HomeResource CenterSecurity CenterBusiness Security

Cyber Security

Find out what you need to know to avoid a variety of cyber security attacks.

Social Engineering

In a social engineering attack, the attacker uses human interaction to manipulate you into disclosing information. Social engineering exploits our natural tendency to trust someone not to steal information.

Once the information has been stolen, the attacker can use it to commit fraud or identity theft. The most common types of social engineering attacks include:

  • Website Spoofing
  • Phishing Emails and Phone Calls

Website Spoofing

Website spoofing creates a fake website to mislead users into sharing sensitive information. Spoofed websites typically look exactly like a legitimate website published by a trusted organization.

Prevention Tips

  • Pay attention to the web address (URL). A website may look legitimate, but the URL may have a variation in spelling or use a different domain.
  • If you’re suspicious about a website, close it and contact the company directly.
  • Don’t click links on social media sites, pop-up windows, or untrusted websites. Links can take you to a different website than their labels indicate. Typing an address in your browser is a safer alternative.
  • Only give sensitive information (e.g. credit card numbers, social security numbers, etc.) to websites using a secure connection. Verify the web address begins with “https://” (“s” for “secure”) rather than just “http://”.
  • Avoid using websites when your browser displays certificate errors or warnings.

Phishing

Phishing is an attempt by an attacker to acquire information by masquerading as a trustworthy entity in an electronic communication. Phishing attacks are typically carried out via email, instant messaging, phone calls, and text messages (SMS).

Prevention Tips

  • Delete email, text, and social media messages asking you to confirm or provide sensitive information. Legitimate companies don’t ask for information this way.
  • Beware of website addresses sent in an unsolicited message. Even if you feel the message is legitimate, type web addresses into your browser versus clicking links.
  • Try to independently verify details in a message directly with the company or individual. For example, call the sender for verification.
  • Utilize anti-phishing features available in your email client and/or web browser, as well as email SPAM filtering to help prevent phishing emails from being delivered.
  • Do not open attachments from unknown senders or unexpected attachments from known senders.
  • Be cautious of the amount of personal data you make publicly available through social media and other methods.
  • When in doubt, do not click.

RESOURCES

In our ever-changing world, there’s always more to learn. Empower your financial health: Keep current on cyber security best practices and get answers to questions on everything from mobile wallets to business online banking.

Resource Center 

SWITCH TO MARBLEHEAD BANK TODAY.

We’ve been helping our neighbors succeed since 1871. Switch today and experience true local banking.