Safety & Fraud Prevention
Don’t let your cloud storage security float away.
Wired® Magazine offers 9 tips for keeping your cloud storage safe & secure:
- Use Strong Passwords and Two-Factor Authentication
Activate two-factor authentication (2FA) and choose long and unique passwords that are difficult to guess, use a password manager and be wary of any attempts to get you to part with them (in an unexpected email, for example).
- Audit Your File and Folder Shares
Be careful who you share files and folders with, and add passwords and expiry dates to your shares, if these features are available, and run a regular audit of all the shares that are currently active on your account.
- Clear Out Your ‘Deleted’ Files
While many cloud storage services run a recycle bin of sorts, keeping deleted files around for a few days or weeks just in case you want them back, you might want to make sure certain sensitive files are completely obliterated and no longer able to be recovered.
- Check Your Connected Apps and Accounts
Even if hackers can’t get into your accounts through the front door, they might try and gain access through a side window—in other words, through another account that’s connected to your cloud storage. Make sure you’re regularly checking which third-party applications have access to your cloud storage and remove any that you’re not actively using (you can always add them again if you need to).
- Turn on Account Alerts
Most cloud storage services will be able to send you alerts about significant account events, such as new sign-ins, and it’s important to make sure these are switched on. You might also be able to subscribe to alerts about activity inside your accounts, such as new shares that have been created, or files and folders that have been removed.
- Deactivate Old Devices That Still Have Access
Most cloud storage services let you sync files from multiple devices, so if you upgrade your phone or switch jobs and use a new laptop, it’s important that you properly disconnect and deactivate the old ones
- Enable Account Recovery Options
Your cloud storage account is only as secure as the weakest link attached to it, which means you need to keep the account recovery options as well protected as your login credentials.
- Sign Out When You’re Not Using Your Accounts
It’s important that you sign out to stop anyone else gaining access to your files—especially if you’re on a computer that’s shared with other people (such as the rest of your household).
- Protect Your Devices, Too
Physical security is important too. Keep the phones, laptops, and other devices where you use your cloud storage accounts guarded against unauthorized access.
For more information visit: 9 Tips to Keep Your Cloud Storage Safe and Secure | WIRED®
‘Tis The Season to Watch Out for Swindlers!
Don’t let swindlers snatch away your holiday joy. AARP® shares 4 common holiday season scams to watch for:
- Charity scams: Network for Good, a leading charitable fundraising organization, reports that 1/3 of all charitable giving is done in December. Scammers set up sham charities to exploit the ‘season of giving’ via fake websites and pushy telemarketers so be sure to use caution when you receive donation requests.
- Delivery scams: As holiday packages crisscross the country, scammers send out phishing emails disguised as UPS, FedEx or U.S. Postal Service notifications of incoming or missed deliveries. Links lead to phony sign-in pages asking for personal information, or to sites infested with malware.
- Travel scams: According to a recent survey, 27% of Americans plan to travel during the holidays in 2021. Spoof booking sites and incredible email offers proliferate. When travel deals look too good to be true, they probably are.
- Letter from Santa scams: A custom letter from jolly old St. Nick makes a holiday treat for the little ones on your list, and many legitimate businesses offer them. But so do many scammers looking to scavenge personal information about you or, worse, your kids or grandkids, who may not learn until many years later that their identity was stolen and their credit compromised.
For more information visit: How to Protect Yourself From Holiday Scams (aarp.org)
Score a Secure Credit Report
Here are some Better Business Bureau recommendations published in USA Today that can help you avoid getting caught up in ‘Free Credit Score’ phishing scams:
- Always check the domain name.
Government agencies usually communicate through the mail, not text or email. (One common scam involves a fake email claiming to be from the Internal Revenue Service and requesting information.)
- Use the official free credit report website, AnnualCreditReport.com.
The only free credit report service BBB recommends is https://www.annualcreditreport.com/. The government requires that consumers have access to their credit report once every 12 months from each of the three credit bureaus: Equifax, Experian and TransUnion.
- Avoid links and attachments.
If you receive any unsolicited attachments or links, the BBB recommends avoiding them. If you want to log into your bank, for example, type in the url directly on your browser instead of clicking on any embedded hyperlink, which could take you to an impostor site.
- Don’t provide your credit card.
If a credit score site does require your credit card information before sharing your credit score, it could be a sign that it plans to charge you or enroll you in a monthly service.
- Skip sites that are not secure.
The BBB also recommends never entering your personal information, including your Social Security number, address or banking information, on websites that are unfamiliar or non-secure. The url should include “https” in it. If you are ever suspicious , turn to a more traditional mode of communication – the telephone – to check on it. But don’t call the numbers included in emails, which could be fake.
- Password-protect your phone.
Your phone probably contains a lot of personal data, which is why you should password-protect it, just in case you lose it. You wouldn’t want a stranger having access to all your emails and accounts.
You can report suspected scams at: Report Scams and Frauds | USAGov and BBB Scam Tracker℠ | Find and Report a Scam | Better Business Bureau
Download these mobile device security tips.
The Cybersecurity & Infrastructure Security Agency (CISA) has some helpful guidance on how to improve mobile device and app security and reduce exposure to fraud: Privacy and Mobile Device Apps | CISA
What are the risks associated with mobile device apps?
Applications (apps) on your smartphone or other mobile devices can be convenient tools to access the news, get directions, pick up a ride share, or play games. But these tools can also put your privacy at risk. When you download an app, it may ask for permission to access personal information—such as email contacts, calendar inputs, call logs, and location data—from your device. Apps may gather this information for legitimate purposes—for example, a ride-share app will need your location data in order to pick you up. However, you should be aware that app developers will have access to this information and may share it with third parties, such as companies who develop targeted ads based on your location and interests.
How can you avoid malicious apps and limit the information apps collect about you?
Before installing an app
- Avoid potentially harmful apps (PHAs). Reduce the risk of downloading PHAs by limiting your download sources to official app stores, such as your device’s manufacturer or operating system app store. Do not download from unknown sources or install untrusted enterprise certificates. Additionally—because malicious apps have been known to slip through the security of even reputable app stores—always read the reviews and research the developer before downloading and installing an app.
On already installed apps
- Review app permissions. Review the permissions each app has. Ensure your installed apps only have access to the information they need, and remove unnecessary permissions from each app. Consider removing apps with excessive permissions. Pay special attention to apps that have access to your contact list, camera, storage, location, and microphone.
- Limit location permissions. Some apps have access to the mobile device’s location services and thus have access to the user’s approximate physical location. For apps that require access to location data to function, consider limiting this access to when the app is in use only.
- Keep app software up to date. Apps with out-of-date software may be at risk of exploitation of known vulnerabilities. Protect your mobile device from malware by installing app updates as they are released.
- Delete apps you do not need. To avoid unnecessary data collection, uninstall apps you no longer use.
- Be cautious with signing into apps with social network accounts. Some apps are integrated with social network sites—in these cases, the app can collect information from your social network account and vice versa. Ensure you are comfortable with this type of information sharing before you sign into an app via your social network account. Alternatively, use your email address and a unique password to sign in.
What additional steps can you take to secure data on your mobile devices?
- Limit activities on public Wi-Fi networks. Public Wi-Fi networks at places such as airports and coffee shops present an opportunity for attackers to intercept sensitive information. When using a public or unsecured wireless connection, avoid using apps and websites that require personal information, e.g., a username and password. Additionally, turn off the Bluetooth setting on your devices when not in use. (See Cybersecurity for Electronic Devices.)
- Be cautious when charging. Avoid connecting your smartphone to any computer or charging station that you do not control, such as a charging station at an airport terminal or a shared computer at a library. Connecting a mobile device to a computer using a USB cable can allow software running on that computer to interact with the phone in ways you may not anticipate. For example, a malicious computer could gain access to your sensitive data or install new software. (See Holiday Traveling with Personal Internet-Enabled Devices.)
- Protect your device from theft. Having physical access to a device makes it easier for an attacker to extract or corrupt information. Do not leave your device unattended in public or in easily accessible areas.
- Protect your data if your device is stolen. Ensure your device requires a password or biometric identifier to access it, so if is stolen, thieves will have limited access to its data. (See Choosing and Protecting Passwords.) If your device is stolen, immediately contact your service provider to protect your data. (See the Federal Communications Commission’s Consumer Guide: Protect Your Smart Device.)
Watch out for ‘card sharks’!
Credit card fraud is a widespread problem. It’s hard to stop it altogether but the Federal Trade Commission has some tips to make it tougher for someone to get hold of your cards and card numbers.
Visit the links below to read more about credit card fraud:
Study Up on School Safety
From the National Safety Council
Back-to-school season is a hectic time for families. The National Safety Council shares a checklist with transportation and school environment tips that will help keep students safe and healthy throughout the school year.
Whether children walk, ride their bicycle or take the bus to school, it is extremely important that they take proper safety precautions. Here are some tips to make sure your child safely travels to school:
Walking to school
- Review your family’s walking safety rules and practice walking to school with your child
- Walk on the sidewalk, if one is available; when on a street with no sidewalk, walk facing the traffic
- Before you cross the street, stop and look left, right and left again to see if cars are coming
- Make eye contact with drivers before crossing and always cross streets at crosswalks or intersections
- Stay alert and avoid distracted walking
Riding a bicycle to school
- Teach your child the rules of the road and practice riding the bike route to school with your child
- Ride on the right side of the road, with traffic, and in single file
- Come to a complete stop before crossing the street; walk bikes across the street
- Stay alert and avoid distracted riding
- Make sure your child always wears a properly fitted helmet and bright clothing
Riding the bus to school
- Teach your children school bus safety rules and practice with them
- Go to the bus stop with your child to teach them the proper way to get on and off the bus
- Teach your children to stand six feet (or 3 giant steps) away from the curb
- If your child must cross the street in front of the bus, teach him or her to walk on the side of the road until they are 10 feet ahead of the bus; your child and the bus driver should always be able to see each other
Driving your child to school
- Stay alert and avoid distracted driving
- Obey school zone speed limits and follow your school’s drop-off procedure
- Make eye contact with children who are crossing the street
Many school-related injuries are completely preventable. Follow these steps to ensure your child’s safety at school:
Preventing backpack-related injuries
- Choose a backpack for your child carefully; it should have ergonomically designed features to enhance safety and comfort
- Ask your child to use both straps when wearing their backpack to evenly distribute the weight on their shoulders
- Don’t overstuff a backpack; it should weigh no more than 5 to 10 percent of your child’s body weight
- Rolling backpacks should be used cautiously since they can create a trip hazard in crowded school hallways
Preventing playground-related injuries
- To reduce strangulation hazards on playgrounds, have your child leave necklaces and jackets with drawstrings at home
Checklist provided by The National Safety Council:
How to Protect Yourself & Others from Elder Fraud
From the Kansas Department of Children and Families
- Don’t sign blank checks allowing another person to fill in the amount.
- Don’t leave money or valuables in plain view.
- Be aware of scams (either by phone or through the mail).
- If it sounds too good to be true, it probably is.
- Don’t give strangers access to your bank accounts.
- Check your financial statements frequently and carefully for unauthorized withdrawals. Notify the bank immediately if there are any discrepancies on your financial statements.
- Don’t sign any document you have not completely read or fully understand.
- Don’t be pressured by family members, friends, caregivers, or anyone else to do anything you don’t want to do.
- Don’t sign over property deeds, titles, etc., without legal review.
For more tips and resources from KS-DCF, visit: APS Financial Exploitation Trifold (ks.gov)
In addition, The Consumer Financial Protection Bureau provides a free Money Smart Resource Guide for Older Adults:
SPREAD THE NEWS, STOP THE SCAMS
May is Older Americans Month and a great time to help the people you care about learn how to avoid fraud. Share free materials from the FTC that alert people to scammers’ schemes. Learn more at: Share FTC materials here, there, and everywhere | FTC Consumer Information
5 Ways to Add Muscle to Email Security
These tips from Cybersecurity and Infrastructure Security Agency (CISA) can help you build stronger email security and reduce email spam and scams.
- Be wary of unsolicited attachments, even from people you know. Just because an email message looks like it came from someone you know does not mean that it did. Many viruses can “spoof” the return address, making it look like the message came from someone else. If you can, check with the person who supposedly sent the message to make sure it’s legitimate before opening any attachments. This includes email messages that appear to be from your Internet service provider (ISP) or software vendor and claim to include patches or anti-virus software. ISPs and software vendors do not send patches or software in email.
- Keep software up to date. Install software patches so that attackers can’t take advantage of known problems or vulnerabilities . Many operating systems offer automatic updates. If this option is available, you should enable it. (See Understanding Patches and Software Updates for more information)
- Trust your instincts. If an email or email attachment seems suspicious, don’t open it, even if your anti-virus software indicates that the message is clean. Attackers are constantly releasing new viruses, and the anti-virus software might not have the signature. At the very least, contact the person who supposedly sent the message to make sure it’s legitimate before you open the attachment. However, especially in the case of forwards, even messages sent by a legitimate sender might contain a virus. If something about the email or the attachment makes you uncomfortable, there may be a good reason. Don’t let your curiosity put your computer at risk.
- Save and scan any attachments before opening them. If you have to open an attachment before you can verify the source, take the following steps:
- Be sure the signatures in your anti-virus software are up to date.
- Save the file to your computer or a disk.
- Manually scan the file using your anti-virus software.
- If the file is clean and doesn’t seem suspicious, go ahead and open it.
- Turn off the option to automatically download attachments. To simplify the process of reading email, many email programs offer the feature to automatically download attachments. Check your settings to see if your software offers the option, and make sure to disable it.
Additional tips and other resources are available at: Using Caution with Email Attachments | CISA
Don’t Let a Scam Artist Do a (PIN) Number on You.
Here are tips to prevent Personal Identification Number Scams
Taking a few simple steps can help keep scam artists from using your ATM, phone or other login PINs (Personal Identification Numbers) and accessing your money or other personal information. Remember to NEVER write a PIN down where others may see it (on the card, on a paper kept in your wallet, or on a paper in general) and try to make the numbers easy for you to remember and difficult for others to guess. Avoid variations on your (or a family member’s) birthdate, sequential numbers, any part of your social security number, address, or phone number.
Other tips include:
- Stand between the ATM keypad and the person around you so that they don’t see you in-putting your PIN.
- Guard your PIN as you enter it in the machine.
- If the ATM does not appear to be working correctly, contact bank staff. Don’t let a stranger assist you.
- Do not give your ATM PIN to someone else to run a quick errand for you. You give out your ATM PIN, you’ve just given access to your bank account.
- Do not leave your ATM card unattended.
- Use an ATM with adequate lighting.
- Never give out your PIN over the phone.
- Use the Word Method for PIN selection. Convert the digits of a word to the keys on the telephone. For example, if your word is DOGS, the equivalent from the keypad on your phone would be 3647.
- As soon as you’ve completed a Drive-Thru ATM transaction, get your receipt, roll up your windows and pull away from the machine. Do not sit in the area counting money or using your cell phone.
Report Identity Theft to the Federal Trade Commission (FTC) online at IdentityTheft.gov or by phone at 1-877-438-4338
Need to reach us? Please contact us at the number below and our team will gladly assist you. If you would like to open an account or speak to a personal banker visit us at any of our locations located in the Greater Kansas City Metro Area.