At a recent Cyber Security/Fraud event in Los Angeles, I learned new and valuable information from an FBI Supervisory Special Agent that I want to share with as many people as possible. To that end, I’m passing along what I learned with a few supplemental tips of my own.
The FBI agent provided interesting cyber crime statistics from IC3, the Internet Crime Complaint Center. The high Los Angeles numbers were surprising:
- More than $1 Billion in cyber-related loss from business email compromise in 60+ countries in 2013-2015 to date.
- About $132 million in cyber fraud between June 2014 and March 2015 in Los Angeles area of operations.
- $14.6 million loss per month in cyber fraud reported in Los Angeles. (In addition to unreported losses.)
The news report below (brought to my attention by one of my clients) illustrates how easily cyber fraud can impact an intelligent person who uses online banking. In the interview, a lawyer discusses how he discovered $289,000 was stolen from his bank account in February of 2015 after he clicked on an attachment that installed a virus onto his computer:
MOST IMPORTANT FBI TIP #1:
The FBI can stop a fraudulent wire transfer within 24 hours of a transfer being made therefore it is important to report it immediately after discovering it.
RELATED HAYLEY TIPS:
The San Diego lawyer in the video above did not get his money back because the bank was not guilty of negligence and the lawyer was unable to alert the FBI within the first 24 hours of the transfer being made because he did not know about it soon enough. To make sure this doesn’t happen to you:
- Set up alerts for online banking that include immediate notification of all wire transfer attempts.
- Check online banking accounts frequently. (As often as twice daily if you’ve had prior identity theft.)
- To urgently report a fraudulent wire transfer to the FBI, temporarily contact Supervisory Special Agent Sohn at FBI SSA Sohn for the quickest response. (The FBI is in the process of creating a specific email address for this and I will update this article with that information once I have it.)
FBI TIP #2:
Establish a working relationship with law enforcement BEFORE a breach.
RELATED HAYLEY TIPS:
Since time is of the essence, it’s helpful to connect in advance of a breach with someone who can expedite prompt assistance. I’m interested to know your ideas of ways to connect with law enforcement from others but below are some of the things that come to my mind:
- Attend Community Outreach Events put on by law enforcement
- Attend events with law enforcement participants that allow for networking
- Participate in the FBI’s Citizen Academy Program
- Attend Charity Events for law enforcement. (Black and White Ball)
FBI SSA Sohn reported that last year’s top exploits involved the iPhone and Mac 0S/2.
FBI TIP #3
- Use two-factor authentication as that prevents most hacks which are often done in conjunction with email access.
FBI TIP #4
- Use good passwords and hard to guess answers to security questions.
- Christopher Chaney, aka “Hollywood Hacker” was not a technical genius. He guessed answers to secret questions that were publicly known in order to access emails and naked photos which he then made public. For example, pets and spouses names were often used and those are easy to guess or to know from social media and the Internet.
FBI TIP #5
- Use the Gmail feature that allows you to check the last 10 places you logged in from to make sure all of the logins are yours.
RELATED HAYLEY TIPS:
- Find your Gmail last account activity when you’re signed into your account by looking at the bottom of any email or by scrolling to the bottom of the page. Click on “details.”
- Passwords are often the first line of defense – here is a list of additional password suggestions.
- I use antivirus software on my Android phone and on my Macbook Pro. The virus protection has caught and protected me from at least 3 different virus infections so far. Don’t use any device without antivirus protection!
FBI TIP #6
- Check seals on ATM and Gas pumps before using to avoid skimmers that compromise your cards.
- Since getting the tip above, I’ve been paying close attention at the ATM and the gas pump and it’s been a frustrating experience because of the inconsistencies between each gas station and each bank. I always see evidence of a seal at the gas stations I go to, but I haven’t found obvious uses of seals at the ATM. Next time I go to my bank I’ll talk to them about this and in the meantime, I won’t pump gas from a pump without an intact seal! Please also note that since skimmers come in different shapes, forms and sizes and since they can be placed inside the panel or on the outside too, intact seals are not a 100% guarantee of security. See seal-related images below:
- Always cover your hand as you enter your PIN in case a camera has been strategically placed to see your PIN number. You can use your other hand or another object or piece of paper.
I began to use the tips I learned from FBI SSA Sohn immediately. When I get gas, I look for security seals at the gas pump and do not purchase gas at that location if I have any doubts. I added two-factor authentication on my email accounts the same day Agent Sohn explained the value of it and I feel better knowing that a wire transfer can be stopped in it’s tracks if the FBI intervenes promptly. I hope this information will prove as useful to you as it is to me.
Until next time,… Stay Cyber Safe.