News and Alerts

Cybersecurity Experts Warn of Dridex Trojan Targeting Banking Customers (February 18, 2016)

February 16 - Built to harvest the banking credentials of victims, the virulent Dridex Trojan is now one of the most dangerous pieces of financial malware in circulation, spread by massive spam campaigns that can overwhelm organizations hit by them.

An analysis by tech firm Symantec of recent Dridex spam campaigns found that they are operating on a vast scale, with millions of new emails being sent out every day. The analysis describes the attackers as "disciplined and professional," operating on a standard work week. "They continually refine the malware, and put significant effort into disguising their spam campaigns as legitimate emails," said the report.

The attacks have targeted high-profile banking customers, according to the research.

Despite recent law enforcement takedowns, Dridex is able to send millions of spam emails every day attempting to dupe victims into opening malicious attachments made to look like invoices or receipts. Once the victim's computer is infected, Dridex aims to intercept their online banking sessions to steal login credentials.

As detailed in Symantec's whitepaper , at least 145 Dridex spam campaigns were observed during one sample 10-week period. The average number of emails blocked by Symantec per campaign was 271,019, indicating that the total number of emails being sent every day runs to millions.

Almost three quarters (74 percent) of Dridex spam campaigns used real company names in the sender address and frequently in the email text. The vast majority of spam campaigns were disguised as financial emails, such as invoices, receipts, and orders. The spam was heavily focused on English speakers, with the majority of emails purporting to come from English-speaking companies.

"As always, we want you...our Community 1st Bank customers to know that you are valued, and that we will continue to work hard in making you aware of the efforts we are seeing by Cyber criminals who desire to steal your private information for their financial gain. Please make sure that you always carefully review any and all e-mail, text, or other media messaging that purports to access you and/or your personal information.

Thank you for letting us serve you!"

Jerry Lyon, President and COO. 

 

Post Falls, Idaho (January 11, 2016)
Six Ways to Start 2016 on the Right Financial Foot


Washington, D.C. (Dec. 28, 2015)— The Independent Community Bankers of America® (ICBA) and Community 1st Bank encourage consumers to keep their financial goals front and center in 2016

“No matter what your financial aspirations are—it’s important everyone learns how to properly manage his or her finances and work towards a financial goal, and the New Year is a perfect time to start fresh,” said ICBA Chairman Jack Hartings, president and CEO of The Peoples Bank Co. in Coldwater, Ohio. “Just remember that it is never too late to take control of your finances. Community bankers across the nation are available to help customers succeed and thrive in their financial lives.”.....
>>> FULL ARTICLE LINK

Post Falls, Idaho (September 8, 2015)
ICBA and Community 1st Bank Encourage Consumers to Protect their Data during Cyber Security Awareness Month


Americans live in a mobile society, relying on smartphones, tablets and computers to gather news, make purchases, interact with friends and family, and connect with financial institutions. Increasingly, cybercriminals compromise the networks that support these devices. This often results in identity theft, which can also yield financial losses and safety for consumers. In fact, a recent report from the Center for Strategic and International Studies (CSIS) found that computer hackers have stolen the personal information of approximately 40 million U.S. residents....
>>> FULL ARTICLE LINK

“According to the Federal Trade Commission’s February 2015 report, Washington and Oregon are preceded only by Florida as states with the highest per capital rate of reported identity theft complaints.

The report also revealed identity theft to be the number one complaint category in 2014 nationwide.

Identity theft is a serious crime. People whose identities have been stolen can spend months or years (and thousands of dollars) cleaning up the mess thieves make. Victims of identity theft can lose job opportunities, access to loans, housing or cars. Victims can also be arrested for crimes they didn’t commit.

The FTC has put together some great online resources to help you understand and prevent your identity from being stolen: http://www.consumer.ftc.gov/features/feature-0014-identity-theft

Articles and videos cover a variety of topics:
- Prevention tips! Get a free credit report every year from AnnualCreditReport.com
- Immediate steps if you become a victim. Visit www.IdentityTheft.gov for one-stop resources.
- Scam Alerts and other developing news.

Remember, Red Flags of Identity Theft can include:
• Mistakes on your bank, credit card, or other account statements
• Mistakes on the explanation of medical benefits from your health plan
• Your regular bills and account statements don’t arrive on time
• Bills or collection notices for products or services you never received
• Calls from debt collectors about debts that don’t belong to you
• A notice from the IRS that someone used your Social Security number
• Mail, email, or calls about accounts or jobs in your minor child’s name
• Unwarranted collection notices on your credit report
• Businesses turn down your checks
• You are turned down unexpectedly for a loan or job

Immediate Steps for Identity Theft Victims:

- Notify custodians of your investment accounts.
- Close other accounts that you know, or believe, have been tampered with or opened fraudulently.
- Contact your Identity Theft Insurance provider if you have a policy in place.
3. Visit www.IdentityTheft.gov for the remaining steps to reporting and recovering from Identity Theft.
4. Keep detailed records.
5. Don’t give up! At times it might feel the process is cumbersome, but damaged credit can become harmful. Most consumers need a good credit score at various times in life and you’ll want past damage cleaned up before a situation arises where you need to demonstrate good credit in the future, whether it be applying for a new job, a loan or other situation.

The security of your personal information and privacy are among our greatest concerns. A full copy of our Privacy Policy is available anytime, upon request.

Security Is a Partnership
As part of our commitment to identity theft prevention we will never request your account number, login password or Social Security number in an unsolicited telephone call or email communication.

Always be diligent!
Your friends at Community 1st Bank!

 

Post Falls, Idaho (July 30, 2015)
* It’s critical that you take the precautions below to ensure that your Android devices are not compromised *

Please use extra caution when opening any type of message (email/text/MMS) from an unknown source on your smart phones, tablets, computers, smart TVs, etc. There continues to be increased malicious activity targeting these devices.

A vulnerability has been identified that could impact almost all Android devices. Malicious hackers can take complete control of your Android devices and steal personal information by sending a short video in a Multimedia Messaging Service (MMS) text message. An update to correct this vulnerability is available, but it’s expected to take several months for carriers to push this update to all customers. 

Please take the following precautions to protect your Android devices:
- Do not open MMS text messages from unknown numbers.
- Use your carrier’s default messaging application.
- Do not use Google Hangouts or text messaging apps that automatically open files for viewing as they make your device vulnerable.

Where can I get more information? 
Review the article on Android Central
http://www.androidcentral.com/stagefright-exploit-what-you-need-know

 

Washington, D.C. (Feb. 10, 2015)

The Independent Community Bankers of America® (ICBA) and the nation’s more than 6,500 community banks want consumers to be aware of ways to protect themselves and their personal financial information against identity theft and cybersecurity-related crimes.

“It is vital that customers alert their community banks immediately if they know or suspect their personal information has been compromised,” said ICBA Chairman John Buhrmaster, president and CEO of 1st National Bank of Scotia, N.Y. “Criminals are on the hunt to capture confidential consumer financial information and personal data. The community banking industry wants consumers to have as much information, education and resources as possible so they can protect themselves against such attacks.”

Community banks across the nation work aggressively to protect their customers’ financial, personal and sensitive information on a daily basis. Community bankers have been informing their customers about multiple layers of security protection, monitoring customer accounts for fraudulent activity, reissuing credit and debit cards as appropriate and educating consumers on how to avoid fraud, identity theft and becoming a victim of a cyber crime.

Additionally, the Federal Trade Commission provides guidance on immediate steps consumers should take to repair identity theft. If any consumer believes they have had their identity stolen or are victim of fraudulent charges on a credit or debit card, reach out to your community bank immediately.

ICBA provides consumers valuable tips when it comes to taking proactive security measures:

- Monitor all of your financial accounts and report any suspicious activity, such as false or multiple charges, to your community bank immediately.

- Be sure to use unique passwords for all financial online accounts. Never share or duplicate usage of your password, account number, PIN or answers to security questions.

- Do not save credit or debit card, banking account or routing numbers, or other financial information, on your computer, phone or tablet.

- Use caution when sharing personal information about yourself on social media channels and the Internet. Identity thieves and cyber criminals can use information to gain access into your life. Never post account numbers, credit card statements or bank details.

- Be vigilant about using a password on mobile devices. Be sure to set your devices to automatically lock after a selected period of time to ensure no one can access your smartphone, tablet or laptop.

- Be aware of the location of your mobile devices (smartphones, tablets) at all times. Only log on financial websites when you have a secure, safe and trusted Internet connection.

- Shred ATM receipts, credit card offers or statements, checks and other similar documents when you no longer need them.

- Consider getting an IP PIN. An IP PIN is a six-digit number assigned to eligible taxpayers that helps prevent the misuse of Social Security numbers on fraudulent federal income tax forms, per the IRS.

- Do not provide your secure financial information over the phone or Internet if you are unsure of who is asking for it. Contact your community bank directly by using the phone number on the back of your debit or credit card, or stop in your bank to speak with someone in person. Remember, your community bank will never contact or text you asking for personal or banking information. 

For more information about identity theft and consumer data and cybersecurity resources, visit ICBA’s Data Breach Toolkit.