Blog   Identity Theft

Cyber security: 10 ways cyber criminals try to steal information

  |  Posted by

Did you know that 378 million adults were victims of cyber crime* and more than 13 million consumers suffered from identity theft** in 2013? October is National Cyber Security Awareness Month, and just as in previous years, we’ve joined other organizations, including the Department of Homeland Security to support the Stop.Think.Connect. campaign to help the American public better understand cyber threats and ways to be more safe and secure online.

This month, we’ll be bringing you a series of tips to help you stay safe when banking online, starting with today’s:

  1. Phishing – Phishing is a form of social engineering that uses a sense of urgency, personalization (often gleaned from information found on social media) or masquerades as a legitimate business to convince victims to provide information like bank account numbers, online banking user IDs and passwords or credit card information.
  2. Malware – Malicious software has evolved into stealthy, complex arsenals that are widely used and easily accessible to experienced cyber criminals and novice identity thieves alike. Malware can attach to browsers, steal keystrokes to send back to the attacker or intercept security codes on mobile devices – all of which can be used to steal your information.
  3. Email hijacking – You’ve all seen this one, even if you didn’t have a name for it. Remember when you received odd emails from your friends (which you hopefully deleted), later to get a frantic message from them saying “I was hacked!” Cyber criminals are able to hijack email accounts by guessing passwords, using phishing techniques or installing malware on the victims’ computers. Once they have access to your email account, the cyber criminal may be able to gain access to online banking or social media accounts. They may even begin emailing your contacts requesting money or account information, making you an unwilling accomplice to cyber crime.
  4. Mobile devices – Did you know that your mobile device is no different than your desktop or laptop computer when it comes to malware? Your mobile device can be infected just as your desktop or laptop would. In addition, mobiles devices can be easily lost or stolen. Once a device is obtained, the content of your device, browsing history, account IDs and passwords, may be accessed by the thief. In some cases, malware can even be planted on the stolen device and returned to obtain additional data. We’ll be bringing you more tips specific to your phone later this month.
  5. Eavesdropping – “Sniffing” is a common word used for searching out potential eavesdropping victims. One of the easiest places to sniff is an open Wi-Fi (Wi-Fi networks that don’t require a password) such as hotels, coffee shops and sporting arenas. Once a target is identified, cyber criminals can easily intercept personal or financial information being transmitted over the open Wi-Fi network. Cyber criminals will also set up their own unsecured Wi-Fi connection to lure unsuspecting victims.
  6. Online gaming –Playing games online can often involve a social network and customizable content requiring downloads or computer updates. These can be used to phish for personal or financial information or infect systems with malware. In many cases, online gaming accounts are tied to payment information as well.
  7. Drive-by downloads – It’s easier than you realize to become infected by malware. A drive-by is malware that is automatically downloaded to your computer or device. These downloads occur without your knowledge and don’t require you to click a file, button or link to begin. These infections can be delivered simply by viewing a website, checking an email or clicking a pop-up window.
  8. Merchant breaches – As we’ve seen in the news lately, these breaches occur when a merchant’s security system is compromised. Capable hackers are able to crack the security of the merchant and access large volumes of card or account data. This information can then be sold to create new cards for fraudulent use or commit other financial crimes.
  9. Pretext Calls – One of the oldest tricks in the book is the telephone scam. These veteran social engineers call posing as computer technicians offering to help update your computer, remove a virus or sell you software. Once they’ve established a rapport with the victim, they can ask for credit card or bank account information or direct them to a website to download malware.
  10. Dumpster diving – Believe it or not, this is still a common method of identity theft that happens when thieves go through garbage in search of financial statements, receipts and letters with personal information. Surprisingly, some people still toss personal data in the trash can rather than using a shredder or shred bin.

Next week, we’ll bring you 10 tips for protecting your mobile device.


Continue Reading

Sources: Buzz Hilestad, Principal Consultant Partner, Secure Healthcare Solutions

*American Bankers Association
**Javelin Strategy


When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.

Ms. Matheys serves as senior vice president and Director of Corporate Information Security & Privacy, providing oversight of UMB’s information security and privacy programs. She joined UMB in 2010 and has 15 years of experience in information technology and information security. She attended Kansas State University with a focus on management information systems and is a Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) and member of the International Association of Privacy Professionals.

Leave a Comment

Target Credit/Debit Card Security Breach

  |  Posted by

You may have seen the recent news that Target experienced a breach in electronic security‡ with their customers’ debit and credit cards. While UMB has security protocols in place, we ask that you remain vigilant as well. You can use our online or mobile banking options to check balances and transaction history 24/7. If you see any suspicious activity on your account, please contact our customer service associates as soon as possible. That number is 800.821.5184.

Credit card

Continue Reading

When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.

UMB Financial Corporation (Nasdaq: UMBF) is a financial services holding company headquartered in Kansas City, Mo., offering complete banking, payment solutions, asset servicing and institutional investment management to customers. UMB operates banking and wealth management centers throughout Missouri, Illinois, Colorado, Kansas, Oklahoma, Nebraska and Arizona. It also has a loan production office in Texas. Subsidiaries of the holding company include mutual fund and alternative investment services groups, single-purpose companies that deal with brokerage services and insurance, and a registered investment advisor that manages the company's proprietary mutual funds and investment advisory accounts for institutional customers.

Leave a Comment

Tagged: , , , , , ,

Balancing Act: The changing landscape of commercial banking

  |  Posted by

Technology has changed the way people do business. It’s also changed the way they do business banking. You can transfer money between two business accounts in minutes with online banking or complete and submit your entire expense report on the computer. Technology gives you the convenience of having greater control over your company’s finances. But that shouldn’t change the business partnership you have with your company’s bank.

Continue Reading

Like any relationship, creating and maintaining an effective partnership requires regular communication between you and your bank partner.  A strong relationship with your company’s financial institution not only enhances your customer experience, but also helps the bank balance quality service with a high level of information security.

Customer Experience

Your banker should know your company beyond what can be learned from a monthly commercial credit card statement. Your bank should act as an extension of your business and not just a place for you to keep your corporate accounts. Understanding the business cycles and unique financial needs of your engineering firm or your agriculture business gives your bank the insight to be a partner working with you on developing ideas to help your business succeed. This experience begins with a simple but powerful idea: know your customer.

For example, a bank that uses “know your customer” requirements for you to access your account can take this information and use it as a chance to get to know you and your employees better. At UMB, we require you to provide information that will uniquely identify you as the customer you say you are when you call us. These precautions are also good security measures to reduce potential fraud on your accounts.

Information Security

Having a strong relationship with your bank is important to your information security. Most banks will monitor spending habits to check for fraudulent activity on your commercial cards. For example, if a commercial card for a construction company starts posting a series of expensive charges at a department store within several hours, UMB might flag that account for suspicious activity or even put a hold on the card to stop any further transactions. Some might see this as too constrictive and even intrusive, but if you have a good working relationship with your financial institution you’re more likely to view this type of monitoring as a partner looking out for your company’s financial well-being.

So what can you do as a customer to keep the two-way communication open? Keeping your profile with your bank up-to-date makes it easier to verify who you are when you need to contact them. This also helps your bank ensure an accurate and safe customer experience.

Balancing self-service, customer service and information security is a challenge. A good bank should maintain the fine line between giving you the freedom to run your business and manage your finances, while remaining a loyal business partner who will always looks out for your best interests and the financial safety of your company.

Mr. Wegner is vice president and commercial card product manager at UMB. In this role, he is responsible for product development and program design for new and existing programs. He joined UMB in 2011. He earned an MBA in Management from Rockhurst University in Kansas City MO. He is a member of the NAPCP Public Sector Advisory Board.

Leave a Comment

Tagged: , , , , , , , , , , , , , ,