Equifax Security Breach: What you need to know.

URGENT ALERT: 143 million Customers Exposed in Financial Data Breach

Credit reporting company Equifax has just revealed that its databases were hacked in a large-scale breach affecting millions across the US, UK & Canada. While no hacking event is ever good news, some are easier to ignore than others – this isn’t one of them. The sensitive nature of the exposed data now requires immediate action for all those even possibly affected.

The short version: Equifax is one of the three main organizations in the US that manages & calculates credit scores. To do that effectively, they have access to almost every piece of financial data for adults in the country, plus pretty much anyone who’s lived/worked in the US. We’re talking social security, tax file numbers, drivers’ license, credit card numbers…the big stuff. On July 29, Equifax disclosed the breach, stating that hackers had repeatedly gotten in through a vulnerability in the web application from mid-May to July of this year.

If you’re an Equifax customer: As scary as all that sounds, what’s done is done. Equifax, cyber-security experts & law enforcement officials are on the case, working to minimize the long-term damage.

The best action now is to protect yourself against fallout:

1. Go to: http://www.equifaxsecurity2017.com to see if your data may have been affected. There was some news that this site was delivering random results, but Equifax announced it has been corrected. At this stage, it’s safest to assume everyone with a credit history has been impacted, so unless that link gives a definite ‘no you’re safe’ response, continue with the following recommendations.
2. Claim the Equifax free year of credit monitoring & identity theft insurance (if you’re a US resident). If you’re not eligible, consider sourcing your own. As the hacked data will continue to circulate for some time, also consider extending your credit monitoring for a few more years.
3. Keep a close eye on your finances and accounts. Check for notifications of new credit applications, monitor your statements and bills, and immediately report any suspicious activity or sudden change in billing.
4. Change all your passwords to be strong, unique and long. Any of the stolen data may give hackers a free pass into the rest of your bank accounts, email and personal information.
5. Add two-factor authentication where possible. This is when an account demands a second layer of authentication before allowing access or changes – getting the password correct isn’t enough, the hacker would also need to get the special code sent by SMS.
6. Consider freezing your credit report. This makes it harder for identity thieves to open accounts under your name, as access is completely restricted until you choose to un-freeze.

Need help with your passwords? We'll get you set up with all the latest cyber security solutions. All under one roof: bovaconsulting.com

Why Do People Create Viruses?

You’d be right in thinking it’s hard to program a computer virus that can spread across the world in a flash - we’re talking days of constant desk-jockey nerd-work. So why do they bother? Well, it generally comes down to 3 reasons: Money, showing off their skill, or to simply being a jerk. While showing off or being a jerk is pretty self-explanatory, the money side is fascinating.

Here’s how people are making money with computer viruses:

Bank account theft: Virus creators are more than happy to help themselves to your bank details, sneaking in to grab your login details or credit card info. They can either transfer your funds away or use your credit card details to go on a shopping spree. Sometimes they’ll leave the fun to another person though, and simply sell your details to the highest bidder.

Ransomware: Rather than a financial snatch and grab, sometimes a virus will encrypt your files and demand money for the unlock code. Without a true backup plan in place beforehand, you’re at their mercy. You’ll be given very helpful information on how to pay, plus a firm deadline before your files are destroyed permanently.

Ad swappers: A cheeky technique, this is when they create a virus that either puts annoying ads on websites you visit, or places affiliate codes on pages so that when you buy something legitimately – eg, from Amazon – they get a percentage as a ‘referral fee’. Their kickback doesn’t make your purchase cost more and you may not even know you’re supporting their activities.

Bitcoin mining: You might have heard of digital currencies being used for payment, but did you know you can also earn them with your computer processing power? Unfortunately, ‘renting’ out your computer’s processing power means paying more in running costs than you’d make – unless you were very clever and sneaky, and used a virus to rent out other people’s computers.

Botnets: Certain infected computers can be remotely controlled to do whatever the virus creator wants. In this case, they’ll usually set the infected bot computers to overwhelm a target web server, like an e-commerce store. Sometimes it’s done as revenge, but more often it’s blackmail. The ‘Botmaster’ says “pay me thousands of dollars or I’ll crash your site during the biggest shopping day of the year.”

Account stealing: Subscription accounts like Netflix and Hulu are often hijacked, leaving you to pay the bill for someone else’s entertainment. But sometimes, virus creators go one step further with online gaming accounts. All those digital items that you fought so hard for (special clothing, weapons etc.) can carry real world value and be stolen from your account and sold on a black market. Yes, that’s cheating!

Call or Text us at 443-297-9141 to make sure your computer is secure and protected. You can also visit us online at bovaconsulting.com 

4 Simple Tips to Keep Your Internet Banking Safe

Online banking has boomed in the past few years to become the new norm. Branches are out and 
apps are in. Half the time when you visit a branch, you’re steered towards a computer for a DIY transaction – with optional assistance.  But is internet banking really safe? You’re always told to keep your financial details private, but now also to jump on board the online banking train – talk about a push/pull scenario! The good news is you CAN bank safely online with a few simple precautions.

Always type in the website address

Many attackers will attempt to trick you into clicking a fake link to your bank website. Usually sent as a ‘phishing email’, they’ll claim there’s a problem and ask you to click through to your bank and correct it ASAP. The link points to a fake website that looks almost exactly like your real bank site and is recording your private account info. You can avoid scams like this simply by accessing your bank by manually typing in the website or using a bookmark.

Avoid public computers and networks

Jumping onto a PC at the library or mall might seem like a quick and easy way to check your account, but public computers are often targeted by scammers. In just a few moments, they can install keyloggers to record usernames, passwords and other private data, then sit back as all future user details are emailed to them. The same problem applies with free, unsecured Wi-Fi. You’re better off using an ATM or a data-enabled smartphone.

Use a strong password with 2- factor authentication

Create a unique password for your online banking, something you’ve never used anywhere else. Mix up words, numbers and symbols to create a complex password that can’t be guessed easily. Avoid giving attackers a head start with data they can find on Facebook, like kids names, pet names, birthdates, etc and really think outside the box. And of course, never write it down anywhere near your wallet, phone or computer. If remembering is likely to be an issue, you might like to consider a secure password manager app. Many banks will also help boost your security with two-factor authentication, sending random codes to your phone (or a special LCD device they provide) to verify any activity.

Check page security before entering data

Finally, take a micro-second to spot the small padlock icon before you enter any data. You’re looking for a padlock appearing as part of the browser itself, not just an image on the webpage. It will be either in the bottom corner or next to the URL. The address will also start with httpS:// instead of http://. If you don’t see these things, the page is NOT secure and you shouldn’t log in.

Need some help securing your system against scammers? We can help. Call 855-302-9274 or email info@bovaconsulting.com

Everything You Need to Know About Facebook Privacy

Finding the balance between Facebook privacy and Facebook fun can be challenging. It’s a double-edged sword that allows us to connect with friends no matter where they live, but it also publicly shares information that just a few years ago, we’d never dream of putting online. You can search for people based on where they went to school, town they live in, clubs they belong to, who they’re related to…but when is it too much?

Your birthday is the first piece of info collected when you sign up, and it’s great getting birthday wishes from friends and family when it appears in their newsfeed. But while Facebook is sending you balloons and funny memes, your birthday is now public knowledge. It seems harmless, but when you call your bank or other institution, what’s the first question they ask to verify your identity? Your birthday! Some password recovery systems even ask questions like ‘which high school did you go to?’ assuming this is knowledge that only you would know. Except… you’ve just publicly shared it on Facebook. Whoops!

We’ve all heard stories of people who’ve lost their jobs after less-than-wholesome pictures or statements have gone public. If you have a reputation to keep, you definitely don’t want pictures from last weekend’s private party showing up, especially if you really let your hair down. While you can’t control what others do with photos they take of you, you can control whether or not you’re tagged in them.

Fortunately, there are settings in Facebook that allow you to control who sees what information and what happens when you’re tagged. Despite what you may have heard or seen floating around in a Facebook share hoax, you do have complete control over your Facebook privacy, and it’s easy to adjust.

How to Check and Adjust Your Facebook Privacy Settings

See what your account looks like to an outsider
From your Facebook homepage, click your name on the blue bar at the top of the page. Click the three dots next to ‘View Activity Log’ and then select ‘View as…’

Run a quick privacy checkup
Click the question mark in the top right corner and choose ‘privacy checkup’.
Think about what you really need to share – do people need to know the YEAR of your birth or just your birthday? Your friends will still get the notification, and you’ll still get the balloons.

Edit advanced privacy
While the checkup covers the most obvious info, you can go much deeper. Click the V-shaped dropdown to the right of the question mark. Go to settings and choose privacy.

Adjust timeline and tagging
In the privacy settings, you can explicitly control who can tag you, who can see or share the tagged content, and what shows up on your newsfeed.

Tightening your Facebook privacy only takes a few minutes, but it can save you a whole lot of trouble in the future. If you need help with this, just give us a call at (855) 302-9274.

BovaTech IT Consulting
www.bovaconsulting.com 

-------------------------------- --------------------------------