journey

Enhance Readiness, Resilience, & Recovery

CHALLENGE » Distinguishing between approved AI processess and social engineering AI processes attacks are increasingly challenging and sophisticated.

MINIMIZE RISKS »

Increase security awareness training.
Build a comprehensive risk management plan.
Transition to phishing-resistant MFA solution, like Yubico security key.
Why FIDO2 (Fast IDentity Online 2) passwordless authentication
Privacy concerns with biometric data and AI data collection

i * Nanlu.org is not afiliated with any of the external links. Links are provided solely for educational and informational purposes.

» Defenses » Fraud Plan

» Minimize Risks

» Current Events

» Stop Fraud » Threat / Attacks

» Security Awareness Training

TOP

DEFENSE IN DEPTH ( ) *

Security Options . . .

User Authentication control
Yubico MFA2 hardware security key
Smart Card (option)
FIDO2 WebAuthn

Compliance Laws (US mandatory protection)

SSAE SOC1 services - for financial reporting
SOC 1 vs SOC 2 vs SOC 3)
PCI DSS - businesses handling card transactions.
GLBA - customer privacy protections.
NIST SP800-53 / Guide / Overview / FFIEC (replaced by NIST RMF) - financial cybersecurity guidelines
CISA's CPGs - cross-sector cybersecurity goals
CIS Workbench - community collaboration

TOP

FRAUD PLAN

Review banking operations locally at branch, for a safer communication support.
Review fraudulant activities locally with a bank representative.
- Fraudster may evasedrop on cell phone activities, emails and intercept phone calls.
Review multiple accounts with credit agencies.

TOP

THREATS / ATTACKS (Links)^*

Agentic Ai Social Engineering
Spear Phishing / Smishing / Vishing / Spoofing
Social Engineering
Ransomware
Cybercrime
Ransomware Response & Recovery
Cell Phone Fraud - by Federal Communications Commision

Informative Resources

Fox: Phishing bank scam scenario
Scripps News: Top Scams of 2024
Generative AI in a Nutshell
Will Sam Altman and His AI Kill Us All?

TOP

STOP FRAUD

Credit Card are safer than Debit card - by Experian
Recovering Identity Theft - by Federal Trade Commission
ReportFraud.ftc.gov
Credit Freeze (Credit Bureaus)
Free Credit Reports

TOP

MINIMIZE RISKS ()

Do not act on your own when in doubt.
Do not click on any links in email.
Use a phishing-resistant MFA authenticator, FIDO with physical security key.
Managing who gets your resources, for how long, and on what devices.
(For example: apps, ads, browsers, storage files).
Deep cleaning security settings accross all platforms.
Restrict extenstions, filters, and blocking.
Upskilling in security awarenesses.
Authorizing access to need to know only.
Giving the least privilege access in mind.

TOP

Security Awareness Training ( )^*

Phishing Defense: Top Cybersecurity Strategies to Protect Your Data
Free Mini Episodes by staysafeonline.org
Scam Survivor Day: Combatting Online Scams - Meeting
FAIK'd Up Reality: Navigating Deepfakes, Scams, and Synthetic Media - Meeting
AI, Deepfakes, and Human Risk in Cybersecurity with Perry Carpenter
FTC Warns About Misuses of Biometric Information
Fderal Trade Commision Tips
Recognize an FTC Impersonator

TOP

Current Events ( . . . )

Enhance Readiness, Resilience, & Recovery

Information Security Education

JOURNEY