Security Tips – Social Engineering
What is a social engineering attack?
In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. However, by asking questions, he or she may be able to piece together enough information to infiltrate an organization’s network. If an attacker is not able to gather enough information from one source, he or she may contact another source within the same organization and rely on the information from the first source to add to his or her credibility.
What is a phishing attack?
Phishing is a form of social engineering. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. For example, an attacker may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts.
Phishing attacks may also appear to come from other types of organizations, such as charities. Attackers often take advantage of current events and certain times of the year, such as:
- natural disasters (e.g., Hurricane Katrina, Indonesian tsunami)
- epidemics and health scares (e.g., H1N1)
- economic concerns (e.g., IRS scams)
- major political elections
- holidays
How do you avoid being a victim?
- Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
- Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person’s authority to have the information.
- Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email.
- Don’t send sensitive information over the internet before checking a website’s security. (See Protecting Your Privacy for more information.)
- Pay attention to the Uniform Resource Locator (URL) of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).
- If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group.
- Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic. (See Understanding Firewalls, Understanding Anti-Virus Software, and Reducing Spam for more information.)
- Take advantage of any anti-phishing features offered by your email client and web browser.
What do you do if you think you are a victim?
- If you believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity.
- If you believe your financial accounts may be compromised, contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account.
- Immediately change any passwords you might have revealed. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future.
- Watch for other signs of identity theft. (See Preventing and Responding to Identity Theft for more information.)
- Consider reporting the attack to the police, and file a report with the Federal Trade Commission.
To learn more, please visit https://www.us-cert.gov/ncas/tips
Source: Cybersecurity and Infrastructure Security Agency (CISA)
Danielle Hampton Accepts Commercial Loan Assistant Position
Poulsbo and Greater Puget Sound, WA – Liberty Bank is pleased to announce the promotion of Danielle Hampton to the role of Commercial Loan Assistant. She brings 22 years of lending experience to her position.
In her new role, she will be processing commercial, residential, and consumer loans. “I look forward to assisting our lenders and our new team leader with various tasks such as construction loan tracking, financial covenant tracking, and helping to grow our loan totals,” Danielle says.
Danielle has been with Liberty Bank since September 2008 when the bank was still raising capital to open its doors. She was previously in the loan operations department. She appreciates the small community bank atmosphere is at Liberty Bank. “I’m looking forward to putting faces to names in my new role,” Danielle says. “I’m familiar with our customers’ loan file, but now I will be able to greet them as they come into the bank and continue to assist them.”
Outside of work Danielle enjoys spending time with her family, gardening, and camping. “I am a huge fan of our local sports teams. Go Hawks!”
Kristi Sutton Retires From Liberty Bank
We are wishing Kristi Sutton a fulfilling retirement, may her new journey be filled with joy! Kristi has been with Liberty Bank since 2011 as a Relationship Associate and she brought over 23 years of banking expertise to her role. She supported the banking team and clients with loan processing and administration. Kristi also served in the North Kitsap community through her dedicated volunteer service and held a number of roles with Poulsbo-North Kitsap Rotary including Club Secretary.
Kristi will be missed here at Liberty Bank. We wish her the very best for her retirement.
Lisa Madland Joins Liberty Bank
Poulsbo and Greater Puget Sound, WA – Lisa Madland joined Liberty Bank in February 2019 as VP of Business Services. Lisa will be working on software development and adding to the technology services for Liberty Bank. “I’m excited to be a part of the coming growth for the company,” she says. Lisa has been in the banking profession for a number of decades, and she has spent most of her career at small community banks. Before joining Liberty Bank, Lisa was the VP of Operations at Salal Credit Union.
Liberty Bank’s commitment to building relationships, and as Lisa says, “providing the kind of service that goes above and beyond,” was a real draw for her. “It makes me happy to come in to work every day. I have always loved being a part of a community bank that offers more to their clients than just products.”
Outside of work, Lisa likes to read, travel, and scrapbook. “Love going on cruises,” Lisa says. “We [my husband and I] are big cruisers.”
Cyber Security
If you are a victim of fraud, please contact us at 360-779-4567.
Social Engineering Attack
Source: Dept. of Homeland Security
In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. However, by asking questions, he or she may be able to piece together enough information to infiltrate an organization’s network. If an attacker is not able to gather enough information from one source, he or she may contact another source within the same organization and rely on the information from the first source to add to his or her credibility. Read More
Cyber Security Awareness Basics
Source: fdic.gov
Consumers increasingly rely on computers and the Internet — the “cyber” world — for everything from shopping and communicating to banking and bill-paying. But while the benefits of faster and more convenient cyber services for bank customers are clear, the risks posed by these services as well as the strategies for preventing or recovering from cyber-related crimes may not be as well-known by the average consumer and small business owner.
Common cyber-related crimes include identity theft, frauds, and scams. Identity theft involves a crime in which someone wrongfully obtains and uses another person’s personal data to open fraudulent credit card accounts, charge existing credit card accounts, withdraw funds from deposit accounts, or obtain new loans. A victim’s losses may include not only out-of-pocket financial losses but also substantial costs to restore credit history and to correct erroneous information in their credit reports.
How to Avoid Identity Theft
The best protection against identity theft is to carefully protect your personal information, for example:
- Do not share personal information over the phone, through the mail, or over the internet unless you initiated the contact or know the person you are dealing with;
- Be suspicious if someone contacts you unexpectedly online and asks for your personal information. It doesn’t matter how legitimate the e-mail or website may look. Only open e-mails that look like they are from people or organizations you know, and even then, be cautious if they look questionable. Be especially wary of fraudulent e-mails or websites that have typos or other obvious mistakes;
- Don’t give out valuable personal information in response to unsolicited requests. Social Security numbers, financial account information and your driver’s license number are some of the details that should be kept confidential;
- Shred old receipts, account statements, and unused credit card offers;
- Choose PINs and passwords that would be difficult to guess and avoid using easily identifiable information such as your mother’s maiden name, birth dates, the last four digits of your social security number, or phone numbers;
- Pay attention to billing cycles and account statements and contact your bank if you don’t receive a monthly bill or statement since identity thieves often divert account documentation;
- Review account statements thoroughly to ensure all transactions are authorized;
- Guard your mail from theft, promptly remove incoming mail, and do not leave bill payment envelopes in your mailbox with the flag up for pick up by mail carrier;
- Obtain your free credit report annually and review your credit history to ensure it is accurate;
- Use an updated security program to protect your computer; and
- Be careful about where and how you conduct financial transactions, for example don’t use an unsecured Wi-Fi network because someone might be able to access the information you are transmitting or viewing.
How to Avoid Frauds & Scams
There are numerous scams presented daily to consumers so you must always exercise caution when it comes to your personal and financial information. The following tips may help prevent you from becoming a fraud victim.
- Be aware of incoming e-mail or text messages that ask you to click on a link because the link may install malware that allows thieves to spy on your computer and gain access to your information;
- Be suspicious of any e-mail or phone requests to update or verify your personal information because a legitimate organization would not solicit updates in an unsecured manner for information it already has;
- Confirm a message is legitimate by contacting the sender (it is best to look up the sender’s contact information yourself instead of using contact information in the message);
- Assume any offer that seems too good to be true, is probably a fraud;
- Be on guard against fraudulent checks, cashier’s checks, money orders, or electronic fund transfers sent to you with requests for you to wire back part of the money;
- Be wary of unsolicited offers that require you to act fast;
- Check your security settings on social network sites. Make sure they block out people who you don’t want seeing your page;
- Research any “apps” before downloading and don’t assume an “app” is legitimate just because it resembles the name of your bank or other company you are familiar with;
- Be leery of any offers that pressure you to send funds quickly by wire transfer or involve another party who insists on secrecy; and
- Beware of Disaster-Related Financial Scams. Con artists take advantage of people after catastrophic events by claiming to be from legitimate charitable organizations when, in fact, they are attempting to steal money or valuable personal information.
Poulsbo-North Kitsap Rotary Club Gala
Liberty Bank’s Kristi Sutton, Relationship Associate, and Tony Fyrqvist, VP & Relationship Manager, were both in attendance at Poulsbo-North Kitsap Rotary Club’s Halloween-themed gala and auction on Saturday, October 27th.. The event raised $97,924. Funds raised will go to support a variety of other community organizations including: North Kitsap schools, Poulsbo Historical Society, City of Poulsbo Parks and Recreation programs, Maritime Museum, and Fish Park.
Coffee Oasis Fundraising Gala
Liberty Bank was a proud sponsor of the Hope Gala,Coffee Oasis’ recent fundraiser to end youth homelessness. The evening was held on Saturday, October 20th at the Kitsap Golf and Country Club. Liberty Bank President and CEO, Rick Darrow, his wife Janna, and Liberty Bank Loan Officer Tony Fyrqvist and his wife Lisa were in attendance.
The Hope Gala consisted of a silent auction along with a paddle raise for general support. The evening also included a case study presentation and discussion led by the Coffee Oasis founder Dave Frederick.
Coffee Oasis is a local non-profit organization that offers youth programs including youth centers, street and school outreach, job training, and crisis intervention. To learn more about Coffee Oasis and their mission, please visit their website here.
Jennifer Carrier Promoted to VP & Deposit Operations Manager
Poulsbo and Greater Puget Sound, WA – Liberty Bank is pleased to announce the promotion of Jennifer Carrier to the role of VP & Deposit Operations Manager. She brings 18 years of banking experience to her new position.
“This past year I played an instrumental role in the acquisition of the Poulsbo branch deposits and safe deposit boxes of a bank leaving our market,” Jennifer says. “What’s exciting is that with our recent expansion we are growing our Central Operations department which I am now responsible for.”
Jennifer has been with Liberty Bank since 2010, when she joined as Branch Manager and then later as Deposit Operations Specialist. During her time at Liberty Bank, she’s seen the bank’s strong commitment to providing unsurpassed client care in action. As she says, “our clients become family and friends; their successes become our successes.”
“I could not be prouder of Jennifer and her achievements that led up to her promotion,” says Rhonda Morris, Senior VP Of Operations & Risk Management Officer.
When she’s not at work, Jennifer loves camping with her husband and two children.
Liberty Bank Hosts a Back to School Drive
With students returning to classrooms around the North Kitsap area, the staff at Liberty Bank put together a supply drive for children in need. Their donations brought in everything from pens and pencils to notebooks, scissors, and crayons.
This collection goes directly to North Kitsap Fishline’s School Supply program. This program ensures low income children, from Kindergarten to 12th grade, are getting the school supplies they need before school starts in the autumn.
For more information on North Kitsap Helpline, and how you can get involved, please visit http://www.nkfishline.org/
LIBERTY BANK PROMOTES GARCIA TO VICE PRESIDENT & CLIENT SERVICES MANAGER
Poulsbo, WA. Liberty Bank is thrilled to announce the promotion of Kelly Garcia to the role of VP Client Services Manager. She brings 19 years of banking experience to her new role.
“I’m very excited for this opportunity to grow with Liberty Bank,” says Kelly. “I have enjoyed working with our community to help our clients.” Outside of work, Kelly is busy with her 3-year-old and 1-year-old who both take up a lot of her time.
“We are delighted to promote Kelly into this leadership role,” say Rhonda Morris, Senior VP of Operations & Risk Management Officer. “With her vast background, knowledge and experience, she will continue to add value to each client relationship.”