Cyber Security

When it comes to cyber security, Regents Bank is committed to offering you ongoing education and information on cyber crime to help you take the necessary steps to protect your financial assets.

Current Alerts
  • DocuSign breach - DocuSign, a major provider of electronic signature technology, has reported a series of recent malware phishing attacks targeting its customers and users as the result of a data breach of one of its computer systems. While the data stolen was limited to customer and user email addresses, it allows attackers to target users who may already be expecting to click on links in emails from DocuSign. A malicious email campaign with the subject line “Completed: docusign.com – Wire Transfer Instructions for recipient-name Document Ready for Signature,” contains a link to a downloadable Microsoft Word document that harbors malware.

    DocuSign cautions that if you have reason to expect a DocuSign document via email, don't respond to an email that looks like it's from DocuSign by clicking a link in the message. When in doubt, access your documents directly by visiting docusign.com and entering the unique security code included at the bottom of every legitimate DocuSign email. DocuSign says it will never ask recipients to open a PDF, Office document or ZIP file in an email.
     
  • Uniwix ransomware - Uniwix ransomware is here and, according to heimdalsecurity.com, it can be worse than WannaCry. Uniwix poses an even bigger threat than WannaCry ransomware because it does not include a "kill switch" domain, which, when blocked, can contain its distribution. Learn more about the risks in this pdf article from heimdalsecurity.com.
     
  • "WannaCry" ransomware - The WannaCry malware exploits a known vulnerability in Microsoft Windows operating systems. Microsoft released a critical patch in March 2017 (Microsoft MS Bulletin 17-010) to help counteract this vulnerability. If you have a computer that is not yet updated with the Mircosoft patch, isolate it so that it cannot infect your network. We recommend that you:
    • Install critical patches in a timely fashion to minimize the risk that your computers are compromised by such exploits. This includes updates for both operating systems (Windows, Apple IOS, etc.) and applications (MS Office, Adobe Acrobat, etc.)
    • Make sure your computers have adequate anti-malware and anti-virus protection.
    • Exercise caution when receiving emails that contain links or attachments. If you have any doubt about the authenticity of an email or a sender, verify it is legitimate before opening.
    • Never click on a link that you do not trust on a web page, Facebook or messaging application.
    • Keep your files backed up regularly.
Schemes, Scams and Frauds

BUSINESS EMAIL COMPROMISE (BEC) OR CEO EMAIL fraud schemes are an increasingly common and costly form of cybercrime. According to the FBI, thieves stole nearly $2.3 billion in such scams from more than 17,000 companies in the U.S. between October 2013 and January 2016. CEO fraud usually begins with the thieves either phishing an executive and gaining access to that individual’s inbox, or emailing employees from a look-alike domain name. In these cases, the fraudsters will forge the sender’s email address displayed to the recipient, so that the email appears to be coming from legitimate business. In all cases, the “reply-to” address is the spoofed domain, ensuring that any replies are sent to the fraudster.

RANSOMWARE is a type of fraud where malware restricts access to the infected computer/network and demands that the operators pay some sort of ransom to regain control of their network.

PHISHING is the criminal attempt to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.  Phishing is typically carried out by email, directing users to enter personal details at a fake website whose look and feel are almost identical to a legitimate one, such as their bank. Financial institutions will never send an email asking for personal information. 

SPEAR PHISHING is a variation of phishing.  With phishing, criminals might send a single, mass e-mail to thousands of people.  Spear phishing attacks are customized and sent to a single person at a time. The spear phishing email usually contains personal information such as your name or some disarming fact about your employment.  A spear phishing email usually includes a link leading to a fake website that requests personal information.  The phony email may contain a downloadable file that contains malware.  Nearly all spear phishing complaints that have been investigated have come from corporate employees.  If you receive a suspicious email, go directly to  your company’s IT department.

VISHING is the name for phishing attacks using the telephone.  The term is a combination of voice and phishing, and is typically used to steal credit card numbers, bank account numbers and passwords.  You might receive a phone call advising you that your credit card has been used illegally, and to call a certain number to “verify” your account number.  Do not provide information and contact your bank or credit card company directly to verify the validity of the message.

SMISHING is yet another variation of phishing, the name a combination of SMS (Short Message Service, the technology used in text messaging) and phishing.  In this scam, the fraudster uses cell phone text messages to lure you to a website or perhaps to use a phone number that connects to an automated voice response system.  No legitimate business would contact you by text message with a request of this nature.

CORPORATE ACCOUNT TAKEOVER is a method by which cyber thieves gain control of a business's bank account by stealing the business's valid online banking credentials. The most prevalent method involves malware that infects a business's computer workstations and laptops (See Best Practices for tips on protecting your computers and networks). The malware installs keylogging software on the computer which allos the perpetrator to capture a user's credentials as they are entere at the financial institution's website. Once the cyber thieves have access to the business's online banking they can initiate funds transfers by ACH or wire transfer,to the bank accounts of associates with the U.S. These accounts may be newly opened by accomplices or unwitting "money mules" for the express purpose of receiving and laundering these funds. The accompliices or mules withdraw the entrie balances shortly after receiving the money, and then send the funds overseas via over-the-counter wire transfer or other comon money transfer services.

Cyber Crime News

Resources