In our everyday lives, all of us take for granted that others understand what we are talking about.  For example, a mechanic may say, “Your tracking is out on your car”, which means, your tires are out of alignment.  A nurse may say, you need “CBR”, which means, complete bed rest.

In the computer world, the same thing happens.  Words that are used daily, make perfect sense to the ones in this arena, however, I’m sure it’s a foreign language to some.  Here are some commonly used cybersecurity terminology that will bring a little insight.

General Cybersecurity Terms

1. Threat: Any potential danger to information systems, networks, or data.
2. Vulnerability: A weakness in a system or software that can be exploited by a threat.
3. Exploit: A piece of code or method used to take advantage of a vulnerability.
4. Attack Vector: The method or path used by hackers to access or compromise a system.
5. Zero-Day: A vulnerability unknown to the vendor, often exploited before it’s patched.
6. Patch: A software update designed to fix vulnerabilities or improve functionality.

Malware and Attack Types

1. Malware: Malicious software, such as viruses, worms, trojans, ransomware, and spyware.
2. Phishing: Fraudulent attempts to obtain sensitive information by pretending to be a trustworthy entity.
3. Ransomware: Malware that encrypts a victim’s data, demanding payment for its release.
4. DDoS (Distributed Denial of Service): An attack that overwhelms a network or server with excessive traffic, causing it to crash.
5. Spyware: Malware that secretly collects information about a user’s activities.
6. Adware: Software that automatically displays or downloads advertisements.
7. Social Engineering: Psychological manipulation of people to divulge confidential information.

By no means is this an exhaustive list, but this may give a little insight when this “foreign language” is spoken in your presence. 

As a Community Bank, we support our local businesses and economy.  Supporting local businesses keeps money circulating within our community. Independent shops often source products and services locally, creating a ripple effect that benefits other businesses, creates jobs, and strengthens the local economy.

Local businesses often offer unique, handcrafted, or specialized items that you won’t find in big-box stores. Additionally, they provide personalized customer service, making your shopping experience more meaningful and tailored to your needs.

During the holiday season, it may be necessary to shop online due to reasons out of your control.  Here are some safety tips to keep your shopping experience safe from online fraudsters.

1. Stick to Trusted Retailers

Only shop on well-known websites or retailers with a solid reputation. If you’re exploring a new site, verify its authenticity by reading reviews and checking for contact information. Look for security indicators, like “https://” in the URL and a padlock icon, to ensure the site encrypts your data.

2. Beware of Holiday Scams

Avoid deals that seem too good to be true, especially from unknown sellers or ads on social media. Scammers often prey on holiday shoppers with fake discounts. Don’t click on links in unsolicited emails or messages. Instead, go directly to the retailer’s website.

3. Use Secure Payment Methods

Enable two-factor authentication (2FA) on your payment accounts for added security.

4. Monitor Your Accounts Regularly

Check your bank and credit card statements frequently to spot unauthorized charges. Set up transaction alerts through your bank or card provider to stay informed about the activity.

5. Protect Your Personal Information

Use strong, unique passwords for your shopping accounts and update them regularly. Consider using a password manager to keep track. Avoid shopping on public Wi-Fi networks. If you must, use a virtual private network (VPN) for encryption.

These tips not only protect you from fraud but also ensure a stress-free holiday shopping experience!

Remember to SHOP LOCAL to keep our local economy strong!

BankingBytes is a Quarterly feature that will provide information on some of the most commonly asked I.T. questions received at the Bank. In researching articles for our customers, AI, or Artificial Intelligence, is real and probably you’re using it.  Think Chat GPT, your Apple phone’s “Hey Siri”, and some GPS applications like Google Maps and Waze use AI algorithms to determine routes and provide real-time updates to users.  While AI can be used effectively, this article, from June 11, 2024, points out how AI can be used in fraudulent ways.  As always, stay vigilant!

There’s No Faking It: Deepfake Fraud Is a Real Problem

Source: https://www.idx.us/

Summary:

Scammers are using realistic, AI-generated deepfakes for the purpose of committing identity fraud and other crimes. Here’s how the technology is being used by bad actors, how to recognize deepfake audio and video, and how to protect yourself against this evolving threat.

AI-generated audio and video are being used to trick businesses and individuals

The person at the other end of that video call certainly looks and sounds legitimate. Maybe it’s someone you’ve bonded with on a dating site, or maybe it’s a semi-distant relative or remote work colleague. Yes, it’s odd that they’re asking you to send them money or provide sensitive personal information, but you trust them.

Just one problem: They’re not real. Their image and voice have been generated through artificial intelligence (AI), and are being controlled behind the scenes by a scammer. What you’re experiencing is a deepfake, a rapidly evolving technology often used for malicious acts.

The U.S. Government Accounting Office (GAO) defines a deepfake as video, photography, or audio that “seems real but has been manipulated with AI. The underlying technology can replace faces, manipulate facial expressions, synthesize faces, and synthesize speech.”

More and more criminals are using AI deepfakes to commit identity fraud or pry money and data from businesses and individuals. The digital verification platform Sumsub reported an astonishing 1740% jump in deepfake-related fraud attempts in North America between 2022 and 2023.

How deepfakes are being used in scams

By creating a deepfake persona, fraudsters can trick people into believing they’re interacting with someone they know or want to know. This builds trust, making it easier for the scammer to manipulate the victim. Cybercriminals can also utilize deepfakes to create compromising material for the purpose of extortion. They can use an AI bot to, for example, take a brief snippet of a person’s real voice and “clone” it to produce an authentic-sounding facsimile; the faked voice can then be made to say just about anything.

The majority of deepfake fraud cases thus far have targeted businesses. Even large global companies can fall for these scams: In one recent example, an employee at a multinational design and engineering firm was tricked by a deepfake video call into transferring $25 million of the company’s funds to fraudsters. Many bad actors, meanwhile, are using deepfake audio and video in attempts to gain access to company data, which could result in breaches of customer information.

As this technology grows more sophisticated, it’s also getting easier to use—which means it’s becoming increasingly popular as a method to defraud individuals. Deepfakes have already made their way into the world of romance scams, according to a recent report in Wired. The article described how a crew of scammers used “deepfakes and face-swapping to ensnare victims in romance scams, building trust with victims using fake identities, before tricking them into parting with thousands of dollars.”

Tips for detecting deepfake video and audio

While a number of deepfake detection tools currently exist, many are only available to businesses. Also, most are designed to analyze recordings, and cannot help in real time during audio or video calls. To recognize deepfakes in real time, you’ll most likely have to rely on your own powers of observation.

The MIT Media Lab offered tips on how to determine whether a person seen on video is a deepfake. Zero in on elements of the person’s face, they advised. This includes:

• Cheeks and forehead – “Does the skin appear too smooth or too wrinkly? Is the agedness of the skin similar to the agedness of the hair and eyes?”

• Eyes and eyebrows – “Do shadows appear in places that you would expect?”

• Eyeglasses – “Is there any glare? Is there too much glare? Does the angle of the glare change when the person moves?”

• Blinking – “Does the person blink enough or too much?”
• Lip movements – “Some deepfakes are based on lip syncing. Do the lip movements look natural?”

In an article for PolitiFact, Manjeet Rege, director of the Center for Applied Artificial Intelligence at the University of St. Thomas, and Siwei Lyu, a computer science and engineering professor at the University at Buffalo, offered advice on listening for clues that a voice might actually be an audio deepfake. These include “irregular or absent breathing noises, intentional pauses and intonations, along with inconsistent room acoustics.”

Use your common sense

One thing is clear: Deepfake technology is evolving at such speed that it will become progressively more difficult to tell fiction from reality. Today you might be able to spot a weird glitch in a person’s face on video, or a strange vocal pattern on a call. But those flaws might not be as noticeable a year or two from now.

Beyond the observational tips offered here, your best defense is to use common sense. If someone contacts you by phone or video—whether or not it’s a person you seemingly know and trust—and makes an unusual request or demand involving money or sensitive information, step back and assess the situation. Do whatever you can to independently verify that what the person is telling you is true. As AI expert Manjeet Rege said in the PolitiFact interview, “Healthy skepticism is warranted given how realistic this emerging technology has become.”