How to Protect Yourself Online.
Did you know? Nearly all malicious attacks require user authorization to be successful? We often click without much thought and criminals prey on this common human tendency. Many people fall victim to sensational links but more dangerously to malicious links disguised to appear as if from a trusted source.
So how do you protect yourself?
Basically, attacks fall into two broad categories:
1. Malware (includes Viruses)
2. Phishing & Spam
Malware, short for malicious software, includes a broad range of evil, viruses amongst them. They commonly arrive via email attachments or downloads from the web and must be executed by the user for a successful attack.
Protect yourself by reading emails carefully before opening attachments. Verify that the email is from a trusted source and becautious of generic subject lines like, ‘CHECK THIS OUT!!!’, ‘YOU WON’T BELIEVE THIS’ and such. Ask yourself whether, in your experience, the sender would use such language and remember, WHEN IN DOUBT DON’T CLICK. Be especially weary of executable files and office documents and always check to see that the sender’s email address is correct.
Phishing is a malicious attempt, by a third-party, to obtain sensitive information from you by masquerading as a legitimate organization. This is more difficult to detect.
A typical scenario might look like this; you receive an email that’s apparently from Facebook Support asking you to verify your username and password. It asks you to click a link and follow the instructions and looks legitimate.
But, always look closer! First ask yourself, how likely is it for Facebook, or whatever the entity may be, to ask you for sensitive information by email? Next, check the emailaddress and the URLs. If it is a button, hovering over it will show you the URL. This applies to pop-ups too.
Do the URL and email address make sense? Take the Facebook example above:
A legitimate request might have a link like this: www.facebook.com/verify
But never: www.facebookverify.com (This is a different website altogether)
Or there could be subdomain used, like this: www.verify.facebook.com
But never: www.facebook.verify.com (This link points you to ‘verify.com’ not facebook.com)
Always make sure the domain the URL is pointing you to is actually the domain used by the legitimate service. This is important when verifying email addresses too. Here’s an example:
Legitimate Email Address: “email@example.com”
Malicious Email Address: “firstname.lastname@example.org” (Note the extra ‘o’)
Spam is unsolicited email and is usually more irritating than harmful but it can lead to malware infections and you spending money on fake products or other scams. While we aren’t in any waysuggesting that Antivirus software isn’t essential, being aware of what you’re doing,paying attention and thinking before you click (situational awareness) is the best first line of defence. At the very minimum you should ensure that Windows Defender, which is built in for windows 8.1 & 10 machines, is updated and active. There are also many 3rd party providers of antivirus software which are excellent options.
What Nations Trust Is Doing To Help
Digital Information Security is very important to us and we’ve gone above and beyondto protect customers by implementing comprehensive digital security features across the organization, especially our digital banking channels.
Nations Mobile Banking and FriMi – Sri Lanka’s first digital bank both come with integrated security features such as biometric authentication (fingerprint, voice & facial recognition) capabilities right out of the box. Nations Online Banking is also secured with state of the art digital security features.
We’re also an ISO 27001 certified organization and maintain world class standards in terms of information security and go through security audits every 6 months. We deploy massive amounts of capital each year to upgrade our firewalls and work with companies of global repute that use ethical hacking to stress test and ensure the strength and integrity of our systems.
Finally, do remember that Nations Trust Bank will never contact you with requests to share any personal information via unsecure channels such as email or telephone. Always be wary of such requests as you will only be required to disclose personal identifying information if you initiate communication with us.