to protect it.  For example, even if a business owner hires a third party to perform services that involve the use of PII (such as payroll processors) the business owner may still be at risk if a breach occurs.”

According to Kathy, there are multiple factors that you should consider when thinking about cybersecurity and protecting your business.  “It’s critically important to be aware of the PII that your business is collecting, holding and/or sharing with third parties,” said Kathy.  “Once you’ve made yourself aware of it, you should take steps to protect the information and have a plan as to how you will handle matters (such as complying with your obligation to notify affected parties) in the event of a breach.”  Kathy recommends that business owners work closely with professionals who are knowledgeable in this area, including lawyers and companies that specialize in computer security.  According to Kathy, businesses should also discuss the issue with insurance professionals.  “I recommend that business owners consider purchasing cyber insurance that will protect the company should a breach occur,” said Kathy.  She continued “the statistics cited at the start of this article illustrate that, once a breach occurs, a company’s liability can be extensive.  Thus, business owners are well advised to insure against data breach losses just as they insure against many other kinds of losses.”

According to James Riley, CEO of JNR Networks, the number one technology virus is the user!  Most systems are compromised by users who knowingly or unknowingly create the vulnerability of access to your data.

So what steps should you take to protect your data and your company?

The first, most immediate action is modifying the approach to passwords.  Some IT experts suggest that you should treat passwords like underwear: don’t leave them where people can see them, change them often, do not lend them to others, and make sure they are a good “fit”. Further, the obfuscation of passwords is critical.

“Passwords should not include the obvious,” James suggests.  “Do not use passwords with your kids’ names, spouse, pets or anything that people know about you,” James commented. Passwords should be at least 8 characters that include upper and lower case, numbers and symbols.  The key to a unique and memorable password is the linking and twisting of terms that only have meaning to you.  “Spell words that are jumbled and have no relationship to each other, just to you.”

Beyond the password basics, James added, “All companies need at the very minimum, business grade (BG) antivirus software, BG firewalls, and BG equipment. But, all the best of these tools are nothing without the development of Acceptable Use Policies (AUP) that are established, reinforced and enforced in each company.”

One of our country’s greatest founding fathers had it right—

“By failing to prepare, you are preparing to fail.”

In the 18th century Ben Franklin had no idea that his words would be so applicable in this era coined, “The Third Wave of the Internet,” by AOL’s founder, Steve Case. The SMB bottom-line regarding cybersecurity is a simple message: explore, embrace, manage and, above all, control cyber technology before it controls you.

*Statistics presented by a panel of experts for AZ Tech Council at the recent Tech Junction Conference in Tucson.  Kathy Delaney Winger, Esq. of The Law Offices of Kathy Delaney Winger and James Riley, CEO of JNR Networks were two of the panelists.

Linda Drake is a 25 year, seasoned global entrepreneur, corporate executive, author and Certified Professional & Executive Coach.  As a CEO for CEO’s, Linda founded Trailblazer Advisors to catapult economic growth and leadership skills for business owners and senior management at any stage in the business lifecycle.  She believes that strong business leadership and entrepreneurism are the heart and promise of America. Linda is the President of the International Coaching Federation of Southern Arizona. 

Read the original article here:

http://www.insidetucsonbusiness.com/business_chatter/cyber-security-alert-there-are-only-two-kinds-which-one/article_993e8646-0d61-11e6-a13e-9bf1e63a7270.htmlscreen-shot-2016-09-13-at-11-07-51-am

screen-shot-2016-09-28-at-7-28-21-pm_______________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Regents Bank Websites

This icon appears next to every link that directs to a third party website not affiliated with Regents Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Regents Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Regents Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

Identity Theft – A Practical Guide from the Federal Trade Commission

personal-identity-theft

Do you know the red flags of identity theft? The Federal Trade Commissionscreen-shot-2016-09-13-at-11-07-51-am has published a very helpful guide to not only help you recognize identity theft, but also protect yourself and your business against it and to take action if it happens to you. You can download a copy of the brochure for free on their website.screen-shot-2016-09-13-at-11-07-51-am The following are some highlights from the brochure we’d like to share with our readers.

Red Flags of Identity Theft

  • Mistakes on your bank, credit card or other account statements
  • Mistakes on the explanation of medical benefits from your health plan
  • Your regular bills and account statements don’t arrive on time
  • Bills or collection notices for products or services you never received
  • Calls from debt collectors about debts that don’t belong to you
  • A notice from the IRS that someone used your Social Security number
  • Mail, email or calls about accounts or jobs in your minor child’s name
  • Unwarranted collection notices on your credit report
  • Businesses turn down your checks
  • You are turned down unexpectedly for a loan or job

How to Protect Your Information

  • Read your credit reports. You have a right to a free credit report every 12 months from each of the nationwide credit reporting companies. To order, go to annualcreditreport.com or call 877-322-8228.
  • Read your bank, credit card and account statements, as well as the medical explanation of benefits from your health plan. If a statement has errors or doesn’t come out on time, contact the business.
  • Shred all documents that show personal, financial and medical information before you throw them away.
  • Don’t respond to email, text and phone messages that ask for personal information. Legitimate companies don’t ask for information this way. Delete the messages.
  • Create passwords that mix letters, numbers and special characters. Don’t use the same password for more than one account.
  • If you shop or bank online, use websites that protect your financial information with encryption. (An encrypted site has https at the beginning of the web address.)
  • If you use a public wireless network, don’t send information to any website that isn’t fully encrypted.
  • Use anti-virus and anti-spyware software, as well as a firewall on your computer.
  • Set your computer’s operating system, web browser and security system to update automatically.

If Your Identity Is Stolen

  • Call one of the nationwide credit reporting companies, and ask for a fraud alert on your credit report. The company you call must contact the other two so they can put fraud alerts on your files. An initial fraud alert is good for 90 days.

Equifax: 800‑525‑6285

Experian: 888‑397‑3742

TransUnion: 800‑680‑7289

  • Order your credit reports. Each report about you is slightly different, so order a report from each company. If you see mistakes or signs of fraud, contact the credit reporting company.
  • Create an Identity Theft Report. An Identity Theft Report can help you get fraudulent information removed from your credit report, stop a company collecting debts caused by identity theft and get information about accounts a thief opened in your name.

To create an Identity Theft Report:

  • File a complaint with the FTC at ftc.gov/complaint or 877-438-4338; TTY: 866-653-4261. Your completed complaint is called an FTC Affidavit.
  • Take your FTC Affidavit to your local police, or to the police where the theft occurred and file a police report. Get a copy of the police report.
    The two documents comprise an Identity Theft Report.

Identity theft can rob you of time, money and peace of mind. Implementing a methodical system to prevent, recognize and remedy it is your best line of defense. We hope this article helps you create or refine your plan.

screen-shot-2016-09-28-at-7-28-21-pm_______________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Regents Bank Websites

This icon appears next to every link that directs to a third party website not affiliated with Regents Bank. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Regents Bank. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Regents Bank assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp