Ransomware

0
April 24, 2017 // Security, Technology, Tips



Bad guys using ransoms to extort money from innocent people isn’t just something you see in the movies anymore.  Every day, people’s computers and everything on them are being held hostage unless a ransom is paid.  This threat isn’t targeted at just businesses, it is very opportunistic, and infecting anyone it can. 

Ransomware is a type of malware that encrypts the data on an infected computer.  All of your precious family photos, videos and important documents, once encrypted, will no longer be accessible without the encryption key – which you can get only if you pay the amount the extortionist demands.  This could be hundreds or thousands of dollars.  What is your information worth to you?

Fortunately there is a better way to protect yourself than paying the ransom.  By taking a few simple steps, you can avoid falling victim to this money making scheme:

  • Back up your important files to a secondary location – Online Cloud Storage and USB attached hard drives are two great ways to back up what matters to you most in a second secure location.  Don’t worry about program files as they can be restored from the source.  Tax files, photos, videos, Word or Excel documents, are the types of files you want to ensure are backed up to a second location.
  • DO NOT keep your backup storage attached to your computer – Some systems allow you the ability to automate the backup of files to a secondary location.  Be careful, the ransomware is often sophisticated enough to encrypt your backup drives if it sees them and has access.
  • Think twice before clicking on links or downloading attachments – Links or attachments within Phishing emails and social media sites like Facebook could be a trap that once sprung, sets into motion the chain of events caused by ransomware.  Be very suspicious and ask yourself if it is really worth it to see whatever it is someone sent you.

If you become a victim of ransomware and you followed the steps above to back up your important files to a secure second location, don’t pay the ransom.  Take your computer into a local reputable computer repair shop to have it restored and then copy your important files back onto your computer from your back up.

Law enforcement doesn’t recommend paying the ransom, although it’s up to you to determine whether the risks and costs of paying are worth the possibility of getting your files back.  If you pay the ransom, there’s no guarantee you’ll get your files back.  In fact, agreeing to pay signals to criminals that you haven’t backed up your files.  Knowing this, they could increase the ransom price – and may delete or deny access to your files anyway.  Even if you get your files back, they may be corrupted and you might be a target for other scams.

Check back for more information on the next Mercantile Bank Security Minute.


Have you ever received one of these bogus tech support calls?  The fraudster calls claiming to be from technical support at Microsoft, Apple, or other well-known companies. They say that they’ve detected viruses or malware on your computer to trick you into paying for software you don’t need or worse yet, convince you to give them remote access to your computer to fix the problem.

These fraudsters take advantage of your concerns about viruses and other threats.  They know most computer users have heard over and over that it’s important to install and maintain security software.  But the purpose behind this elaborate scam isn’t to protect you and your computer; it’s to make money.

Once they have gained your trust, they may:

  • Ask you to give them remote access to your computer and then make changes to your settings that could leave your computer vulnerable.
  • Try to enroll you in worthless computer maintenance or warranty program.
  • Ask for credit card information so they can bill you for phony services – or services you could get elsewhere for free.
  • Trick you into installing malware that could steal sensitive data, like user names and passwords to online financial sites, your email account, and more.
  • Direct you to websites and ask you to enter your credit card number and other personal information.

Regardless of the tactics they use, they have one purpose; it’s to make money.

If you get one of these calls, HANG UP!  Microsoft, Apple or any other company will not call you proactively in this way. The caller will likely try to create a sense of urgency or use high-pressure tactics to get you to do what they want; Just Hang Up!

If you believe you may have been a victim of one of these scam calls, don’t panic.  Instead:

  • Unplug your computer from the internet.
  • Take your computer to a local reputable business that specializes in fixing computers; let them know what happened.
  • Once your computer has been repaired, or via another computer/device, change your passwords on all online financial and email sites you use and any other passwords you gave out.
  • If you paid for bogus services with a credit card, call your credit card provider and ask to reverse the charges.  Check your statements for any other charge’s you didn’t make, and ask to reverse those too.

Check back for more information on the next Mercantile Bank Security Minute.

Article Written By: Kyle Kunnen | SVP, Information Security Officer | Mercantile Bank of Michigan

If you are like me, once everyone is home for the evening, I go around and lock all the doors and make sure the two by four is in the track of the slider door.  As an added security measure we have motion sensors on some large outdoor lights.  Your computer is like your home and there are numerous ways you can protect it from intruders too.

A firewall is a definite must have if you connect your computer to the internet.  Not only ensure you have one, but also make sure the default administration password has been changed.  The default password on a lot of home systems is “password” and everyone knows this, especially those with malicious intent.  Change it to something only you know.  If you need to write it down, be sure to store it in a safe place.

I recommend you find someone who knows a thing or two about in home firewalls and seek their advice on the best way to configure your solution.  Below are some additional items to consider for improving security for your computer:

  • Endpoint Protection – This is a new term describing the next generation of Anti-Malware software.  Make sure you have one running on your computer.  There are many commercially available solutions.
  • Auto Updates – You need to ensure your Endpoint Protection, Operating System and other software applications remain updated with the latest security patches provided by the vendor.  The most convenient way to do this is using the auto update features built into these solutions.
  • Screen Saver Lock – By setting up a password for your computer and enabling the screen saver lock, you keep information on your computer safe.  It also provides you control over who you allow to utilize your computer and when.

 


Article Written By: Kyle Kunnen | SVP, Information Security Officer | Mercantile Bank of Michigan

My first car, a Chevy Cavalier Z24.  It was a manual and it was so much fun shifting through the gears at a rapid pace.  Today I enjoy driving my sons 1970 Dodge Dart Swinger.  Yes it is a manual transmission too and I have just as much fun racing through its gears like I did my old Z24.  Being an old car, it burns a little oil.  We check the oil regularly to avoid the risk of blowing up an engine.  Computers are like my son’s old car.  Preventative maintenance is also required.  While your computer may not blow up like an engine, it is at risk of failure if you don’t keep its operating system up to date. 

Vendors that manufacture the software for computers regularly release security updates.  These updates if not applied frequently will cause your system to be more susceptible to malware.  If your system is compromised, it can cause your system to behave erratically, become extremely slow, and even become inoperable. As a best practice, set your computer to auto update when a critical security patch is made available by the vendor.

The other software on your computer works the same way.  Vendors frequently produce releases to fix known security flaws.  Take a minute to review the settings within those applications.  You will likely find you can set them to auto update as well.


Article Written By: Kyle Kunnen | SVP, Information Security Officer | Mercantile Bank of Michigan

Mobile devices afford us the convenience of being connected anywhere, anytime.  Couple that with all the different forms of social media available today and you could be putting yourself at risk.  One way to limit your risk is to limit how much you share.  Most people would not share their tooth brush but are very comfortable announcing their next activity like “TGIF, heading north for a long weekend”. Think of your tooth brush before you make your next post and limit what and when you share.  Sharing how great your up north weekend escape was after it happened is much more appropriate then before you go.

Social media, like many applications is inherently good, but it can also be utilized by those with less than good intentions.  Below are some additional items to consider as you use social media:

  • Thoroughly review the security and privacy settings – Most applications like, Facebook for example, give you a lot of control over security and privacy.  Make sure you take the time to set them appropriately and check back periodically as vendors add security features which by default are not automatically enabled.
  • Don’t be a friend or connect to everyone – Do you know everyone you are connected with via social media?  If not, a perfect stranger could be watching everything you post.  Consider setting up special groups like Family, Friends or a Special Interest so you can share what is appropriate within those groups and membership is controlled.
  • Posting Pictures Online – If you are taking pictures with your mobile device, make sure you have disabled your phones ability to tag the photo with the GPS location of where it is tagged.  If you don’t and it gets into the wrong hands, the GPS coordinates could lead someone right to your front door.
  • Review the privacy settings on your mobile device – There are many configurable security and privacy settings within your mobile device.  Typically you can find them under the settings icon.  You may be shocked to know what your device is doing to track you and your activities.

Article Written By: Kyle Kunnen | SVP, Information Security Officer | Mercantile Bank of Michigan

Mobile devices have become a significant part of our lives. It wasn’t that long ago, cell phones were a privilege afforded by only a few. Today, virtually everyone carries a mobile device. The allure of always being connected and immediate access to virtually anyone or everything is immense. This additional access while great is not free from risk. Because we use our mobile devices to shop, bank and conveniently access private information, it has become even more imperative to take added precaution. Whether it is a cell phone, tablet, or other mobile device, they typically have the ability to enable a screen locking feature. Enabling this feature not only requires a code for entry, it also encrypts the contents stored on the device. This is a great first step in securing your mobile device providing assurance your information remains protected if lost or stolen.

Below are some additional items to consider as you use your mobile device:

  • Never jailbreak your mobile device – While it seems to add functionality to bypass restrictions set by the manufacturer, it also greatly diminishes the devices security.
  • Only use device approved app stores – The Google Play or Marketplace and Apple’s App Store. Other places exist to download apps that appear to be the same as those found in the traditional app stores, but are often repackaged solutions with malicious intent. 
  • Remove no longer used applications – This will not only free up space, but reduce the number of possible applications that could someday become a vulnerability. 
  •  Keep your device operating system and apps updated – Vendors often release patches to add new features or functionality. In addition, they often deliver important fixes to known security issues. For convenience, you can configure your device to apply these updates automatically when they become available.

Check back next week for more information on the next Mercantile Bank Security Minute.

Article Written By: John Schulte| SVP, Chief Information Officer| Mercantile Bank of Michigan

Just in time for the holidays, when finances and overspending can be stressful, the new Cash Flow module is now live in our online management tool, MercMoney®. The Cash Flow module offers an easy way to project out your income/expenses (and replace the old checkbook register). 

MercMoney® is integrated into our online banking system and is a great way to empower you to take control of your finances and simplify your life. Budgeting, account aggregation and debt management are a just a few of the tools available, and best of all it’s free with any Mercantile checking or savings account.

Community Bank

It’s easy to set up MercMoney® and the Cash Flow module with a set-up wizard that identifies most re-occurring transactions, allows you to choose/edit future dated transactions and search history for other re-occurring items the wizard may miss. The wizard makes it easy (5-10 minutes) to replace a work intensive spreadsheet or manual process cash flow tracking process.

fintech financial management tool

This module works both for people who want an easy, casual estimate of their cash flow and for those who keep detailed records. It can replace your current checkbook register, spreadsheet, Quicken or paper reconciliation process – with an automated and more efficient cash projection. The mobile version of this module is expected to be released in early 2017 so you can budget while on the go.  

If you would like more information on MercMoney® and the new Cash Flow module visit https://www.mercbank.com/electronic/merc-money.asp or stop in to any of our branches.

 

Mercantile Bank interns Maddie Hugen and David Schroeder took on the task of creating a video that would give an overview of their experience at Mercantile Bank.  They collaborated with fellow Merc interns throughout Michigan to create this video showcasing their collective experience.

Exciting news! We are upgrading our online and mobile banking experience!  Improved with you in mind, this new design will make it faster and easier to use than ever before.  With enhanced security, new features and expanded functionality, it will offer convenient access to your banking information whenever and wherever you need it.  This upgrade will occur on September 14, 2016.  We encourage you to visit our Readiness page:  https://www.mercbank.com/upgrade/  to find out more details. 

 

At Mercantile Bank, you’ll find a home mortgage experience unlike any other.  We provide personalized service that goes far beyond appraisals, escrows, and finance rates.  We’re with you step by step through the entire mortgage process to make sure that you get the home financing program that meets your needs and lifestyle.  Visit our newly designed website to find out all the ways our team can help you.  Whether it’s a new purchase, or refinancing your existing home, discover why we’re the premier choice for all sorts of home loans.  *All loans subject to credit and collateral approval.

https://www.mercbank.com/mortgage/index.asp

 

An essential part of our cornerstone values is to strengthen the communities we serve throughout Michigan.   We accomplish this in many ways including our commitment to revitalizing our neighborhoods as well as creating and promoting economic prosperity by investing in industry, agriculture and real estate.  We also have a relentless drive to help provide affordable housing, supporting housing for low and moderate income families, persons with developmental disabilities and the homeless.

Our most significant impact goes beyond financial investments.  Our hands-on approach to community engagement has helped to support the people in our communities in countless ways.  Over the past year, Mercantile Bank employees have volunteered a total of 30,140 hours.  That’s an average of 62.53 hours per employee.  We’re proud of the efforts of our team throughout the communities we serve. 

 Watch our Community Impact Report video to learn more about all the ways we’re impacting our communities.

 

 

Mercantile Bank´s Giving Together program is another way for us to give back to the communities we serve. Non-Profit organizations are able to apply to be considered for a chance to receive a donation decided by the public during a weeklong voting period at www.mercantilegivingtogether.com or at our Facebook page at https://www.facebook.com/mercbank

Congratulations to the most recent winners of our Giving Together Program! 

First Place: The Geek Group National Science Center

Second Place: West Michigan Veterans Assistance Program

Third Place: Foster Closet of Michigan-Isabella County Branch

Thank you to all of our finalists for the meaningful work that you do in our communities.  It’s our pleasure to help you in your mission. 

We are currently accepting applications through September 26th for Health & Human Service related organizations. To find out more about our Giving Together Program and to apply, visit us at: www.mercantilegivingtogether.com                                                                                                                                           

 

Old Town Lansing was the 2015 Community and Economic Development Giving Together Program recipient of a $5,000 donation. We visited with them recently to see how they are doing and how the Giving Together grant made an impact on them and the community they serve. See what Jamie Schriner-Hooper, Executive Director of Old Town Commercial Association had to say about their positive experience last year.

We are currently accepting applications from non-profit organizations with a Community and Economic Development focus. If you would like to see how the Mercantile Giving Together program can impact your organization and community, please visit www.mercantilegivingtogether.com to apply by June 27.