Cyber Security – FBI Care Cyber Law Knowledge Base https://fbicare.com Cyber Law Knowledge Base Mon, 29 Jan 2018 09:48:00 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.1 Protect yourself against cyber attacks https://fbicare.com/protect-cyber-attacks/ Tue, 30 Jan 2018 09:30:23 +0000 https://fbicare.com/?p=1430

A cyber-attack is an attempt by an individual or group to obtain unauthorized access to a computer network or system. It may be executed for financial gain, to obtain data, or to damage the reputation of an individual or entity. Cyber-attacks are a growing concern in the financial services sector. In 2015, 8.5 million Canadian consumers were affected by cybercrime (Norton Cyber Security Insights Report 2016)

 

The financial services industry is shifting toward online products that make it easier for people to do business. But portals, online applications and mobile apps increase the ways in which cyber-attacks can occur against consumers.
FSCO’s regulated sectors, such as insurance providers, mortgage brokerages and pension plans, have a responsibility to protect information and provide a safe online environment for consumers. This includes implementing policies and processes that help prevent cybercrime and lay out the steps to take if a cyber-attack takes place.
However, criminals are finding new ways to steal confidential information even from those who are diligent in protecting their online profile. If you deal with any financial service organization online, it is important to be aware of the risks involved and the steps you can take to protect yourself.

What do cyber-attacks look like?

Some cyber-attacks may seem obvious to you, such as suspicious emails, but others can be hard to detect. Some of the most common ways criminals try to steal your information include:

Hacking: cyber criminals gain access to your device or an organization’s information technology systems to steal your information
Malware: viruses, spyware or adware are placed on your device to steal your information
Pharming: cyber criminals redirect an organization’s legitimate website to a similar-looking website that captures the information you enter
Phishing: fake emails, text messages and websites asking for your information, such as your social insurance number (SIN)
Spam: mass distribution of unwanted messages to you or from you to your contact list
Wi-Fi Eavesdropping: captures your online activity over an unsecure Wi-Fi network

How can you reduce the risks of a cyber-attack?

Practicing regular reviews of your online profile can reduce your exposure to cyber-attacks. Simple steps you can take – such as using strong passwords, changing passwords regularly for each of your devices and services, and updating software to the latest version – may address up to 80 per cent of the risk of compromises due to cyber-attacks (Insurance Institute, 2015). Other things you can do include:

 

  • Start a discussion with your financial service providers so you understand how your information is kept safe.
  • Avoid using public Wi-Fi when dealing with financial service providers and opt for an encrypted or secure connection. Turn off Wi-Fi and Bluetooth settings when you are not using them.
  • If you receive an email from a financial service provider asking for information, give them a call (on a number not given in the email) to confirm it is legitimate. When in doubt, delete it.
  • Use safe payment options, such as credit cards, when making purchases online. Avoid using money transfers – this is not a common practice in the financial services industry.
  • Find other tips and resources on Public Safety Canada’s website – Get Cyber Safe
]]>
Security Tips- Types of spam filters https://fbicare.com/security-tips-types-of-spam-filters/ Thu, 18 Jan 2018 09:43:07 +0000 https://fbicare.com/?p=1234

Security Tips

Never reply to spam. Doing so only identifies your phone, email or IM account as active to the sender and guarantees you will get further unwanted messages. The most effective way to protect against email spam is to use a filtering system: some filters are available to purchase (such as Spamtitan) but there are also spam filters available as free online downloads (POPfile, Spamfence, Spamihilator). When dealing with content that does not offer filtering, such as forums and comment sections, you essentially have to rely on your own better judgment: anything that looks like marketing or advertising or generally out of place usually isn’t worth your attention.

Types of Spam Filters

    • List-based

      filters essentially categorize users as either trusted or not trusted and allow messages only from trusted users. You can use either blacklisting or whitelisting techniques to create your own lists: blacklisting means creating a list that specifies which users to decline mail from, while you can whitelist by creating a list that specifies which users to accept mail from.

    • Content-based

      filters, such as the filters used by most webmail services, evaluate individual messages to determine whether they are legitimate or spam rather than blocking all messages from a particular email address. This is done by evaluating the words and phrases in an individual message. A variety of content filters exist. The most basic are word filters which simply block any message containing certain, pre-specified words. Heuristic filters are a little more sophisticated and evaluate patterns of text and series of words. Bayesian content filters are the most advanced as they use mathematical probability to determine which messages are spam.

    • The most effective way to defend against mobile phone spam is to protect your email address. Avoid giving out your email address in a public forum or, if it is absolutely necessary to do so, write it in such a way that a person can read it but not a computer (for instance, write out the @ sign as “at” or the periods as “dot”). To prevent sales calls on your mobile phone the strategy is very much the same: never give out your mobile number if you do not have to.

    • If you are receiving marketing calls on your mobile phone, you can add your number to the Do Not Call Registry.Telemarketers are not allowed to call numbers on this list: the exceptions are charities registered in Canada, political parties, and general-circulation newspapers. As well, telemarketers can call you if you have an “existing business relationship” with them: this is defined as having bought, leased or rented something from the telemarketer, having a written contract with the telemarketer that is still in effect or has expired less than eighteen months ago, or having asked the telemarketer about a product or survey in the last six months.

    • Well known VoIP providers (such as Vonage or Skype) carry calls through their closed systems and they already implement a certain amount of protection against SPIT. Much the same as with email spam filters, whitelisting seems to work effectively against SPIT because you are creating a safe and closed calling list

]]>