Wednesday, May 28, 2008

May 2008 News & Views Below


CU InfoSECURITY News Providing a brief summary of news and information related to security issues for credit unions - Plus some interesting and fun web sites.
(Click on photos to enlarge)

The Customer Service Hall of Shame

Four 'winners' from MSN Money's inaugural list are back -- 3 with scores even worse than last year's. See the 10 companies Americans love to hate.

The company at the bottom of the customer-service heap is Time Warner's AOL. A remarkable 47% of people who had an opinion of AOL's customer service said it was "poor." Analysts said that rating may have something to do with its effort to transition from an Internet service provider -- where it still has more than 9.3 million paying subscribers -- to an ad-supported Web portal.



International Phishing Ring Busted

Some 38 people in the U.S. and Romania were indicted by separate federal grand juries on racketeering, bank fraud and other charges related to allegedly running an international phishing expedition that stole online bank-account information from thousands of customers at hundreds of financial institutions, according to the U.S. Department of Justice.

In Los Angeles, 33 people were charged in a 65-count indictment in their roles in the Internet schemes. Seven more were indicted in a District of Connecticut indictment, which included two also named in the LA-based charges. According to indictment details, gang members in Romania got their mitts on thousands of credit- and debit-card accounts by massive phishing efforts—including one attack that involved 1.3 millions spams.

The Romanian gangs handed off the data to their U.S. contacts through Internet chat messages, who then used encoders to transpose the information onto credit and debit cards. Cards that proved successful in small-sum “test” runs on ATM machines or POS terminals were then used for large-scale withdrawals. A portion of the illegal gains was then wired back to the Romanian sources.

Friday, May 23, 2008

ID-protection ads come back to bite ID Company

Todd Davis has dared criminals for two years to try stealing his identity: Ads for his fraud-prevention company, LifeLock, even offer his Social Security number next to his smiling mug.

Now, Lifelock customers in Maryland, New Jersey and West Virginia are suing Davis, claiming his service didn't work as promised and he knew it wouldn't, because the service had failed even him.

Attorney David Paris said he found records of other people applying for or receiving driver's licenses at least 20 times using Davis' Social Security number, though some of the applications may have been rejected because data in them didn't match what the Social Security Administration had on file. Davis acknowledged in an interview with The Associated Press that his stunt has led to at least 87 instances in which people have tried to steal his identity, and one succeeded: a guy in Texas who duped an online payday loan operation last year into giving him $500 using Davis' Social Security number.

Paris said the fact Davis' records were compromised at all supports the claim that Tempe, Ariz.-based LifeLock doesn't provide the comprehensive protection its advertisements say it does.

Navy Federal to expand FOM to all armed forces

Does Navy FCU really need to expand its field of membership? How "big" is "big?" Does a CU need to be bigger in order to be better? Questions to ponder.

Navy FCU says it will expand its field of membership to include all branches of the armed forces.
Membership benefits will be available to all Navy, Marine Corps, Army, Air Force active duty, reserve and guard personnel and all civilians working in the Department of Defense, the $35 billion asset credit union said in a press release.

The credit union outlined two reasons for the expansion. "In today's military environment," said President/CEO Cutler Dawson, "all branches of the armed forces share resources, conduct joint operations, serve on the same bases, and use the same exchanges, commissaries, and medical facilities. So we believe the time is right to extend that legacy of service ..."

Also, all members would benefit because membership growth would allow the credit union to offer a broader range of products and services at competitive rates.

The credit union's name will remain the same. Last year the credit union increased its worldwide network of branches by 25% to 150 branches and hired 2,600 new employees for a total of 7,300 employees worldwide. Plans are underway to more than double the number of full-service branches in the next four years.

Thursday, May 22, 2008

What is Hypermiling? 100 MPG? Yes!

Hypermiler is a term coined by Wayne Gerdes to describe a driver who strives to exceed their vehicle's EPA fuel economy rating. In conventional vehicles they can often match the mileage of an average person driving an equivalent hybrid. Hypermilers driving hybrids tend to achieve tremendous mileage, with some even exceeding 100 MPG . That being said, anyone can learn a wide variety of these skills. This site is dedicated to educating the driver of these techniques, so that they can raise their vehicles fuel economy no matter what they drive.

Tire pressures are a very important key to higher fuel economy. The higher the pressure, the lower the rolling resistance, the higher the fuel economy. The absolute minimum you should use is the driver’s side door or owners manual recommended tire inflation criteria.

Oil types and amounts are another important key to higher FE . A proper amount of low kinematic viscosity oil can do wonders for not only longevity of your ICE but the FE your automobile may be capable of.

So what do you do with all this entire list of techniques? What we are attempting to achieve is changing the EPA’s 11 mile city test so as to travel the same 11 miles but under our constraints, not theirs. The EPA test has you come to 23 complete stops. We are going to try and achieve 0 stops over those same 11 miles! In the highway test, we are using a far superior setup and DWL within DWB to achieve greater than the EPA highway test across its 10 mile distance. In other words, we are changing the rules of the City and Highway test to match our own much higher FE goals, not the EPA’s lowly ones!

To read the entire article: http://www.cleanmpg.com/forums/showthread.php?t=1510

Phishing attempts made against CUs in three states

The latest phishing expeditions using credit unions to lure personal financial information away from members and other consumers have occurred in Missouri, Illinois and Florida.

Authorities have reported phishing attempts at three credit unions. It is not known whether the phishers succeeded in obtaining account information.

In the incidents:

>> Missouri Attorney General Jay Nixon said consumers in Kansas City, Mo., are receiving phone calls, text messages and e-mails purporting to be from Kansas City-based Mazuma CU. The contacts are actually from identity thieves, he said.

>> Land of Lincoln CU in Decatur, Ill., was in the process Monday of notifying credit and debit card account holders that scamsters are using its name in phone calls, text messages and other phish attempts. Several residents received computer-generated phone calls that claiming to be from the credit union and advising their account was closed for security reasons. (Herald-Review May 20).

>> McCoy FCU, based in Orlando, Fla., also was warning members about a text-messaging scam using its name. The scam urges the recipient to call a phone number and provide account information to fix a "problem" with the account.
The credit unions and authorities emphasized that credit unions and other financial institutions would not solicit such information.

Monday, May 12, 2008

The phone of the future

AT THE 1964 World's Fair in New York AT&T unveiled the Picturephone.

In the future, the world's biggest telecoms firm pronounced, people would communicate via round, black-and-white screens that plugged into the wall. That prediction, like so many others about the future of communications, was wrong. The majority of today's phones are mobile handsets, not fixed-line ones, and although the technology for video-calling is widely deployed, hardly anyone uses it.

And yet speculation about the future of phones persists, and no wonder. The telephone has changed beyond recognition since its invention in 1876, and is now both the most personal, most social and most rapidly evolving technological device. So to imagine the phone of the future is also to imagine the future of consumer technology, and its personal and social impact. What mobile phones will look like in a year or two is easy to guess: they will be slimmer and probably will let you watch television on the move.

But what about ten or 15 years from now? …

TECHNOLOGY STATISTIC OF THE MONTH

3rd Generation fiber optics has been recently tested by both NEC and Alcatel that pushes 10 trillion bits per second down one strand on fiber (that's 1,900 CDs or 150 million simultaneous phone calls every second.) This is currently tripling about every 6 months and is expected to do so for at least the next 20 years. The fiber is already there. They're just improving the switches on the ends, which means the marginal cost of these improvements is effectively $0.

Wednesday, May 7, 2008

Top 10 e-Mail Mistakes

If you're like most professionals, you use e-mail in the office on a regular basis. Because of its immediacy and relative lack of intrusiveness, it's the communication method of choice for many workers, including, chances are, your boss. According to a Robert Half International survey, nearly two-thirds (65 percent) of executives polled prefer e-mail over other forms of communication.

While hitting "send" may be an effective way to get your ideas across, doing so too quickly or without a lot of thought can send the wrong message. Here are 10 common e-mail mistakes and tips for avoiding them:

1. A vague subject line. The subject line not only lets the person receiving the message know what it's about but also provides him or her with a reason to read it. Some people – and your boss is probably one of them – get hundreds of e-mails each day and may not have the time to open each of them. The subject line acts as the window into the message and can also indicate its urgency, so be specific with what you write there.

2. No sign-off. A weak signature is almost as bad as a weak handshake: Both convey a lack of professionalism. A signature at the end of your e-mail should include your e-mail address, physical work address and phone number. Including these details gives recipients multiple means of contacting you. This information is especially important for people to whom your e-mail might be forwarded or individuals either outside the company or in another office.

3. 'Im writing re: the meeting @ 3.' Many people take a casual approach when using e-mail. But what you write is a reflection of your professional self, so take the time to craft complete sentences, use proper grammar and check your spelling. And don't depend solely on your computer's spell-check function, which won't find misused words; review your e-mail carefully before sending it.

4. Going on and on and on. This strategy might work for the Energizer Bunny, but your goal when crafting a message should be to keep it short. You don't want to write the e-mail equivalent of a novel, so get to the point as quickly as possible, using both short sentences and paragraphs. At the same time, you don't want to write too brief of a message, which could make you appear curt.

5. SHOUTING IT OUT. Some people like the ease of typing in all capital letters. What they may not realize is this is the online equivalent of shouting, so avoid the temptation of using the caps lock button.

6. Striking the wrong note. Unfortunately, it's easy for tone to be lost with the written word, especially in shorter messages. An attempt at humor, for instance, may be read as something offensive or inappropriate. If you're not sure how something you wrote will be interpreted, err on the side of caution and leave it out.

7. Weighing others down. If your e-mail inbox is continually clogged, you know how frustrating it can be to receive large attachments, especially when you don't want them. And, according to a survey we developed, executives agreed, ranking the receipt of large, unsolicited files as the most annoying aspect of communicating via e-mail. Limit the distribution of massive files to people who absolutely need them.

8. Sending to the wrong box. Before you send a message, always double-check the list of recipients. Many e-mail programs automatically fill in information you've previously typed, such as the e-mail addresses of frequent contacts. If you have multiple people in your address book with similar names, you could mistakenly choose the wrong person and send him or her a message intended for someone else.

9. Mixing business and pleasure. When the information is confidential or sensitive, this move could limit your career. Any time you use your work e-mail account, the message should be business-related. After all, you are using your firm's resources, and the company has the right to monitor your communication. Get to know your organization's e-mail policy, and have your friends send non-work-related e-mail to your personal account, which you can check at home.

10. Over e-mailing. Do you find yourself typing a long message in order to avoid confusion on the recipient's part? Do you hesitate to click Send because you think your contact might forward your message to someone who shouldn't see it? E-mail is best suited for quick communication, and, in situations like these, it's wise to call your colleague or speak to him or her in person instead.

Eliminate programs that run at start-up

You can speed up your computer's boot time and improve the overall performance of Windows XP by stopping programs from running at start-up.

Start by cleaning out your Startup folder. Find it in C:\Documents and Settings\Username\Start Menu\Programs\Startup, where username is your Windows logon name. Delete the shortcuts of any programs you don't want to run on start-up.

As with any shortcuts, when you delete them, you're deleting only the shortcut, not the program itself. (You can also clear out the start-up items by going to Start > Programs > Startup, then right-clicking items you want to remove.)

Next, clean out your Scheduled Tasks folder. Go to C:\Windows\Tasks, and delete the shortcuts of any programs that you don't want to run automatically on a schedule.These two steps should keep most, if not all, unnecessary programs from automatically running.

Note: You can bypass all the programs in your Startup folder on an as-needed basis. To stop XP from loading any programs in the Startup folder, hold down the Shift key during bootup.

No programs in the Startup folder will run, but the items will still remain there so that they will start up as they would normally the next time you boot.

Three simple steps to a secure password

We live in a world where you need to create new passwords regularly. Some of them are for unimportant things (where your money or identity isn’t at risk), and for those, you are free to use a weaker password because it will be a lot less hassle. However, there are times when you need to create a really strong password to protect your important information.

Here are three simple steps to creating a strong password.

1. Passwords must be eight characters or longer. No excuses.

2. Combine letters, numbers, and other keyboard symbols but stay away from sequences (such as 12345678 or abcdefgh or qwertyui). If there’s a pattern involved, then there’s also a weakness! Also steer clear of passwords where you substitute similar-looking symbols for characters (such as p@55w0rd; hackers know all these tricks). The more random a password, the better.

3. Don’t use your name, birthday, anniversary, or any words from the dictionary. You’re wasting your time even putting these passwords in place. They make it way too easy for the bad guys to get at your stuff.

Remember, a weak password is effective only against an honest person.

The Best Free Software

157 software tools. No fees. No expiration dates. No problems. Sometimes even no downloads. No kidding. We did the math: If you bought popular apps instead of trying their gratis counter-parts, at the manufacturers' list prices you'd be out $5,183 and change! Why spend money when you can get what you need for nothing? Sometimes, you do get what you don't pay for.
Check out the list at: http://www.pcmag.com/article2/0,2817,2260070,00.asp

Saturday, May 3, 2008

Voice biometrics now ready to address on-line banking fraud

INTERNATIONSL. VeCommerce, a global leader in the provision of Intelligent Call Steering, Voice Biometric and Voice Self-Service Solutions believes that the financial services industry should consider voice biometrics as a more secure and convenient method of multi-factor authentication for either telephone or on-line banking, compared with existing verification methods. The case for voice biometrics says UK-based VeCommerce is further strengthened with the recent introduction of an ISO global standard for deploying biometrics in financial services.

For more information: http://www.bi-me.com/main.php?c=3&cg=2&t=1&id=19298