Being Proactive and Staying Vigilant is Key to Online Safety
Cyber criminals are constantly looking for nefarious ways to steal your data and commit fraud.
It takes a concerted effort by both consumers and service providers to ensure a safe environment for online activity and transactions.
Since fraudulent attacks are becoming quite sophisticated, it’s important to understand the three most commonly used methods by attackers: smishing, vishing and phishing.
Smishing – is where an attacker sends a text message to a mobile phone, prompting the recipient to click a link or call a telephone number for more information. If the link is clicked, the user downloads malicious software to their phone.
Vishing – takes place when an attacker uses the telephone to gain access to sensitive information (credit card numbers, employee IDs, etc.) from the public for financial gain. The criminal usually poses as someone they are not, such as another employee or technical support person.
Phishing – comes in the form of a fraudulent email that encourages recipients to click on a link and provide personal data, such as bank information, social security numbers, account numbers, passwords, etc. Often the subject lines are designed to entice the receiver with an interesting headline, timely topic or an “urgent” request.
Investing in Cyber Crime Prevention to Stay One Step Ahead
Cyber crime attacks come in many forms, from spam emails asking for money to sophisticated efforts requesting your password to stealing your credit card information at a retail point-of-sale. Fortunately, there is an equally concerted effort on the part of individuals, governments and businesses, including those in the financial services industry, to stay ahead of cyber criminals.
PNC Bank has invested heavily in the resources, technology and talent needed to protect our clients and mitigate cyber crime risks. These efforts ensure clients they can depend on having access to safe, secure online banking facilities.
Consumers also play a critical role in maintaining a strong defense against cyber criminals. There are several precautions that you can take to protect yourself and your assets and create a safe online environment.
Follow These Guidelines to Minimize the Risk of Cyber Crime and Identity Theft
Follow Password and Passphrase Best Practices
Passwords are a key point of entry to your online accounts, so choosing one shouldn’t be a simple afterthought. Strong passwords must be difficult to guess and should be changed every few months. The longer the password, the stronger it is. Aim fora minimum of eight characters, using a combination of upper- and lowercase letters, numbers and symbols. Using key life milestones like birthdays or anniversaries is easy for a hacker to figure out, as are favorite sports teams, your children’s names, etc.
Where you have the option, enable multi-factor authentication. This adds another layer of security besides just using your password. It may be a one-time use code sent to your phone, fingerprint or facial recognition, or a security question that must be answered. For example, PNC Bank users who log into their online banking from a different computer than usual will automatically be asked a security question. Make sure that your security questions do not have answers that can be easily found online.
Don’t use the same password for all your online accounts. If your password is stolen for one account, it puts all the others at risk, as well. Passwords for your most sensitive information, such as your PNC Bank online account, should be unique to each account. Instead of a password, consider using a passphrase. Passphrases are longer than passwords and with its added length, it can help increase the complexity making it more difficult to crack.
Keep Your Devices Secure
All of your web-enabled devices should be secured with a password and the latest security software. Web browsers and operating systems should always be updated with the latest versions as these contain the most up-to-date security features. Cyber crime tactics are constantly evolving and your defenses must do the same.
Don’t compromise your device’s security. Altering your device’s operating system can make it easier for criminals to access. For this reason, you should never “jailbreak” or “root” your phone or other devices.
Never leave your devices unattended. Device security also means keeping physical control of your devices and limiting access to them by others. If you’re browsing on your laptop at the coffee shop and need to use the restroom, take your computer with you. If you’re staying at a hotel and going out for the evening, put devices you don’t bring with you in the hotel room’s safe.
Learn to Identify Fraudulent Emails or Texts from Phishing, Smishing and Vishing
Often the easiest way for a cybercriminal to steal your information is to trick you into sharing it with them. Huge volumes of fraudulent emails, text messages and phone calls are sent daily in the hope that at least a few of them will reach a cooperative, unsuspecting target. These fraudulent communications will often look official and will appear to have come from a trusted source. However, there are warning signs to watch out for that can indicate if a message is a scam.
Do you know the person who sent you the message? The source of an email or text message can easily be forged, making it seem that a request is coming from someone you know and trust. If something seems off or if the sender is asking for money or personal information, contact them directly (and through a different channel than the original message) to confirm the message came from them.
Does the message create a sense of urgency? Criminals will often try to rush you into making an unwise decision. An example of such a message may read, “confirm your login details in the next 24 hours using the link below or your account will be suspended.” Always take the time necessary to think through your response to a message and confirm the legitimacy of such a request through an official channel.
Does the offer seem too good to be true? If it does, it probably is. Treat any messages announcing you’ve won money, a prize or the opportunity to purchase an item at a significant discount as suspicious.
Does the message ask you to click on a link or open an attachment? Be particularly wary of emails from people or organizations you don’t know urging you to click on a link or open an attachment. Doing so can lead to malware being installed on your device. Proceed with caution. It’s prudent to remain aware and vigilant. If you receive a call and it just doesn’t feel right, trust your instincts. Hang up and call the customer service line direct from their official company website. Call this known number to confirm the caller’s identity, purpose and/or other credentials.
It’s prudent to remain aware and vigilant. If you receive a call and it just doesn’t feel right, trust your instincts. Hang up and call the customer service line direct from their official company website.
Call this known number to confirm the caller’s identity, purpose and/or other credentials.
Keep Your PNC Banking Information Safe
PNC will never ask you to submit personal details or account information via an email or text message. If you suspect that you have received a fraudulent email or text that appears to be from PNC, forward the message to abuse@pnc.com. If you responded to a suspected fraudulent message or shared personal information, use another computer or device to immediately change your password. Then contact PNC’s online banking team at 1-800-762-2035, option 3.
Be Careful What You Download or Send
Tricking you into installing malware on your device is a common cyber crime strategy and can allow criminals to steal your data or take control of your device.
Only install apps and software from reputable providers and platforms. Stick to the likes of Apple’s App Store, Google Play, Windows Store and Amazon. Be wary of less well-known suppliers offering free apps—they could be designed to bypass or compromise your device’s security and steal your data.
Be wary of unsecured websites. Sending personal information on unsecured sites can see it end up in the wrong hands. Make sure the website’s address starts with HTTPS (the ‘S’ stands for ‘Secure’) if you are going to send or access any personal information.
Think About What You Share Online
Social media sites such as Facebook, Twitter, LinkedIn and Instagram are designed to encourage sharing, but you must be careful about what you share and with whom.
Consider setting up closed groups to share certain information. Not everyone should know your travel plans for this summer’s family reunion.
Make sure you connect and share only with people whom you know. Don’t accept invitations or friend requests from strangers. Avoid posting personal details like your address, emails, phone numbers, account numbers or any financial details. All of this information can potentially be used to access your accounts or steal your data.
Offline Security Matters, Too
It’s important to know that many cyber criminals start their search for your data offline. Stealing mail or gaining access to printed bank or credit card statements are just two of the many ways of gathering valuable data. Switching to online bank statements will help to minimize this risk and keep your information safe on PNC Bank’s secure website.
Wipe your old devices. Another important consideration is what you do with old devices, such as phones, tablets, computers, etc. All devices should be “wiped clean” before you throw out, sell or trade them in, otherwise, they become a treasure trove of personal information.
Wiping your device involves removing all of your personal data and history, including pictures, contacts, messages and files. The steps for removing your data will depend on the type of device you have, but generally involve going into the device’s settings and returning to the original factory settings. An online search should provide you with detailed instructions on how to wipe your device.
Be Vigilant for Fraud and Identity Theft
It’s not enough to simply implement the advice provided here. You need to be constantly monitoring your assets and finances to ensure cyber criminals haven’t made it past your defenses.
Check your bills. Cyber crime can often be difficult to detect, so it is important to remain vigilant. Always review your bills, particularly for your credit cards, to make sure you aren’t being billed for purchases made by someone who has stolen your card details. Also look at other regular bills—internet, utilities, subscriptions and memberships—to make sure there have been no unauthorized changes to your billing.
Regularly review your credit report. You can place a fraud alert on your report so that lenders must contact you for authorization for any new credit requests. Activating a security freeze is also an option if you suspect fraud has occurred. This blocks all attempts to view your credit history until the issue is resolved.
When Identity Thieves Strike, Act Fast to Minimize the Damage
Identity thieves know they usually have a limited window of opportunity to use your stolen data before you realize what has happened and the accounts are secured with new passwords. Acting quickly when you suspect you are the victim of identity theft can help to limit the damage.
Get in touch with PNC. Your first step should always be to contact your PNC Private Bank® team to report any identity theft. They will help you secure your accounts, reset passwords and identify any potentially fraudulent payments. It is important to keep a record of all your conversations and correspondence.
To act fast, be prepared. The U.S. government also has several resources to help you deal with identity theft. Visit their www.idtheft.gov website to find out more about creating a comprehensive plan to recover from identity theft.
Taking Action and Staying Vigilant Can Keep You Safe Online
The first step in protecting yourself online is to recognize threats and that you are a potential target.
The next step is to follow through on the tips and guidelines in this article.Set up your defenses, then continue to monitor for new dangers and potential security breaches.
Finally, be prepared to act if you think your data has been compromised.