INFORMATION FOR HEARTBLEED VIRUS

The recently identified Heartbleed Bug is a serious vulnerability in the popular OpenSSL software library.  Many online applications use the OpenSSL software to secure their websites.  This vulnerability to the Heartbleed Bug allowed hackers to steal information protected under normal conditions by OpenSSL encryption. At the time of its discovery, an estimated 66% of the internet's web applications were susceptible to the Heartbleed Bug. All customers using online applications should immediately go to their accounts and change your online passwords.  This should be done on any website you have to log into with a user name and password but especially any website that you have personal information connected with it, including but not limited to, Credit Card Websites, Banking Websites, Bill Pay Websites, Etc.  Please go to these sites and change your password at this time so that the hackers will not have your updated password now that the Heartbleed Bug has been detected and web applications have patched their systems to deny the vulnerability to the Heartbleed Bug.

 

We assure you that if we need to communicate with you in the near future, we will not ask you for account numbers or personal information.  If you receive any communication from a company asking you questions about your accounts, personal information, or any other information that may pertain to the Heartbleed Bug, please do not give it to them.  Hang up and call the company directly, whether it be a credit card company, financial institution, or anyone.  Be aware that the hackers may have obtained some of your information  from the Heartbleed Bug and they may attempt to use it to get more information from  you. 

 

If you want to check if a website you have an affiliation with was vulnerable to the Heartbleed Bug, please visit: 

htttps://lastpass.com/heartbleed/

 

Please contact your local branch of Laona State Bank if you have any concerns about your accounts or if you have further questions.  We are your partner in keeping your information safe.


 

INFORMATION FOR TARGET STORE BREACH

 

Target Stores have experienced an incident involving unauthorized access to payment card data from November 27, 2013 through December 15, 2013.  This incident was a data breach of the system at Target Stores and was quickly addressed by our staff at Laona State Bank so that our customers did not have negative activity on their accounts.

All cardholders are encouraged to exercise additonal caution and review activity on a more frequent basis if they are concerned that they may be impacted by the incident.  If you have activity that was not authorized by you on your account, please contact our staff right away and we'll take care of it for you. 

We apologize for any inconvenience this may have caused our customers when re-ordering their debit cards but we felt that this was the most effective way to handle this incident.

  




 "RANSOM" VIRUS ATTACKS GLOBAL COMPUTER NETWORKS

A Swansea, Massachussetts police department was recently struck by a computer virus that encrypted the department’s files and would only decrypt them if a “ransom” was paid. The department paid $750 in Bitcoins, or unregulated  Internet currency, to have their files released by the program. This “ransom” phenomena is occurring both around the nation and around the globe, as computers become infected with a "ransomware," or “cryptolocker” virus, which freezes your computer screen and demands payment to free it.

The latest variation, according to Fox News, is the "FBI bug." The virus falsely purports that the FBI has caught you doing something illegal on your computer and subsequently demands payment to "forgive" the "first offense" matter, Fox reports. The most common sites that trigger the bug are adult-oriented sites.

 

The National Crime Agency of England warns that “tens of millions” of British citizens have been targeted by the fraud. The Daily Telegraph reports that “the spammers are particularly aiming the virus - known as ransomware - at small and medium size businesses. It is disguised as an email alert about suspicious payments or invoices.

 

Upon opening, the virus 'freezes' the computer and the local network and demands a ransom to unlock the machine.

 

The NCA described the 'mass spamming' event as a 'significant risk,” The Telegraph said.

 


 

 

 

 

Consumer Tips from Your Community Banker

(September 2013) 

Family Game Night: Financial Capability 

Daily routines change with the seasons for Wisconsin parents who are shepherding children back to school or adjusting to new job schedules, carpools, or after-school and weekend activities. To ensure that kids' financial learning keeps up with the rest of their education, parents may want to introduce their children to the wealth of financial capability games available.

For instance, a UW-Extension publication describes several popular options, including Financial Football (www.practicalmoneyskills.com/games/trainingcamp/), produced by Visa and the National Football League. Teams compete by answering questions to earn yards and score touchdowns. This game is one of several offered at www.practicalmoneyskills.com/games and designed for various ages, as well as both individual and group play. Financial soccer offers a version that can be used by audiences around the globe. A few of these games, like Countdown to Retirement, even focus on adult financial education.

Several federal agencies showcase educational games on their websites, for example, the U.S. Mint has its kids page (www.usmint.gov/kids/) with more than 30 puzzles, quizzes, and games, some for group play. They just might spark a lifelong interest in U.S. history, coin collecting, or even geography though such games as The Lewis and Clark Adventure and the Quarter Explorer.

 

Visit www.federalreserveeducation.org to find more than a dozen games and simulations designed for high school students, with many also applicable to adults. These cover Federal Reserve history and structure, in addition to economic and monetary policy. The games include word search puzzles, matching games, flash cards, trivia questions, and more. There's also a video on the structure of the central bank's structure and an "extra credit" game, Take Me Out to the Ball Game discussion that teaches economic concepts.

 

Supported in parts by grants from the U.S. Department of Education, Maryland Public Television offers Sense and Dollars (http://senseanddollars.thinkport.org/), an interactive journey that helps high school students think about their relationship with money, the ways in which they might earn it, and how they plan to spend it.

 

On its website, the Wisconsin Department of Financial Institutions provides a list (www.finlitwi.org/students_games/index.html) of links to a wide variety of interactive games. DFI also offers an online Kids Page (www.wdfi.org/ymm/kids/) where they can learn by reading brief, illustrated chapters about the history of money, savings accounts, financial institutions, and more. Each section ends with a quiz, so they can test their new knowledge.

 

This proliferation of interactive educational games offers options for people of all ages and interests. Parents can explore the links in advance and then suggest a few sites to their kids. They may even want to play right along with them. There is always something new to learn about getting and spending, saving and planning for life success. After all, financial planning is not just about dollars; it's about creating a rewarding life.


Computer Security

Scammers, hackers, and identity thieves are looking to steal your personal information – and your money. But there are steps you can take to protect yourself, like keeping your computer software up-to-date and giving out your personal information only when you have a good reason.

Don’t buy security software in response to unexpected pop-up messages or emails, especially messages that claim to have scanned your computer and found malware. Scammers send messages like these to try to get you to buy worthless software, or worse, to “break and enter” your computer.

Treat Your Personal Information Like Cash

Don’t hand it out to just anyone. Your Social Security number, credit card numbers, and bank and utility account numbers can be used to steal your money or open new accounts in your name. So every time you are asked for your personal information – whether in a web form, an email, a text, or a phone message – think about whether you can really trust the request. In an effort to steal your information, scammers will do everything they can to appear trustworthy.

Check Out Companies to Find out Who You’re Really Dealing With

When you’re online, a little research can save you a lot of money. If you see an ad or an offer that looks good to you, take a moment to check out the compnay behind it.  Type the company or product name into your favorite search engine with terms like “review,” “complaint,” or “scam.” If you find bad reviews, you’ll have to decide if the offer is worth the risk. If you can’t find contact information for the company, take your business elsewhere.

Don’t assume that an ad you see on a reputable site is trustworthy. The fact that a site features an ad for another site doesn’t mean that it endorses the advertised site, or is even familiar with it.

Give Personal Information Over Encrypted Websites Only

If you’re shopping or banking online, stick to sites that use encryption to protect your information as it travels from your computer to their server. To determine if a website is encrypted, look for https at the beginning of the web address (the “s” is for secure).

Some websites use encryption only on the sign-in page, but if any part of your session isn’t encrypted, the entire account could be vulnerable. Look for https on every page of the site you’re on, not just where you sign in.

Protect Your Passwords

Here are a few principles for creating strong passwords and keeping them safe:

  • The longer the password, the tougher it is to crack.  Use at least 10 characters; 12 is ideal for most home users.
  • Mix letters, numbers, and special characters.  Try to be unpredictable – don’t use your name, birthdate, or common words. 
  • Don’t use the same password for many accounts.  If it’s stolen from you – or from one of the companies with which you do business – it can be used to take over all your accounts.
  • Don’t share passwords on the phone, in texts or by email.  Legitimate companies will not send you messages asking for your password.  If you get such a message, it’s probably a scam.
  • Keep your passwords in a secure place, out of plain sight.

Back Up Your Files

No system is completely secure. Copy important files onto a removable disc or an external hard drive, and store it in a safe place. If your computer is compromised, you’ll still have access to your files

 

DEBIT CARD USERS


  • Don't carry your PIN in your wallet or purse or write it on your ATM or debit card.
  • Do not give your PIN to ANYONE
  • Never write your PIN on the outside of a deposit slip, an envelope, or other papers that could be easily lost or seen.
  • Carefully check ATM or debit card transactions before you enter the PIN or before you sign the receipt; the funds for this item will be fairly quickly transferred out of your checking or other deposit account.
  • Periodically check your account activity. This is particularly important if you bank online. Compare the current balance and recent withdrawals or transfers to those you've recorded, including your current ATM and debit card withdrawals and purchases and your recent checks. If you notice transactions you didn't make, or if your balance has dropped suddenly without activity by you, immediately report the problem to your card issuer. Someone may have co-opted your account information to commit fraud.