Cyber Security & Scam Alerts

July 11, 2017

Mortgage Protection Postcard

Beware! There is a postcard circulating that uses National Bank of Middlebury’s name in a mortgage protection services campaign. This is not a solicitation from National Bank of Middlebury nor was the use of our name approved by us. It is wise to think twice about any type of solicitation you did not request. You should not give out your phone number or any personal information to a company you know nothing about and from whom you did not request information.

Cyber Defense = Situational Awareness

“Can I call you back?” This simple phrase ends most telephone pretexting attacks.

  • If caller provides number, google the number to ensure it is a legitimate organization.
  • This should be standard procedure for all IT Helpdesk communication.
  • There is no such thing as “innocuous” information.

Am I expecting this? Forward Slash and Two Dots Back.This is the formula to determine the actual URL you are visiting. Fraudsters use many types of URL constructions to deceive:

  • http://www.jetblue.seetssavers.com/row/usa/….
  • http://www.yourbank.com.mx/communicate/tweet/current…
  • http://login.auction.info/www.ebay.com/buyer/seller/….
  • http://www.amazone.com/043094/abc….

Did I initiate ? If the answer is yes, go ahead and click, go ahead and answer the question. if the answer is no, don’t click and don’t answer.

Examples:

  • IRS calls you and asks for your social security #. Did you initiate? NO!
  • You call IRS and they ask for your social security #. Did you initiate? YES!
  • You sign-up for mobile banking on your bank’s website; the bank immediately sends an email to verify your email address. Did you initiate? YES!
  • You receive an email from your bank that there is a problem with your account. Did you initiate?  NO!

Excerpted from “Identifying Fraud/Staying Safe”
Sage Data Security presented by John H. Rogers, CISSP

 

Equifax Breach

National Bank of Middlebury is monitoring all available information on the Equifax Breach. Like all of you, we are greatly concerned over the possible ramifications of this event. There is much conflicting information and advice being released to the public. In the meantime and important to your ongoing security, we urge you to review your security protocols for all your devices.

  • Use strong and unique passwords. Do not use the same password for all your online activity.
  • Enable two-factor authentication. Make it difficult for criminals to access your data.
  • Have good antimalware on all your devices
  • Update all your software
  • Back up your information
  • Check your credit reports
  • Monitor your bank statements

Sign Up for Vermont Scam Alerts

 

Vermont Scam Alert

Scams and fraud cost Vermonters hundreds of thousands of dollars every year. Scammers use every tool available to steal money and information from consumers. Since most scams originate overseas and use sophisticated technology, we can’t stop them with traditional law enforcement means alone. To stop the scams, we need to work together to protect Vermonters from losses to scams and fraud.

You can help us protect Vermonters from scams and fraud!

Get instant alerts by text, voice or e-mail message. Tell us how you want to receive alerts from the Attorney General about the latest frauds and scams affecting Vermont.

VTALERT Online

VT Scam Alerts are a service of the Vermont Attorney General and the Vermont Department of Public Safety’s VT-ALERT system.

Sign up or learn more at http://consumer.vermont.gov