Posted January 24, 2017
A publication recently released by the Federal Reserve System discusses findings from a study of noncash payments—including those made by credit or debit card, ACH transfers, and check—in the United States. To examine trends, the study uses 2015 estimates and data from previous years.
The paper reports both aggregate numbers and dollar value of payments by type in 2015. It discusses trends in the uses of specific payment types and some of the factors behind the reported changes. Card fraud receives considerable attention as well.
The publication, entitled The Federal Reserve Payments Study 2016, is considered a preliminary summary. The Federal Reserve System, which sponsored the research, expects to release more detail and in-depth analysis during the second quarter of 2017.
Refer to the December 2016 Federal Reserve news release for an overview of the study and a link to the referenced publication.
Posted January 3, 2016
The recent issue of FDIC Quarterly, a publication of the Federal Deposit Insurance Corporation Division of Insurance and Research, includes an article on the core profitability of the community banking model. To read the full report – which infers the community bank underlying earnings model remains viable – visit https://www.fdic.gov/bank/analytical/quarterly/. Select the document entitled FDIC Quarterly 2016 Volume 10, Number 4.
Posted November 29, 2016
A nine-page advisory issued by FinCEN on October 25, 2016 contains information, analysis and access to additional resources intended to help financial institutions understand both the threats posed by criminals, terrorists and state actors, and the essential role financial institutions play in protecting their customers and the larger financial system from such threats.
The advisory is especially pertinent to bank employees responsible for cybersecurity, network administration, risk management, fraud prevention, BSA/AML management, and AML efforts. To access the document, browse the RESOURCES section (Advisories/Bulletins/Fact Sheets) at www.fincen.gov for FinCEN Advisory FIN-2016-A005.
Posted November 8, 2016
Cybersecurity month (October) is behind us for 2016, but that doesn’t mean it’s okay to let our guard down. As a matter of fact, the best time to use cybersecurity best practices is always.
With the holidays drawing near, online purchases are sure to spike. Here are a few tips you (and your customers) can use for safer online shopping:
- Shop at reputable companies. If a bargain seems too good to be true, it probably is.
- Avoid clicking shopping links that are embedded in emails unless you subscribe to the seller’s ads.
- Create a free “junk” email address through a service like outlook.com, yahoo.com, or juno.com. Use the address only for registering with retailers so their email ads won’t crowd the inbox you reserve for family and friends.
- When making a purchase online, consider using a credit card you seldom use. That way, if the vendor has a breach, it won’t affect your main credit card.
- Before making a purchase, look for the “lock” symbol in the address bar to ensure you’re on a secure site.
- Consider shopping at an all-in-one site such as Amazon.
- Use a credit card instead of your bank debit card.
- Save a copy of your order.
Could you be inviting more spam into your Inbox—or revealing your work habits to hackers? Using Outlook’s out-of-office feature might do both.
Microsoft Outlook offers an automated way to notify emailers when the recipient is out of the office for a period of time (ideally, for a vacation). The feature is called Out of Office (OOO). When you invoke it, Outlook will reply to your incoming emails with a message you write before leaving. Your response message could read something like this: “I’m out of the office until May 2. For immediate assistance, please call ABC Bank at 789-555-1234.”
The OOO feature is a convenient means of notifying staff, customers or vendors that you’re away from the office, and letting them know when you’ll return.
The hitch: Hackers will use spam email to gauge what time you normally arrive at work, get back from lunch, and catch up on emails. They can make educated guesses when you send OOO responses. Once hackers know you’re away, they can plan hacks on your account knowing the breach will likely go undetected until you return. They might also use social engineering to impersonate you, contact your customers, and persuade them to release sensitive information—or money.
To disclose less information for hackers to exploit, you could limit your OOO responses to addresses in your Outlook contacts folder. One approach: From the OUTSIDE MY ORGANIZATION tab, click the MY CONTACTS ONLY button instead of ANYONE OUTSIDE MY ORGANIZATION. With these settings, OOO will reply only to email addresses in your contacts folder.
If that option—which could result in legitimate inquiries from new customers going unanswered for days—is unacceptable, there’s another alternative: You could have your incoming emails redirected to a colleague during your absence.
Either solution will further secure your bank and your work identity. Even if your bank doesn’t use Outlook, almost all email programs have similar built-in functions. Ask your IT staff if you have questions about your system.
More security measures you can take before you leave:
- Unplug your desktop computer from the network. Hackers try to run stealthy programs from unattended computers. Don’t let them use yours.
- If you don’t need email access while away, ask IT to temporarily disable your network ID.
- Reset your network password. This has two benefits: You won’t risk getting a prompt for a new password while you’re gone, and hackers won’t be able to use the old password when your user ID is idle.
You deserve a stress-free vacation. Put potential cybersecurity concerns to rest by following the recommendations above—and enjoy your time off.