UniCredit S.p.A.

05/06/2019 | News release | Distributed by Public on 05/06/2019 02:12

Online Security. What matters is avoiding serious troubles every day

Tips to protect your computer routines

These days, connecting with digital services is a daily practice: each day we communicate, speak and pay using PCs, smartphones and tablets.

This is why the topic of IT security is becoming increasingly important. Given the immediacy and ease with which we connect to the web through wi-fi and mobile networks, close attention must be paid to ensure secure access to email, home banking and social networks and to prevent thefts of information and money.

We must never lower our guard: here are some practical tips on how to behave to safely manage your computer routine .

Phishing: how to recognize it and defend yourself from scams

In a sea of emails, there is always some bait ready to mislead you. Don't put your security at risk: it is important to recognise attempts at phishing so that you can't be reeled in.

Vishing and Smishing, the latest in cyber scams: be careful of text messages, WhatsApp and fake call centres

Suspicious links and unlikely promotions are wake-up calls for scams, hacker attacks and IT virus. Better not to be caught unprepared!

Password: how to create, remember and manage them safely

Does every application need a password? There are so many of them and it's not easy to remember them all. What you need to do is find the right way to choose them and keep them safe.

Dangerous files: how to protect your devices from viruses

Prevention is better than cure! Computer viruses are contagious but the best doctor for your PC and devices is you.

Tips to protect your computer routines

1Is your password safe? What counts is using more than one

Never use the same password for different accounts. Always protect your email, social media profiles, user profiles associated with home banking services, credit cards, financial products and investments with different passwords. Indeed, if a hacker were to attack one of your accounts, they could also access the other ones protected with the same password, and access your user profiles.

Previous1 of 9Next
2Don't get reeled in by phishing

To force a security system protected by a password, a hacker often resorts to phishing: through email messages, which appear to have been sent from a bank or website, the recipient receives an urgent request to login. As soon as the user logs in, the data entered land directly in the hands of the cyber criminals. Always verify the sender: these phishing emails are easily recognised since they often conceal two different or strange addresses. And never click on an offer you haven't requested.

Previous2 of 9Next
3If the protocol is HTTPS, you're safe

When a website asks you to download data or log in with a user ID and password, check that there is a green padlock icon on the left of the address bar followed by the HTTPS protocol.

Previous3 of 9Next
4Document you haven't requested? Bin it!

If you receive an email with unusual links or attachments (for example notarised documents or other types you do not deal with as part of your job), be cautious and refrain from clicking on or downloading these. And never reply to the sender providing them with the requested data.

Previous4 of 9Next
5Words are important and they should be correct

Pay attention to the subject of the email: if it contains grammatical errors or is inconsistent with your native language, bin it without opening it. Many hackers try to enter the profiles of users in various parts of the world with texts translated through online translation services that have yet to be perfected and therefore it is quite easy to see that they were generated by dubious sources.

Previous5 of 9Next
6In the case of files with suspicious filename extensions, the rule is: bin them!

When you receive an attachment, always check the filename extension before double clicking on it. Besides files with the .exe filename extension, viruses concealed in false invoices, fines, shipping delivery notices, etc. also spread quickly and are usually sent as .doc and .pdf files. Be very wary of files that do not have one of these extensions: if you receive one, don't attempt to understand what it is, rather bin it immediately.

Previous6 of 9Next
7Never lower your guard: even the most harmless emails can be dangerous

One of the strategies used by hackers is that of spreading viruses through email messages with suspicious attachments, for example, chain letters. Often the subject of these emails appears harmless, making you lower your guard. But be careful! Through the attachments to be downloaded and installed, these are precisely the kinds of email messages that allow IT pirates to enter your user profiles. In this case, never answer or forward these emails: bin them and empty the bin.

Previous7 of 9Next
8Going on holiday is OK, but letting everyone know opens you up to problems

If you are out of the office, only set the Outlook out-of-office automatic answering service for recipients within the company, and not for external recipients. This way you'll avoid letting any potential hackers know that you won't be around on a daily basis for a while.

Previous8 of 9Next
9Keep a close eye on your account: in the case of suspicious transactions, contact your bank

Check the transactions on your bank account at least once a week and, if possible, activate the SMS alert service that instantly notifies you of any transactions involving money leaving your account. If you note any transactions or charges that are off, contact the bank immediately to request clarification and, in the case of operations that have not been requested, report the occurrence immediately, providing any information that might help identify the origin of the infringement.

Previous9 of 9Next

Safe surfing: here's how to avoid getting trapped in a (public) net

Your device is at risk when you're connected to unsafe wi-fi connections, since they make identity frauds attempts more likely

Better safe than sorry! How secure are public wi-fi networks?

1Are public wi-fi networks safe?

Free public wi-fi networks such as those offered by shopping malls, airports, hotels or resorts, are not always secure and you must follow some procedures to check and make sure that you have not made any sensitive data available to hackers. Firstly, once your smartphone or laptop has found a free wi-fi network, ensure that it is protected, i.e. that you need to sign up to use it and must login with a user ID and password supplied by the service provider.

Previous1 of 5Next
2Using websites when on the move: how do I browse remotely and securely?

When you browse far from the office or home, always check the security protocols of the websites you are visiting: only use an HTTPS that supports SSL (Secure Sockets Layer). Avoid logging into financial services (such as home banking) or paying with credit cards when you are not 100% sure that your wi-fi connection is secure.

Previous2 of 5Next
3Is there an alternative to wi-fi for browsing far from home and the office?

Yes! You can use a hotspot with a data connection (all mobile phone providers offer this service) or use your smartphone as a hotspot to browse with a computer. In these two cases, rather than using the wi-fi network you use the tariff plan of your mobile service provider. For professionals who are always away on business, an advanced solution is a VPN connection (Virtual Private Network) which is activated when you find a wi-fi network. In this case, an encryption tunnel is created through which the data travel, making a potential attack by hackers extremely difficult.

Previous3 of 5Next
4And what if I'm abroad?

Our first tip is that you should install all the software and app updates available before your departure using secure connections (at home or in the office). In this way, you'll avoid doing this when you leave the country where your data connection provider operates. Additionally, change your passwords regularly with an update to make them less vulnerable. And finally, only use protected wi-fi connections (see question 1) and, if possible, a VPN (question 3).

Previous4 of 5Next
5How secure are my profiles on social media networks?

Social media networks enable you to publicly share your location and other personal information. To avoid becoming vulnerable to cyber attacks, remember as follows: do not accept contacts from strangers; register with a different email address from the one you use for work; enable dual authentication and regularly update your passwords; optimise the privacy settings for the various social media networks. Finally, try to always be pro-active. In the case of suspicious activities, many social media networks send notification to the email address you registered with, reporting the date, time, place and browser used and asking you to confirm the attempt to access your profile. If it wasn't you, change your password immediately!

Previous5 of 5Next

Phishing and scams by email: a risk for the self-employed and SMEs

A sudden change in a traditional payment method or an unexpected request from one of your suppliers sounds like a wake-up call. Find out how to protect your self!

UniCredit ATMs: secure withdrawals

Withdrawing money from an ATM is something we do daily, often paying little attention to our actions. Yet users are regular victims of theft and fraud, crimes that are not limited to the elderly, as many people think. The Italian Postal Police report almost daily cases of 'cash trapping' to steal the bills distributed.

To protect its clients from risk, UniCredit uses ATMs equipped with the latest tamper-proof technology. For example, the card entry slot is protected by its special shape that prevents fraudsters from copying the magnetic strip. A message on the screen informs users immediately when withdrawal is not available. If, however, it is available but cash cannot be dispensed due to technical problems, the operation will be cancelled immediately.

What are the modus operandi of these fraudsters?

One trick is the 'forking' technique. A handmade tool measuring about 18 cm long (called a 'fork' because of the two tongs on one end) is inserted in the ATM slot that distributes the cash to capture the bills before they are released.

Once the 'fork' is in place, when an unwitting customer makes a withdrawal, the bills are blocked inside the machine, leading to believe there is a technical problem. All the thieves have to do is wait for the person to leave, then remove the device to recover the money.

Another scam frequently reported to the Authorities concerns ATMs located inside bank branches. In this case, a fraudulent device installed on the door exit release in the ATM lobby, captures the customer's card and dispenses a clone, hanging on to the real one. Often, to keep the hoodwinked customer from noticing the card switch, a few accomplices rush in and pretend that they need to make a withdrawal, thus hastening the victim out the door.

Therefore, since Forewarned is Forearmed, it is important to adopt common sense safety behaviour when you withdraw cash. Before the transaction, always make sure there is no one looking over your shoulder, shield your PIN code from indiscreet eyes, choose ATMs in central and busy locations and try to make withdrawals during the daytime.