Pharming: similar to phishing, pharming seeks to obtain personal information by directing you to a copycat website where your information is stolen, usually from a legitimate-looking form.
Norton Anti-Virus www.symantic.com
Malware: Short for malicious software, often included in spam e-mails, this can take control of your computer without your knowledge and forward to fraudsters your personal information such as Ids, passwords, account numbers and PINs.
Spyware AdAware www.adaware.com
You can make your computer safer by installing and updating regularly your ■ ✔Anti-virus software ■ ✔Anti-malware programs ■ ✔Firewalls on your computer ■ ✔Operating system patches and updates
Understanding Understanding the the New New
Microsoft AntiSpyware www.microsoft.com
Stop by your credit union to learn more about these important ways that your online experience is being made safer and more convenient than ever. NOTE: *Quotations are from Federal Financial Institutions Examination Council’s “Authentication in an Internet Banking Environment.”
RESOURCES The following websites can get you started learning about your online security options. These are provided for information purposes; no endorsement of any product or service is intended.
Multi-factor authentication and layered security are helping assure safe Internet transactions for credit unions and their members.
Multi-Factor Authentication Federal Financial Institutions Examination Council www.ffiec.gov/press/pr101205.htm Anti-Virus & Firewall McAfee Anti-Virus www.mcafee.com
© 2006 FINANCIAL EDUCATION CORPORATION
Assuring Your Online Security
hen you visit your credit union online in the coming months, there’s a good chance you’ll notice some changes. These changes have to do with how you identify yourself and gain access to your accounts over the internet, and are designed to make you safer than ever before from account hijacking and identity theft. These changes are based on the realization that internet fraudsters have become increasingly sophisticated, making “single-factor authentication”—a simple password, for example—inadequate for some of your online financial transactions. “Financial institutions offering internet-based products and services… should use effective methods to authenticate the identity of members…”
Understanding the Factors Today’s authentication “Account fraud and methods—used to identity theft are confirm that it is you, frequently the result of single-factor and not someone who authentication has stolen your exploitation” identity—involve one or more basic “factors”: ■ Something the user knows (e.g., password, PIN) ■ Something the user has (e.g., ATM card, smart card)
■ Something the user is (e.g., biometric characteristic, such as a fingerprint) Single-factor authentication uses one of these methods; multi-factor authentication uses more than one, and thus is considered to be a more reliable and stronger fraud deterrent. When you use your credit union ATM, you are using multi-factor authentication: Factor number one is something you have, your ATM card; factor number two is something you know, your PIN.
Risk Assessment Results Your credit union’s goal is to ensure that the level of authentication used “An effective in a particular authentication system is necessary…to transaction is safeguard member appropriate to the information, prevent level of risk in that money laundering and application. terrorist financing, Accordingly, your reduce fraud, inhibit identity theft and credit union has promote the legal concluded a enforceability of comprehensive riskelectronic agreements assessment of its and transactions.” current methods following stringent Federal regulatory guidelines and will be implementing the appropriate authentication measures to keep your online transactions safe and secure. In addition to single and multi-factor authentication, your credit union may also
rely on several layers of control to assure your Internet safety. These layers might include ■ Additional controls, “Financial institutions such as call-back should rely on (voice) verification, multiple layers of control to prevent e-mail approval, or fraud and safeguard cell phone based member information.” identification. ■ Employing member verification procedures, especially when opening accounts online. ■ Analyzing certain transactions to identify suspicious patterns ■ Establishing dollar limits that require manual intervention to exceed a preset limit. Importantly, the methods used will be those needed to assure your safety and security when conducting online financial business. It’s your credit union’s top priority!
Member Awareness: The First Line of Defense Of course, understanding the risks and knowing how fraudsters might trick you is a critical step in protecting yourself online. Here are some threats to watch for: Phishing: lures you to a fake website (one that looks like a trusted financial institution, for example) and tricks you into providing personal information, such as account numbers and passwords.