Introduction

The more we use modern technologies, the bigger are the relevant threats. Cyber criminals (hackers) generate multiple type malware (viruses) allowing unauthorized access to various electronic devices. It is important for IT users to realize the cyber threats to adequately react to an incident. 


Computer Virus


The computer virus is a malware mainly used by hackers for profit or damaging a potential victim. Among multiple type malware the ones below are the most widespread:  

• ransomware – a crypto virus, which gets into computer and deciphers files so that to make them unusable. Only the hacker has the decipherer, i.e. the key in exchange for which he tries to extort money;
  
  

 

• trojan – the Trojan gives the hacker access to the victim’s hardware. It’s aim is to steal or damage passwords, card data etc. important information;
  
  

 

• MITM – byinfecting with a virus, the hacker penetrates into correspondence of two people making himself out as a party as a result of which he may steal or change personal information of his victim: for instance he may insert his bank details into a transfer invoice;
  
  

 

• miner virus – the designation of the virus is to generate electronic money by unauthorized use of the computer resources.
  
  

Symptoms of an Infected Computer


A computer may reveal several symptoms, by which you realize that it has been infected:

• it works slowly, shuts down repeatedly and restarts

 

• the opened programs/folders close on their own

 

• files get lost or they change

 

• the Internet browser opens on its own, loads slowly and various ads pop-up.

PC and the Internet


Today, working without the computer and the Internet is virtually impossible. They make nearly all kinds of information easily available. However searching and speedy processing of the information, carry cyber threats, which may cause loss or damage of some important information stored in your hardware. Below there is some advice relevant to safely use your PC and the Internet:

• use only licensed operational system etc. software - an unlicensed (hacked) operation system or another software bears weaknesses, which make it easy for the hacker to hack your computer;

 

• install an antivirus - a licensed antivirus offers you the best protection from hackers and the malware they generate.

 

• Always install software and system updates - installation of updates restricts the hacker’s ability to make use of the software and system weaknesses and ensures high level of protection.

 

• Never store your account, user name and password in your Internet browser - in the Internet browser, the personal information is not protected safely; by storing the information in the browser, you make it easier for the hacker to get hold of it.

 

• Use only protected websites, whose addresses begin with: https

 

• While using the Cartu Bank Internet bank, make sure that you are on: https://ib.ge - recently, incidents of hacking the users’ accounts and illicit disposal of the sums in them by creating fraudulent websites have become recurrent. In order to prevent such incidents, verify validity of the Internet bank website.

Safety of the Mobile Phone


The mobile phone makes it possible to affect nearly all kinds of banking-financial operations (remittances, bills, online shopping etc.) and that's what the hackers are most interested. By employing various methods, they try to penetrate into your mobile phone to get important, personal and sensitive information. What do you need to know to avert hacking threats? Below, there are minimal requirements relevant for the secure protection of the information stored in your mobile phone:

1. Use the antivirus

In order to get access to the personal information stored in your mobile phone, the hackers use viruses or virus-containing applications. For the sake of prevention, install the antivirus and update it regularly.


2. Always install the software and system updates

Installation of updates restricts the hacker’s ability to make use of the software and system weaknesses and ensures high level protection.


3.  Do not download/install applications from unreliable sources

The applications downloaded from the unreliable sources, as well as the suspicious links and ads are highly likely to contain viruses allowing the hacker to get access to your mobile phone. While installing an application, open only the relevant links.

4. Keep BlueTooth off but if it is on, switch off “Visibility”

The switched on BlueTooth makes it possible for an outside device to penetrate your mobile phone within range of several meters. Therefore, switch on BlueTooth on if required and then turn it off. You can find the “Visibility” button in the BlueTooth menu; when it is off, the BlueTooth connection becomes invisible to outside devices.

5. To open the mobile screen, use the password or fingerprint

In case of physical access to your mobile phone, a person will find it difficult to get your personal information, if opening the mobile phone screen is possible by the password or your fingerprint only.


6.  While using mobile banking, do not connect to the public or unknown WiFi;

• Use the protected Internet connection solely;

 

• Employ a two-step authentication;

 

• While using the mobile banking, make sure that you have downloaded the Cartu Bank mobile Internet bank application.

 
For „android“ mobile phones: https://play.google.com/store/apps/details?id=com.mobius.mobilebank.cartu

For ios mobile phones: https://apps.apple.com/us/app/cartu-bank-mobile/id1255174973

 Password Policy

For PC, social media, Internet bank etc. website authorization use a complex password to make your personal information safe. Below, there is a list of minimal requirements for selection of a complex password:


1. At least two Latin letters ('A'..'Z','a'..'z');
2. At least one figure ('0'..'9');
3. At least one symbol different from the Latin letters and figures, e.g. ! , @ ,# ,$ , % ,^ , & ,* ,( etc.)
4. At least eight positions.

 
You can generate a complex password on special Internet websites. By specifying relevant parameters, you can generate the relevant complexity password.


  Fishing


Fishing is a type of the Internet fraud. By supplying false information, such as the quasi-official emails or creating a false Internet or Facebook pages very similar to legal ones, the hacker steals the personal information of its victim. Nowadays, fishing is regarded the most popular and efficient way of illicit obtainment of information.

Mail Fishing is the most widespread type of fishing. The hacker sends an email to its victim, which may look much like a legitimate one. However, the message may not be virus free or contain a link clicking which infects PC or mobile phone of the victim. As a result, the hacker gets control over the device and obtain the personal, financial (passwords, card data, photos etc.) information.

In case of Web Fishing, by a false Internet site (the Internet bank, shopping or utilities site), the hacker tries to mislead the user and gets its account name, user, password or card details.    
                    

 Ways of Prevention


In order to prevent fishing, the recommendations below should be followed:

• Read the received emails carefully; if they seem suspicious, do not open the attached files and get over to the specified links;

 

• At the bottom of a valid message you will see the sender’s contact number; by calling, verify the sender’s validity;

 

• Compare the sender’s name and surname to the email address. Quite often, a legitimate address contains the person’s name and surname. In case of a fraudulent message, the email address may look similar to the legitimate one or contain random symbols and figures (e.g.: dsgfawsf@dfgd.com );

 

• Do not trust a promo or draw messages asking for personal or card data;

 

• For online shopping, take a new card with a new account number. Charge the relevant sum only prior to shopping;

 

• In case of card payment, do not store the card data in the Internet browser;

 

• In case of card payment, verify the validity of the website, pay attention to the name of the website in the address field (e.g. cartubank.ge and not cartubnk.ge);

 

• In case POS payment, do not give your plastic card to another person.

Thank you for using our service.