Here are some things that you should and should not do to make using your Smartphone for your online banking needs.

Do….

• Make sure that you stick to using your bank’s apps for mobile banking.  If there are any well-reviewed and trusted third-party personal finance apps you can use them instead.  These you can download directly from the app store for your Smartphone type.
• Look at your phone as a personal computer and you will be able to minimize your risks of identity theft or being hacked. One thing that you can do is for identity theft protection is to install antivirus software on your Smartphone just like you would do for your laptop or computer.
• Make sure that you keep track of your Smartphone and know where it is. If you keep it in your purse make sure that it cannot fall out or that no one can steal it from your purse.  When you are out and about check often to make sure that you have your Smartphone with you.

Do Not….

• Use public WiFi access to conduct your banking business because you cannot be sure that it is secure.  You should opt for wireless networks that will require you to use a network security key or some other form of security.
• Be the first one to use your bank’s new apps but wait until they have been around thirty to forty days before you download it.  The reason is that sometimes early versions of these apps are not safe or contain malware
• Send text messages on your SmartPhone that might consider sensitive and personal information such as your checking or savings account number, your account passwords, or Social Security number.
• Be fooled by text messages or emails that ask for personal information because these may be Phishing messages that claim to be from your bank and ask for more personal information.

There are three ways that you can encounter these rogue scanners; you see an advertisement offering a system tune up or the ad is offering a free virus scan, you click on a website that is fixed to exploit software vulnerabilities, or you get an email that is disguised as a news alert or a greeting card.

How to prevent scareware

This type of software is sometimes delivered through advertising channels that are legitimate and found on various websites.  The best way to prevent an infection from scareware is to disable active scripting that is being fed through a third party website.  Make sure that your anti-virus and anti-spyware that is legitimate is up to date.  Make sure that you read any email you receive in plain text and do not respond to any ads from people you do not know.

How to spot scareware

The most obvious symptom is to get an unexpected virus alert from some product you do not remember installing.  There is a list on line that you can check to see if it a rogue scanner before you download and install new security software or scanner.  Just type rogue scanners in the search box.

Removing scareware

The first thing you need to make sure when you think or know that you have a rogue scanner is to not connect to the internet.  Usually the uninstall file is in the control panel on your computer under the Add/Remove Program option.  Unfortunately the uninstaller usually does not work so hopefully your legitimate anti-virus software can remove the rogue scanner.  If it does not, you may no choice but to go online to find a tool that will specifically remove malware of this type.  Most of these tools are free.

For a small business, cyber attacks can cost them almost one hundred ninety thousand dollars a year.  The reason that small businesses are now having so many hacker attacks or data breaches is that many of them have no anti-spam software, no firewall in place, or no anti-spyware.  Most small businesses think about fixing the problem after an attack instead of preventing it from happening in the first place.

Here are some things that a small business can do to help prevent their business from become a data breach or identity theft statistic.

• Focus on the essential controls and make sure that you are using these controls across your whole business with no exceptions.
• Eliminate any unnecessary data by either discarding it the safe way or if you must keep it, then identify what it is, securely store it, and monitor it.
• Secure the remote access services by restricting services to specific networks and IP addresses.  Make sure that you minimize public access and that your business is limiting access to any type of sensitive information within the network.

• Make sure that your business is monitoring the users by limiting their user privileges, through careful screening, and using a separation of duties.  Managers should make sure that the employees are following security procedures and policies.
• Make sure that you are paying close and careful attention to any type of payment card input devices for any type of manipulation or tampering.  Some of these devices include gas pumps and ATMs.
• Make sure that you have excellent passwords from all employees because stolen credentials and passwords are out of control today.
• Make sure that your business stays up to date on all your security software such as your anti-virus software, any anti-spyware and make sure that your firewall is turned on.
• If any of your security software programs are not working or are out of date, make sure that you replace them immediately.

These are just a few tips to help small businesses not become the next hacker’s target.

Here are some ways to tell if the virus alert is real.

1. Location-Where the alert is located can have significant bearing on whether it is real or not. If you are seeing repeated warnings or alerts about the infection it could be because you have some type of non-active malware that is trapped in one of the folders from the system restore. It may also be just a remnant trapped in some other spot causing the alert.
2. Origination—where it came from might mean anything such as a high risk origin would mean an attachment in an email or files that are downloaded from some file sharing network. High risk can also include a download that is unexpected that is the result from instant messaging or an email link.
3. Purpose—is the file that is triggering the alert one that you need and expected. Consider a file that is unexpectedly downloaded as high risk and is likely malicious. Be careful about what you run on your computer system is one way to eliminate a virus infection. If you did download it, you need it, but your anti-virus software is still giving you an alert, get another opinion.
4. Second Opinion Scan—if your file makes it pass the first three steps but you are still getting an alert from your anti-virus software, you should upload the suspected file to an online scanner to get a another opinion. Your file will be submitted to several online scanners and if it comes back that some of the scanners say it is infected it more than likely is. If you only get one or two reports that the file is infected it could either be a malware virus that is new and not being detected by many of the scanners or it is a false positive.

These are some of the things that you can do to make sure if your anti-virus software is giving you a false positive or if it is for real. If you did intentionally download the questionable file and do not really need it, you can delete it if you are not sure.

Overwriting Viruses

There are some viruses that can cause certain file to be deleted and even the whole drive contents.  If a user acts fast enough the deleted files may be able to be recovered.  What an overwriting virus does is to use malicious code and over write the original file using the code.  When this happens, the file cannot be recovered because it was replaced or modified.

Ramsomware Trojans

This type of malicious malware will encrypt files on your infected computer and then ask for money in exchange for the decryption key.  The victim is affected in two different ways.  They cannot access their important files and they are a victim of extortion.

Password Stealers

These are Trojan malware that steal login information for networks, systems, email, FTP, games, ecommerce and banking sites.  The attackers can custom configure password stealers after they have infected the system to steal from the email system, and then reconfigure it to steal from an online site.  Although games are the most talked about target they are not the most common target.

Backdoors

This type of malware Trojans provide surreptitious and remote access to an infected system which is like having the hacker sitting at your computer keyboard.  This type of Trojan can let the attacker do any action that you do.  In addition, the attacker can install other malware on your computer.

Rookits and Bookits

The attacker will have full access to your computer system with a rootkit and will usually hide in registry edits, files, folders, and any other components it uses.  It can also hide other malicious malware in addition to hiding itself.  With a bookit malware it will infect flash BIOs.  When you combine it with a rootkit functionality it becomes a hybrid and is hard to detect and remove.

Keyloggers

This is a malicious Trojan malware that monitors your keystrokes.  The attacker takes this information and puts them into a file and then sends this file off to remote attackers.  You can even purchase keylogger software which parents can use to record their children’s online activities.  With keylogger malware it can monitor all keystrokes or it can be set up to monitor a specific activity.