Malware, or malicious software, is generally used to describe any harmful program that can be installed on a user's device without their consent.The term covers a broad spectrum of malicious programs, including viruses, Trojans, ransomware and spyware.
When installed, these programs are capable of:
To help address these risks, Citi has worked with IBM to provide added security for our clients' online banking experience through a complimentary program, Trusteer Rapport. Once downloaded, this powerful software tool works alongside your existing anti-virus software, acting as a defense against financial malware infections and phishing. Trusteer Rapport provides an added level of security, protecting devices used to access CitiBusiness Online in order to ensure a safe online banking experience.
Phishing is the use of fraudulent emails or social media posts to trick a victim into revealing sensitive information, or clicking on an infected hyperlink. Spear Phishing is an evolution of the same scam in which the fraudster uses personalized details (such as the recipien's name) to make an email or post seem particularly believable.
A Spear Phishing attack normally begins by cyber criminals collecting personal information about their intended targets from public sources such as company webpages and social networking sites. Using this information, the fraudsters then create personalized communications that appear legitimate and send them to groups of people with something in common, such as working for the same company. The email appears to come from a well-known organization or a person of authority and usually contains embedded hyperlinks. When users click on the hyperlinks, they are either brought to a fraudulent website – €where additional personal or account information is collected – or malware is downloaded onto their computer.
Social engineering refers to the psychological manipulation of people into performing actions or divulging confidential information for the purpose of fraud. Social engineering is normally attempted via telephone and attempts to take advantage of our natural tendency to accept people at their word or manipulate our willingness to help.
The term 'Social Engineering' covers a wide variety of fraudulent activity, but some of the more common attacks include: