Blog   Tagged ‘fraud’

Cyber security: 10 tips for protecting yourself online

  |  Posted by

Did you know that one in eight Internet users (or 378 million adults) became victims of cybercrime last year according to a Norton Cybercrime Report? Instead of avoiding the Internet – a nearly impossible task – make an effort to smarten up your online habits with our new Online Security Resource Center coming in November and these 10 ways to keep you safe on the Internet:

protect yourself online

  1. Keep your computers and mobile devices updated – Having the latest security software, web browser and operating system are the best defenses against viruses, malware and other online threats. Turn on automatic updates so you receive the newest fixes as they become available.
  2. Set strong passwords with at least eight characters in length and a mix of upper and lowercase letters, numbers and special characters.
  3. Use different passwords for every account – It may be easier to remember one password, but if the password and email address you use for one account gets in the hands of the wrong person, they will start trying it on other sites and services.
  4. Think before you click – Be vigilant about the links you click in an email, especially when they come from companies. Don’t click on odd Facebook messages with links. If your friend is sending the email, make sure it sounds like the person you know; otherwise his or her account could have been compromised.
  5. Watch out for phishing scams that use fraudulent emails and websites to trick users into disclosing private account or login information. Do not click on links or open any attachments or pop-up screens from sources you are not familiar with. Report phishing emails to the Federal Trade Commission (FTC).
  6. Keep personal information personal – Hackers can use social media profiles to figure out your passwords and answer those security questions in the password reset tools. Lock down your privacy settings and avoid posting things like birthdays, addresses, mother’s maiden name, etc. Be wary of requests to connect from people you do not know.
  7. Secure your Internet connection - Always protect your home wireless network with a password. When connecting to public Wi-Fi networks, be cautious about what information you are sending over it.
  8. Shop securely online – Avoid sending payment information or credit card numbers through email. Make sure all personal information transactions are done on a secure site. When shopping online, only use trusted, secure websites. And before providing any personal or financial information, make sure the address bar changes from an “http” to an “https” address and includes a yellow padlock logo to the right of the Web browser address bar. The “s” stands for “secure,” and if you double-click on the yellow padlock logo, you’ll see a digital certificate for the website. When shopping online, use credit cards, not debit cards. This will minimize the damage in the event of a compromised account.
  9. Read the site’s privacy policies – Though long and complex, privacy policies tell you how the site protects the personal information it collects. If you don’t see or understand a site’s privacy policy, consider doing business elsewhere.
  10. Pay attention – It might seem obvious, but remember to keep your eyes open any time you’re using an Internet service.

Be sure to read the rest of our advice on protecting your mobile device and the ways cyber criminals try to steal your information.

Continue Reading

Source: American Bankers Association

 

When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.


Ms. Matheys serves as senior vice president and Director of Corporate Information Security & Privacy, providing oversight of UMB’s information security and privacy programs. She joined UMB in 2010 and has 15 years of experience in information technology and information security. She attended Kansas State University with a focus on management information systems and is a Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) and member of the International Association of Privacy Professionals.



Leave a Comment

Tagged: , , , , , , , , , , ,

Cyber security: 10 tips for protecting your mobile device

  |  Posted by

Your mobile device provides convenient access to your email, bank and social media accounts. Unfortunately, it can potentially provide the same convenient access to criminals. As we continue National Cyber Security Awareness Month, remember to always follow these tips from the American Bankers Association in conjunction with the Stop.Think.Connect. campaign to keep your information – and your money – safe.

protect your mobile

  1. Use the passcode lock on your smartphone and other devices – This makes it more difficult for thieves to access your information if your device is lost or stolen.
  2. Protect your phone from viruses and malicious software just like you do for your computer by installing mobile security software.
  3. Use caution when downloading apps – Apps can contain malicious software, worms, and viruses. Beware of apps that ask for unnecessary “permissions.”
  4. Download the updates for your phone and mobile apps. These contain valuable security patches and fixes for vulnerabilities.
  5. Avoid storing sensitive information like passwords or a social security number on your mobile device.
  6. Be aware of shoulder surfers – The most basic form of information theft is observation. Be aware of your surroundings especially when you’re punching in sensitive information.
  7. Wipe your mobile device before you donate, sell or trade it using specialized software or using the manufacturer’s recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen.
  8. Beware of mobile phishing – Avoid opening links and attachments in emails and texts, especially from senders you don’t know. Be wary of ads (not from your security provider) claiming that your device is infected.
  9. Watch out for public Wi-Fi – Public connections aren’t very secure, so don’t perform banking transactions on a public network. If you need to access your account, try disabling the Wi-Fi and switching to your mobile network.
  10. Report any suspected fraud to your bank immediately.

Next week we’ll share 10 tips to protect yourself online to wrap up National Cyber Security Awareness Month.

 

Continue Reading

Source: American Bankers Association

 

When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.


Ms. Matheys serves as senior vice president and Director of Corporate Information Security & Privacy, providing oversight of UMB’s information security and privacy programs. She joined UMB in 2010 and has 15 years of experience in information technology and information security. She attended Kansas State University with a focus on management information systems and is a Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) and member of the International Association of Privacy Professionals.



Read One Comment

Tagged: , , , , , , , , , ,

Target Credit/Debit Card Security Breach

  |  Posted by

You may have seen the recent news that Target experienced a breach in electronic security‡ with their customers’ debit and credit cards. While UMB has security protocols in place, we ask that you remain vigilant as well. You can use our online or mobile banking options to check balances and transaction history 24/7. If you see any suspicious activity on your account, please contact our customer service associates as soon as possible. That number is 800.821.5184.

Credit card

Continue Reading

When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.


UMB Financial Corporation (Nasdaq: UMBF) is a financial services holding company headquartered in Kansas City, Mo., offering complete banking, payment solutions, asset servicing and institutional investment management to customers. UMB operates banking and wealth management centers throughout Missouri, Illinois, Colorado, Kansas, Oklahoma, Nebraska and Arizona. It also has a loan production office in Texas. Subsidiaries of the holding company include mutual fund and alternative investment services groups, single-purpose companies that deal with brokerage services and insurance, and a registered investment advisor that manages the company's proprietary mutual funds and investment advisory accounts for institutional customers.



Leave a Comment

Tagged: , , , , , ,

Balancing Act: The changing landscape of commercial banking

  |  Posted by

Technology has changed the way people do business. It’s also changed the way they do business banking. You can transfer money between two business accounts in minutes with online banking or complete and submit your entire expense report on the computer. Technology gives you the convenience of having greater control over your company’s finances. But that shouldn’t change the business partnership you have with your company’s bank.

Continue Reading

Like any relationship, creating and maintaining an effective partnership requires regular communication between you and your bank partner.  A strong relationship with your company’s financial institution not only enhances your customer experience, but also helps the bank balance quality service with a high level of information security.

Customer Experience

Your banker should know your company beyond what can be learned from a monthly commercial credit card statement. Your bank should act as an extension of your business and not just a place for you to keep your corporate accounts. Understanding the business cycles and unique financial needs of your engineering firm or your agriculture business gives your bank the insight to be a partner working with you on developing ideas to help your business succeed. This experience begins with a simple but powerful idea: know your customer.

For example, a bank that uses “know your customer” requirements for you to access your account can take this information and use it as a chance to get to know you and your employees better. At UMB, we require you to provide information that will uniquely identify you as the customer you say you are when you call us. These precautions are also good security measures to reduce potential fraud on your accounts.

Information Security

Having a strong relationship with your bank is important to your information security. Most banks will monitor spending habits to check for fraudulent activity on your commercial cards. For example, if a commercial card for a construction company starts posting a series of expensive charges at a department store within several hours, UMB might flag that account for suspicious activity or even put a hold on the card to stop any further transactions. Some might see this as too constrictive and even intrusive, but if you have a good working relationship with your financial institution you’re more likely to view this type of monitoring as a partner looking out for your company’s financial well-being.

So what can you do as a customer to keep the two-way communication open? Keeping your profile with your bank up-to-date makes it easier to verify who you are when you need to contact them. This also helps your bank ensure an accurate and safe customer experience.

Balancing self-service, customer service and information security is a challenge. A good bank should maintain the fine line between giving you the freedom to run your business and manage your finances, while remaining a loyal business partner who will always looks out for your best interests and the financial safety of your company.


Mr. Wegner is vice president and commercial card product manager at UMB. In this role, he is responsible for product development and program design for new and existing programs. He joined UMB in 2011. He earned an MBA in Management from Rockhurst University in Kansas City MO. He is a member of the NAPCP Public Sector Advisory Board.



Leave a Comment

Tagged: , , , , , , , , , , , , , ,

Internal Fraud: How to protect your company

  |  Posted by

You don’t want to believe it. But the numbers just aren’t adding up. You want to trust the people who work for you, but eventually you have to come to terms with the fact that someone in your company is stealing money. Not only does it hurt your business, but it’s often a heartbreaking realization for you as a manager or owner.

It’s not always easy to figure out who is the culprit, but there are steps you can take to detect and hopefully prevent fraud within your company.

Continue Reading

Dual control and separation of duties

Understand who is in charge of what financial responsibilities and make sure there are no gaps. Create a system of checks and balances so that the same person who is running payables (bills, invoices, expense reports) isn’t the same person who is reconciling the accounts (balancing the company checkbook, so to speak).

It’s also a good idea for business owners to review financial statements on a weekly or monthly basis.

Automated fraud detection

Consider implementing Positive Pay. This automated fraud detection tool is offered by most banks. It’s a relatively simple process. Your company issues checks every month and you send the bank a list of all those checks, including check numbers, amounts and payees. The bank makes sure the checks match up as each one clears. This eliminates any fraudulent or altered checks. Automated fraud detection is a great solution for companies as long as they already have dual controls in place.

Anonymous tip line

Businesses should also consider setting up an anonymous fraud tip line. Internal fraud is most often detected by a tip from another associate. As a business owner or manager, you can’t know everything that’s going on in your company. Giving your associates an anonymous way to notify you is a simple, effective way to detect internal fraud.

Other processes and procedures to consider:

  • Reputable third-party audits
  • Periodic reviews of policies, procedures and controls
  • Diversity of associates’ job functions, including rotation of job duties at times
  • Periodic spot checks of your account payables/receivables, payroll, etc.

Don’t think it will happen to you? Keep this in mind. 61 percent of financial professionals reported that their organization experienced attempted or actual payments fraud in 2012. And 26 percent of fraud is committed by an organization’s own associates (Source: Association for Financial Professionals). Even though you want to assume the best from your associates, you should have systems in place to ensure that you don’t become another internal fraud statistic.

 

When you click links marked with the “‡” symbol, you will leave UMB’s website and go to websites that are not controlled by or affiliated with UMB. We have provided these links for your convenience. However, we do not endorse or guarantee any products or services you may view on other sites. Other websites may not follow the same privacy policies and security procedures that UMB does, so please review their policies and procedures carefully.


Mr. Bibens is a treasury management officer for UMB’s Commercial Deposits department. He is responsible for providing consultative technology and cash flow management solutions to companies and public entities throughout the Greater Missouri area. He joined UMB in 2010 and has 10 years of experience in the financial services industry.



Leave a Comment

Tagged: , , , , , , , , , , , , , , , ,

Internal fraud: Who they are and why they do it

  |  Posted by

He looks like a typical associate. She could be a 20-something or a person in her fifties. He could be the person you eat lunch with every day. The truth is that you can’t pick out this person from the crowd. She is committing internal fraud in your company and doesn’t look any different from the rest of your co-workers. He makes sure he blends in.

So what should you look for if you suspect one of your associates is committing fraud?

Continue Reading

What to look for

  • A disgruntled associate who is vocal about their unhappiness with the company. They often use this as an excuse to commit fraud.
  • An overly enthusiastic associate who consistently ask questions about processes and procedures that will help them steal from the company.
  • A seemingly harmless associate with no apparent agenda. Their behavior won’t be as easy to spot as the first two. Having audits and checks/balances in place will likely help you catch them.

How they do it

These are not always tell-tale signs of fraud, but those who commit internal fraud are likely to:

  • Always be willing to take on additional tasks that could lead to fraud and have nothing to do with their current duties.
  • Learn as much as they can about company systems to use in conducting fraud. Systems can include but aren’t limited to: accounting, accounts payable/receivable, payroll, bank account access. They will look for weaknesses in policies or procedures.
  • Earn management’s trust with regard to the most vulnerable parts of the company.

Once they gather the necessary information and gain the trust of the company leaders, they will begin their plan. This could be creating “ghost” associates in payroll or diverting funds to a new account for a fake vendor. Sometimes it’s as simple as stealing money directly or even selling confidential company information on the internet.

Why they do it

The best example of why an associate will commit fraud is described by Dr. Donald Cressey as the Fraud Triangle Model, a tool for assessing the risk of fraud. Cressey was a criminologist who studied embezzlers.

Fraud Triangle

  • Pressure is often financial and usually stems from addiction, living beyond one’s means, major medical expenses, or gambling losses.
  • Rationalization is the explanation why the theft is not really wrong. Some associates tell themselves that it’s a loan and will be repaid. Others feel they are not paid enough and deserve more.
  • Opportunity is the opinion that a fraud can be committed without being caught. The thief sees poor internal controls, poor supervision, poor “tone at the top,” or a combination of these.

One of the best ways to avoid internal fraud is to set up regular, thorough audits and reviews of processes in your company. Stay tuned for an upcoming post that will go into more detail about how to catch internal fraud before it does serious damage to your business.


Dennis Knop is a vice president and corporate fraud investigator of UMB Bank, n.a. He has worked for UMB for 18 years, and 12 years of that in fraud investigation. He has a Bachelor of Science in Criminology and Criminal Justice. Mr. Knop is a Certified Fraud Examiner and currently serves as the treasurer of the Midwest Financial Fraud Investigators Group in St. Louis, Mo.



Leave a Comment

Tagged: , , , , , , , , , , , ,

How to get your identity stolen

  |  Posted by

You’ve read hundreds of articles about how to avoid identity theft, but if you actually want to lose your identity then just follow these ten simple steps:

Continue Reading
  1. Use your pets or child’s name as your email password
    Fluffy1234. Who would ever think of that? Identity thieves are using sophisticated technology to crack your passwords and steal your information. Using your dog’s name and a common number sequence will make it so easy that these identity thieves won’t even need a computer to figure it out.
  2. Over-share with your neighbor or a friendly stranger
    Always use the same personal identification number (PIN) or code for all your accounts, credit and debit cards. Remember when you had your neighbors watch your house and you gave them your garage code? Well now they also have your PIN for all your accounts. And what about that friendly stranger who offers to sell you a tropical vacation for pennies on the dollar? Once you give them your name, address and payment information, your identity could be as good as gone!
  3. Throw away personal documents without shredding
    Throw away receipts, old bill statements and credit card applications without shredding them. A more low-tech identity thief will just dig through your dumpster and use the information in receipts and bills to access your personal information. Then he will sign up for a credit card in your name with the application you threw away the other day. He’ll be sitting on a beach sipping a frozen drink after he spent all your money on that tropical vacation we mentioned while you spend months recovering your lost finances and clearing up your credit report.
  4. Make yourself an easy target for pickpockets
    Don’t pay attention to your surroundings in a crowd. Leave your fanny pack unzipped so anyone can reach right in and grab your wallet. This saves an identity thief from the trouble of looking for your information. He can just use your ID and credit or debit cards.
  5. Don’t password protect any personal devices
    Don’t password protect any of your personal devices (laptops, tablets, smartphones, etc.) and leave them out where anyone can access them. Why waste the time pushing buttons to unlock your smart phone when you could be taking a picture of your dinner!
  6. Respond to suspicious emails
    Even if it seems suspicious, respond to all emails asking for your personal information. Click on suspicious links too! This will route you to a website or file download that will make it really easy for you to share all of your online activity with the identity thief – user names, passwords, card numbers, you name it!
  7. Respond to suspicious requests on social media
    Easily hacked passwords on your social media sites allow identity thieves to pose as you and try to con your friends out of their personal information and even their money. Oh, and your ex really is stuck in London without a passport or money! Wire that $5,000 right away!
  8. Transfer money on an unsecure website or via email
    Speaking of sending money, be sure you give out your bank account info via email because it’s definitely a safe way to shop online. Throw in your Social Security number and your mother’s maiden name while you’re at it.
  9. Be careless with logins and personal information in public
    Openly log in to your personal accounts while you’re on a laptop or phone in a public setting. Balance your checkbook in a coffee shop and be sure you move out of the way so the identity thief can clearly read your account number.
  10. Never review your bank account statements
    They say ignorance is bliss. It’s true. If you never look at your account statements, you’ll never know if someone has your account information and is spending all your money. You’ll also never know when your spouse dropped a couple hundred dollars on a shopping spree!

Of course, we are joking and having a little fun with this post. At UMB we take privacy and security very seriously, especially when it comes to our customers. You might think identity theft can’t happen to you, but it is still very common and a few simple things can keep you protected. Just do the exact opposite of everything on this list. Or, take a look at our website to learn more tips and tricks to protect your information and your identity.

 

Bank deposit products provided by UMB Bank n.a., Member FDIC. Equal Housing Lender


Ms. Matheys serves as senior vice president and Director of Corporate Information Security & Privacy, providing oversight of UMB’s information security and privacy programs. She joined UMB in 2010 and has 15 years of experience in information technology and information security. She attended Kansas State University with a focus on management information systems and is a Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) and member of the International Association of Privacy Professionals.



Read One Comment

Tagged: , , , , , , ,