Information Security

 

Common Best Practicies

You should always have proper antivirus, antispyware and firewall measures in place. These systems should be properly maintained (regular updates and scans). There are several other forms of protection, such as web content filtering and intrusion prevention devices, that would be wise to add. These can be installed in one single unified thread management (UTM) software package or hardware appliance. Or you can achieve these levels of security through a layered approach. No matter which option you choose, you should make a concienous and informed decision on how to protect your personal information stored on or transmitted by your computer system. Below are some common terms and methods used by hackers.

 

Spyware

"Spyware" is a commonly used term to describe software that collects data without the prior knowledge or informed consent of the data's owner.  Community First Bank & Trust recommends that you install an AntiSpyware scanner program on your computer.  As with most scanning programs you must make sure that you keep the definition files up-to-date and perform a full system scan routinely.  Some popular tools used to clean your computer from spyware are:

 

CCleaner (www.ccleaner.com)

Glary Utilities (www.glarysoft.com)

Ad-Aware (www.lavasoft.com)

 

* These addresses are not links so you will need to copy and paste them in your browser address bar.

 

Phishing
Phishing is a scam that encompasses fraudulently obtaining information by sending an e-mail that appears to originate from a trusted source, such as a financial institution, government agency or other entity.  Community First Bank & Trust recommends that you use precaution any time you receive an email from someone requestion private/personal information.  Most reputable organizations will not request this type of information via email.

 

Pharming
Pharming refers to the redirection of an individual to an illegitimate website through technical means. For example, an Internet banking customer, who routinely logs in to his online banking website, may be redirected to an illegitimate website instead of accessing his or her bank's website.  We go to great lengths to make sure that our customers' information is always secure.  If a Community First Bank & Trust customer ever suspects their Internet Banking session has been pharmed please contact Community First Bank & Trust immediately.

 

Man-in-the-middle attack (reference - Wikipedia)

The man-in-the-middle attack (often abbreviated MITM, MitM, MIM, MiM, MITMA, also known as a bucket brigade attack, or sometimes Janus attack[citation needed]) in cryptography and computer security is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances (for example, an attacker within reception range of an unencrypted Wi-Fi wireless access point, can insert himself as a man-in-the-middle).