3 minute read
Bank industry uncertainty raises cybersecurity risk
In light of the failures and strains in the bank industry, organizations should be alert for cybercriminals looking to exploit this uncertainty to commit criminal activities.
Watch for social engineering and phishing attacks
An organization’s most valuable assets are at risk: data and reputation. The criminals want the data and will try to damage reputations to get it.
The most successful method of attack continues to be social engineering. Phishing attacks often provoke emotional responses, which may cause the target to not think critically.
Uncertainty around financial markets could lead reasonable individuals to click a link in an email that says their bank is closing or their account has a zero balance. These links could lead to a spoofed website where they may be asked to enter usernames, passwords or to download a malicious file. These files may contain malware that could setup a backdoor from the target’s computer where the cybercriminal could run commands remotely.
Be on the lookout for suspicious phone calls
These criminals also may call a financial institution pretending to be a representative from a government regulator requesting sensitive or private information or try to get the target to break other security protocols. In this attempt, the attacker could then use this information, or unauthorized access, to perpetrate a deeper attack.
Cybercriminals also may email or call a customer pretending to be a representative from the financial institution informing them of a branch shutdown and demanding sensitive or private information.
In times of high stress, cybercriminals will leverage news platforms, social media applications, email and business websites to identify targets and develop new and uncommon attack methods.
Take steps to help protect your organization from cyber threats
To counter the risks of social engineering, consider these steps:
• Actively train employees and customers to identify email phishing, fictitious phone calls, and malicious websites.
• Continue to strengthen technical controls, including preventing malicious emails from reaching an employee’s inbox, blocking newly registered domains, removing malicious file types like executables (.exe) and inserting banners that warn to be cautious of emails from senders outside the organization.
• Have the information technology department adopt hardening standards on networks, business applications, servers and end points and remediate vulnerabilities with regular scanning and patching.
• Cultivate a proactive cybersecurity culture by leveraging intelligence platforms, regulatory guidance, and peer networks to maintain a mature, informed, and prepared security posture.
Remember, the cybersecurity risks of tomorrow will not be limited to highprofile bank closures.
Cyber threats will continue to test the mettle of organizations across all industries. You’ll need constant vigilance from management, layered security controls, informed customers, and savvy employees to help protect assets and preserve the organization’s reputation.
How we can help
Protecting your critical assets from cybersecurity threats is not getting easier. CLA has experienced industry specialized teams, supporting various organizations not only to evaluate controls but also assist with handling cyber incident responses and important technical infrastructure to protect the perimeters of the organization.
CliftonLarsonAllen Global is an international organization of independent accounting and advisory firms. Contact CLA Fort Myers at (239) 226-9900 and CLA Naples at (239) 262-8686
How you can significantly reduce risk
Moving to a new home can be an exciting but stressful time in anyone’s life. Whether you’re planning a permanent move or not, a change of scenery opens the door to new possibilities and lifestyle changes. Amidst the chaos of packing boxes and coordinating logistics, there’s one essential task that should be at the top of your priority list: filing a change of address form with the United States Postal Service.
Even if you’re not planning on moving soon, creating an online account with USPS offers a range of benefits when it comes to keeping your mail safe from the hands of criminals. In this email, we’ll explain how taking a few minutes out of your day to set up an account with USPS can significantly reduce the risk of identity theft and fraud, providing peace of mind for both movers and non-movers alike.
Filing a Change of Address Form
If you are moving soon, or if you move seasonally, we recommend filing a change of address form with USPS whenever you do so.
As you may know if you’ve moved before, it’s crucial to inform financial and government institutions about your new address. Although doing this is necessary for you to obtain identifying documents like your driver’s license and an up-to-date billing address, it doesn’t always result in a smooth transition for your mail.
Failing to notify USPS of your new address means you’re relying on these institutions to report the details of the move for you. This can result in mail being held for months at a time until the post office receives all the necessary information about the move, and in worst case scenar-