Client Protection Resources

Scam & Fraud Alerts

April 24, 2014

INTERNET EXPLORER AND 0-DAY VULNERABILITY

Microsoft released a security advisory about a recently disclosed vulnerability affecting all versions of the company's web browser Internet Explorer (versions 6, 7, 8, 9, 10, and 11). Microsoft is working diligently to fix this "bug."

Microsoft is aware of limited attacks targeting Internet Explorer (IE), and that a successful exploit of it allows cyber criminals to remotely take control of (including, but not limited to, accessing, monitoring, changing, and deleting information and settings on) your computer.  The exploit exists if you have Internet Explorer (v6-11) and use Adobe Flash.

According to Microsoft, users need to visit a malicious website for the exploit to happen, usually the result of clicking on links in emails, but also other websites that link to exploit pages directly.

While Internet Explorer (v6 – v11) are affected, attacks currently seem to concentrate on IE9 to IE11.

Though Internet Explorer is the main target right now, the situation looks dire for Windows XP users as a patch will not be released for the operating system.

This means, in effect, Internet Explorer should no longer be used on Windows XP.



Does the Prime Meridian Bank website use Flash?

No. Animations on our website are handled without the use of Flash.


Does Prime Meridian Bank's Online Banking or Bill Pay use or require Flash?

No. You may use our Online Banking products and Bill Pay confidently as they do not require Flash.


What you should do.

It is possible to mitigate the attack, and you have several options to do so.

>> USE A DIFFERENT BROWSER

Don't use Internet Explorer until it is patched. This is the most obvious choice but it may not always be possible depending on your work environment. But if you can run other browsers on your system, use them instead for the time being. Firefox is a good choice. So is Google Chrome.

>> DISABLE ADOBE FLASH

According to security company Fireeye, disabling Flash in Internet Explorer will prevent the exploit from functioning as well as it appears to require Flash for its proper execution.

To disable Adobe Flash in Internet Explorer, do the following (this is demoed below using IE11; other versions may vary)


1. Open Microsoft's Internet Explorer browser.

2. Tap on the Alt-key and select Tools > Manage Add-ons.

3. Locate Shockwave Flash Object under Toolbars and Extensions and click on the item.

4. Click on the disable button to block it from running in Internet Explorer.

Alternatively, uninstall the Internet Explorer Flash plugin using the Control Panel.


>> ENHANCED PROTECTED MODE

If you are using Internet Explorer 10 or 11 with Enhanced Protected Mode enabled, you are safe as it breaks the exploit. To check if it is enabled on your system do the following:

1. Open Internet Explorer on your system.

2. Tap on the Alt-key on your keyboard and select Tools > Internet Options.

3. Switch to the Advanced tab here and make sure Enhanced Protected Mode is enabled under Security here. You find it near the bottom of the listing.


April 11, 2014

HEARTBLEED BUG ALERT

Nicknamed "the Heartbleed Bug," a new online security flaw enables an attacker to steal secure content and the encryption keys protecting that content. It does this by tricking secure servers into spitting out chunks of data after rendering them vulnerable (no longer "encrypted").

When personal information is encrypted (ie: bank account numbers, passwords, etc.), encryption replaces the information you enter while it is being transmitted. This ensures hackers cannot read your sensitive information. For instance, encryption could translate a message as simple as "123456" to a "hashed" code like "F#h7er" before it reaches its recipient.

Secure servers are often used to store this personal information. But if the Heartbleed Bug is present, that information returns to being vulnerable again as the encryption gets stripped away.

Why is the Heartbleed Bug dangerous?

The Heartbleed Bug should be taken very seriously for the following reasons:

  • the bug specifically affects "OpenSSL," a hub which stores encryption keys for two-thirds of sites on the web
  • the bug also affects "OpenVPN"
  • a large number of private keys and other secrets have been exposed to the Internet
  • exploits leave no trace
  • the bug has been unrecognized as a threat for approximately two years

How likely is it I am affected?

You are likely to be affected either directly or indirectly. Affected sites may include:

  • Social media websites
  • Business websites
  • eCommerce websites
  • Government websites

What precautions has Prime Meridian Bank taken?

At present, all of Prime Meridian Bank's vendors have reported back to us as not being vulnerable.

Additionally, our servers and software have been verified as not being vulnerable.

What you should do.

>> CHANGE YOUR PASSWORDS

Some Internet companies vulnerable to the bug have already updated their servers with a security patch to fix the issue. This means you'll need to go in and change your passwords immediately for these sites.

However, even that is no guarantee your information was not already compromised.

Although changing your password regularly is always good practice, if a site or service hasn't yet patched the problem, your information will still be vulnerable.

If you reuse the same password on multiple sites, and one of those sites was vulnerable, you'll need to change the password everywhere. Note: It is not a good idea to use the same password across multiple sites. (See our Password Tips).

Business owners: even if you change your passwords, you should work with your business partners to ensure vulnerable servers have had certificates reissued. (Otherwise you are not much more secure).

>> CHECK FOR VULNERABLE WEBSITES

The online resource link below can check websites and mail providers (e.g Google, Yahoo, Amazon) you may already be using:

http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

>> HEARTBLEED TEST SITE

Use the website below to check for vulnerable sites:

http://filippo.io/Heartbleed/

>> CHECK FOR OLD SSL CERTIFICATES

The small "lock" icon in your browser address bar generally lets you know you are entering information into a site with a secure Certificate. But, since the advent of Heartbleed, it is up to you to check for revoked or expired Certificates. Using the browser guide below, click on the lock icon to reveal details about Certificates you encounter. If the Certificate's Validity date is expired, the site is vulnerable.

------------------------------------------------------------------------------------------------------------------------

Firefox

Firefox

------------------------------------------------------------------------------------------------------------------------

Safari

Safari

------------------------------------------------------------------------------------------------------------------------

MSIE

MSIE

------------------------------------------------------------------------------------------------------------------------

Chrome

Chrome

The ChromeBleed plugin shows whether the site you are communicating with is vulnerable. Click here for the plugin.

ChromeBleed

Still have questions?

If you have questions, please feel free to contact your Prime Meridian Bank representative directly or call 850-907-2300. Read more at HeartBleed.com.


===============