Erika Lee Joins Bank of Tucson

Lee Erika CroppedAs our new Executive Assistant, Erika Lee will have a key role in interacting with our clients and our staff, as well as providing our ever-busy President, Mike Hannley, with the support he needs to make sure Tucson businesses have the banking services and counsel they need to thrive and grow.

Erika came to us from COUNTRY Insurance & Financial Services, where she interacted with policyholders and agents and acted as a liaison between the agents and their office network, as well as providing general support. She’s fluent in English and Spanish, and she is a self-described people person.

“I really enjoy interacting with people,” she said. “I can be very social, but I’m also very observant.”

One thing Erika’s noticed since she started working at Bank of Tucson is the high level of customer service and positive energy that “stands out in my work history.” She’s already been quick to hit her stride at Bank of Tucson, saying, “They welcomed me so quickly that I feel like I’ve been here for years.”

Erika has expanded her community involvement through her work as a board member with Cascade Foundation of Southern Arizona, with a mission that is focused on providing a local support system for the bleeding disorder community in Southern Arizona. While she has volunteered in the past with Susan G. Komen and the American Diabetes Foundation, Cascade is her first experience serving on a board.

“When I began volunteering with the Cascade Foundation board, I was intrigued by how they give back – not just to a great cause, but also to one that’s exclusively focused on Southern Arizona. Through my board service, I’ve learned so much about hemophilia and the need to help people who have to deal with this genetic bleeding disorder.”

Erika encourages anyone who may want to volunteer with Cascade Foundation to contact the organization or even serve on its board. “This board is a great group of dynamic people, and we’re always looking for Tucsonans who want to make a difference in our community,” she said.

When she’s not working or helping charitable organizations, Erika likes to seize any opportunity to spend time with her family, including her teenage daughter, who has a talent for softball. “I’m at the ballpark most weekends, rooting her on,” she said.

Erika has her own fans here at Bank of Tucson. We’re excited to have her on our team, and we hope you have the chance to meet her.

screen-shot-2016-09-28-at-7-28-21-pm_____________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Bank of Tucson Websites

This icon appears next to every link that directs to a third party website not affiliated with Bank of Tucson. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Bank of Tucson. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Bank of Tucson assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

Bank of Tucson Supports Jewish Family & Children’s Services of Southern Arizona

jfcs_photo

For more than 76 years, Jewish Family & Children’s Services of Southern Arizona (JFCS), a nonprofit, nonsectarian organization, has provided responsive, quality, personalized behavioral healthcare and social services to children, families and adults without regard to race, gender, age, ethnicity, religion or income.

In support of their mission, Bank of Tucson recently made a $5,000 donation to JFCS for its First Responders Counseling Program, which provides confidential 24-hour therapeutic counseling to our community’s firefighters, police officers and other first-responders along with their families—at no cost to them.

According to JFCS, more than 700 first responders in Tucson respond to more than 80,000 calls every year. “First responders work long hours, face frequent danger and witness countless traumatizing events,” said Carlos Hernández, President & CEO of JFCS. “At JFCS, we recognize the urgency and need to provide confidential counseling with the goal of helping these brave men and women to cope and reduce personal and family stress.”

Bank of Tucson has actively supported many nonprofits in the Tucson community, including other emergency support services through the Tucson Police Foundation and Red Cross blood drives. We are also committed to perpetuating quality, accessible services to Tucson’s children and families.

“In light of recent incidents involving firefighters and their families, we want to do everything we can to help and hopefully prevent these tragic events from happening,” said Mike Hannley, President & CEO of Bank of Tucson.

In our community, we are fortunate to have many additional resources available to Tucson firefighters, including (compiled by the Tucson Fire Department):

screen-shot-2016-09-28-at-7-28-21-pm

fbtwitterLinkedIngp

Defenses Against Cybercrime

Through our work in cyber and information security, we have formed relationships with professionals at Secure the Villagescreen-shot-2016-09-13-at-11-07-51-am and Citadel Information Group.screen-shot-2016-09-13-at-11-07-51-am They have kindly allowed us to post on our blog site some of the articles they have authored about cyber security. This articlescreen-shot-2016-09-13-at-11-07-51-am provides a great overview of the business email compromise scam and how to avoid being taken in by it.

Business E-mail Compromise: Don’t Be a Victim

By Stan Stahl, PhD, President of Citadel Information Group, Inc. & Founder and President of Secure the Village

What to Do: Implement very strong controls on wire transfers

Screen Shot 2017-05-02 at 5.47.51 PMAssume all email or fax requests from a vendor to change bank accounts are fraudulent. Assume all email or fax requests from the company President or others are fraudulent. Assume all email or fax requests to set-up a new vendor are fraudulent. Pick up the phone, call the party in question and verify the request is legitimate.

If you discover you are a Business Email Compromise victim, immediately contact the FBI’s Southern California Cyber Fraud unit at sccf@leo.gov. They have established banking relationships and are often able to recover funds if they are notified within 72 hours.

And talk to your banker. Make sure they have your back.

It’s also a good idea to check with your insurance broker to ensure that business email compromise losses are covered.

Background

Not too long ago, email scams were relatively easy to detect. They were often from unknown contacts and referenced bank or credit card information which was clearly incorrect. Sometimes, the emails would simply contain a link. As time has passed, fraudulent attempts to gain control of your online banking, your critical information, and your identity have become more skillful and harder to spot. These days’ emails often appear to come from recognized accounts, are well written, and–at least at first glance–seem legitimate.

The newest — and one of the costliest — in a long line of fraudulent e-mail scams is “Business E-Mail Compromise” (BEC).

Business Email Compromise (BEC) is a very sophisticated attempt to induce a business to willingly hand over their money to a cybercriminal. In Business Email Compromise (BEC), crooks spoof communications from executives or vendors at the victim firm in a bid to initiate unauthorized wire transfers.

According to the FBI, thieves stole nearly $750 million in such scams from more than 7,000 victim companies in the U.S. between October 2013 and August 2015. Business Email Compromise cost Ubiquiti Networks $46 million.screen-shot-2016-09-13-at-11-07-51-am

Collectively, Business Email Compromise has resulted in actual and attempted losses of over a billion dollars worldwide. The FBI reports, “…since the beginning of 2015 there has been a 270 percent increase in identified BEC victims. Victim companies have come from all 50 U.S. states and nearly 80 countries abroad.”

BECs can target businesses working with foreign suppliers or regularly performing wire transfer payments, although they have also targeted some that do not strictly fit this criterion. In order to solicit unauthorized transfers of funds, the scams compromise legitimate business e-mail accounts through social engineering or computer intrusion techniques. Prior to making contact, the scammers learn enough about their target to create emails that use language specific to the company and request wire transfers that seem legitimate.

For more information on BECs, see https://www.fbi.gov/news/stories/2015/august/business-e-mail-compromise/business-e-mail-compromisescreen-shot-2016-09-13-at-11-07-51-am and http://krebsonsecurity.com/2015/08/fbi-1-2b-lost-to-business-email-scams/screen-shot-2016-09-13-at-11-07-51-am

screen-shot-2016-09-28-at-7-28-21-pm_____________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Bank of Tucson Websites

This icon appears next to every link that directs to a third party website not affiliated with Bank of Tucson. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Bank of Tucson. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Bank of Tucson assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

FBI: How to Protect Your Computer 

2c646bd5f8933313e9b39c4449f76bed

Below are some key steps to protecting your computer from intrusion, as detailed on the Federal Bureau of Investigations’ cybercrime webpage:

Keep Your Firewall Turned On: A firewall helps protect your computer from hackers who might try to gain access to crash it, delete information, or even steal passwords or other sensitive information. Software firewalls are widely recommended for single computers. The software is prepackaged on some operating systems or can be purchased for individual computers. For multiple networked computers, hardware routers typically provide firewall protection.

Install or Update Your Antivirus Software: Antivirus software is designed to prevent malicious software programs from embedding on your computer. If it detects malicious code, like a virus or a worm, it works to disarm or remove it. Viruses can infect computers without users’ knowledge. Most types of antivirus software can be set up to update automatically.

Install or Update Your Antispyware Technology: Spyware is just what it sounds like—software that is surreptitiously installed on your computer to let others peer into your activities on the computer. Some spyware collects information about you without your consent or produces unwanted pop-up ads on your web browser. Some operating systems offer free spyware protection, and inexpensive software is readily available for download on the Internet or at your local computer store. Be wary of ads on the Internet offering downloadable antispyware—in some cases these products may be fake and may actually contain spyware or other malicious code. It’s like buying groceries—shop where you trust.

Keep Your Operating System Up to Date: Computer operating systems are periodically updated to stay in tune with technology requirements and to fix security holes. Be sure to install the updates to ensure your computer has the latest protection.

Be Careful What You Download: Carelessly downloading e-mail attachments can circumvent even the most vigilant anti-virus software. Never open an e-mail attachment from someone you don’t know, and be wary of forwarded attachments from people you do know. They may have unwittingly advanced malicious code.

Turn Off Your Computer: With the growth of high-speed Internet connections, many opt to leave their computers on and ready for action. The downside is that being “always on” renders computers more susceptible. Beyond firewall protection, which is designed to fend off unwanted attacks, turning the computer off effectively severs an attacker’s connection—be it spyware or a botnet that employs your computer’s resources to reach out to other unwitting users.

https://www.fbi.gov/investigate/cyberscreen-shot-2016-09-13-at-11-07-51-am

screen-shot-2016-09-28-at-7-28-21-pm_____________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Bank of Tucson Websites

This icon appears next to every link that directs to a third party website not affiliated with Bank of Tucson. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Bank of Tucson. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Bank of Tucson assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

We’re celebrating 15 consecutive 5-Star ratings from BauerFinancial

march bauerIndependent rating and research firm BauerFinancialscreen-shot-2016-09-13-at-11-07-51-am has released its March 2017 bank ratings, giving Grandpoint Bank and its divisions, Bank of Tucson, Regents Bank and The Biltmore Bank of Arizona, a fifteenth consecutive quarterly 5-Star rating for strength, stability and soundness.

Based on December 31, 2016 financial data filed with the government, only banks BauerFinancial considers to be the strongest in the nation earn the 5-Star rating. Four- and five-star banks appear on BauerFinancial’s Recommended Report.

BauerFinancial has rated banks since 1983 and is regarded as “the nation’s bank rating service.” Banks cannot pay to be rated nor opt out of being rated.

Criteria for earning the 5-Star rating include the strength of the institution’s capital ratios, profitability/loss trends, the level of delinquent loans and repossessed assets, the market versus book value of the investment portfolio, regulatory supervisory agreements, the community reinvestment rating (CRA) and liquidity.

Thank you to all our wonderful clients for your business and your trust. We’re a 5-Star bank because we work with 5-Star clients.

fdic

_____________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Bank of Tucson Websites

This icon appears next to every link that directs to a third party website not affiliated with Bank of Tucson. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Bank of Tucson. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Bank of Tucson assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

What should you do if you fall victim to a BEC scam?

bec-scam-graphicBy Michael S. Kim, Randall Arthur AND Kelly Spatola

Re-printed with permission by the Association for Financial Professionals, www.AFPonline.org.screen-shot-2016-09-13-at-11-07-51-am

KEY INSIGHTS:

  • Time is of the essence. The faster you notify law enforcement and your bank, the better chance you have of recovering stolen funds.
  • Go local. Don’t forget to pursue fraudsters in the country where they and your stolen funds are located.
  • You’ll need a local lawyer to help you navigate local courts.

At our firm, we see an increasing amount of business email compromise (BEC) scams. Treasury and finance professionals see this as well—but what can they do after their organization has fallen victim?

How do I know if my company has fallen victim? Two of the most common types of frauds are CEO fraud and invoice fraud. The former is well known by now; variations include CFO fraud and treasurer fraud. The latter, invoice fraud, occurs when the IT system of a customer or supplier of your organization is hacked. The fraudsters will identify invoices due and payable by the company to the customer, then alter the payment details on the invoices and resend them to the company with a request to redirect payment to a new bank account, which is under the control of the fraudster. It is not uncommon for the fraudster to have been hacking into the relevant IT system for a number of months prior to committing the fraud in order to monitor e-mail traffic and thus be able to convincingly impersonate the executive or customer. All this is well known, and many organizations are taking steps to prevent BEC scams. But what happens when it occurs?

Where do stolen funds usually end up, and can a victim possibly recover such funds? Funds misappropriated through BEC scams can ultimately end up in any jurisdiction in the world (but almost never in the country in which the defrauded company is located). In our experience, misappropriated funds often end up in jurisdictions such as Hong Kong, China, Cyprus, various Eastern European countries and various African countries. Misappropriated funds can be transferred in and out of bank accounts in an instant. Thus, the longer it takes to discover a fraud, the less chance a company has of recovering its stolen funds. BEC scams generally are uncovered soon after they are committed; large and unusual transactions are red flags which can be noticed by senior management not targeted by the fraudsters. Invoice fraud often takes much longer to be discovered—usually when an unpaid supplier or customer raises queries as to payment of its invoices, which could be weeks or even months after the fraud has been committed. If your company has been defrauded, the key to recovering misappropriated funds is to take immediate action, both in your company’s local jurisdiction, as well as the jurisdiction to which the funds have been remitted. Any delays can severely jeopardize the chances of recovery.

What should a company do after discovering that it has been defrauded? Once a company discovers that it was the victim of fraudulent activity, it should take the following steps:

Immediately report the fraud to the bank from which funds were fraudulently transferred. Wire transfers are not always instantaneous. Rather, for a variety of reasons, the bank may delay processing a wire transfer—particularly a transfer of large sums of money. Such delays may give both the victim and the victim’s bank the opportunity to cancel or unwind a fraudulent transfer, if they act quickly enough. In our experience, companies that quickly discover and report fraudulent activity to their banks are more likely to recover stolen funds.

Report the fraudulent conduct to law enforcement agencies in the jurisdiction to which the funds were transferred. If possible, defrauded companies should contact these agencies at the same time as they contact their bank, because local police, including police in Hong Kong and China, may be able to freeze the account receiving the stolen funds, thereby stopping the funds from being withdrawn or further transferred.

Inform your company’s in-house counsel of the loss. In-house counsel will need to determine, among other things, whether the loss suffered is covered by the company’s existing insurance policies. If the loss is covered, your company should promptly inform its insurance company of the loss to ensure timely compensation under its policies.

Finally, retain local counsel in the jurisdiction to which the funds were transferred. Local counsel will be able to advise on the best legal strategy to recover the stolen funds—for example, commencing a civil proceeding to obtain a freezing order or a disclosure order. Local lawyers can also facilitate communications with local law enforcement agencies, as discussed in more detail below, thus increasing the chances of funds being frozen before they are further dissipated.

What is the best way to report to and follow up with local authorities? Communicating with law enforcement agencies in a different time zone and in a different language can be challenging and inefficient. Victims of fraud also often make the mistake of reporting crimes through an authority’s online reporting system, which can cause delays in processing the report (and thus increase the risk of the funds leaving the account before steps can be taken to freeze the account). We have found that taking the following steps will maximize a company’s chances of early and effective police intervention:

Contact law enforcement agencies through an agent that lives in the jurisdiction and speaks the native language—preferably local lawyers who are accustomed to dealing with the police and can quickly take steps to begin recovery of the stolen funds should they have been successfully frozen.

If possible, communicate with law enforcement officials face-to-face, as this will help in expediting their investigations.

Provide law enforcement officials with detailed information about the fraud and related wire transfers, including any and all evidence in support. For example, any email correspondence with the fraudsters and wire confirmations showing the name and bank accounts of the recipients.

How does a company obtain a freezing order from local courts? It is often the case that the victim of the fraud cannot (or does not want to) rely on local enforcement to freeze the recipient’s bank account. This may be due to the police not having sufficient powers in the relevant jurisdiction to freeze the account, or the amount that has been stolen is of a sufficient value that the victim wants take additional action to try and secure the funds. In this case, the victim should apply to the local court for a freezing order. Freezing orders—known as a Mareva injunction in Hong Kong or a property preservation order in China—prohibits the recipient of stolen funds from disposing of its assets, including withdrawing the stolen funds from the account. The bank will also freeze the account upon being served with such an order, making it impossible for the account holder to access the funds in the account. In most BEC and invoice fraud cases, the victim can apply for a freezing order on an urgent and ex parte basis—i.e., the victim is not required to notify the account holder about the application unless and until a freezing order is issued by the court. Although this significantly speeds up the process, note that it can take up to a day or two to compile all of the evidence needed and prepare the application, during which time funds can be transferred or withdrawn. It is thus important to retain local counsel early to aid in these efforts, so as not to further delay the process. Given their draconian nature, there are often potential obstacles and pitfalls to be to be aware of when preparing an application for a freezing order. While the standard for granting such an order is high in most jurisdictions, if the victim can produce concrete evidence of the fraud, most courts will be inclined to issue a freezing order, at least at the ex parte stage. Also, some courts require that the victim provide a sum of money to the court—i.e., a bond—to obtain a freezing injunction. Companies should discuss with counsel whether and under what circumstances a freezing order might be possible and what requirements will need to be met to make such an application.

How does a company obtain information about the whereabouts of the stolen funds? It is not uncommon for fraudsters to quickly and repeatedly transfer stolen funds to different banks in an attempt to evade detection. The most efficient way of tracing the funds is through the recipient banks themselves. Often, however, banks and the police are unwilling or unable to provide information about bank accounts without a court order. Therefore, consideration should be given to applying to the local court for a “disclosure order.” This is an order requiring the bank to provide information about the account holder and whether and where funds were subsequently transferred. This can either be done as part of the freezing order application or as a stand-alone application (if, say, for example, the victim has become aware that the funds are no longer in the account but still wants to trace the onward remittance of the funds). It should be noted that courts will often give banks a generous amount of time to comply with disclosure orders, typically seven to 14 days. Such delays may hinder tracing efforts, as it is very likely that fraudsters will continue to move the funds through different banks meaning it can often be difficult to locate the ultimate destinations of the funds. Again, it is important for a victim to move quickly when making a disclosure application in order to give itself the best chance of successfully tracing and freezing stolen funds.

What should a company do after the funds are successfully frozen? Once the stolen funds (or some portion thereof), are successfully frozen, a victim should commence civil proceedings against the recipient for the return of those funds. If the recipient does not appear or otherwise defend the proceedings and commits an act of default, then a judgment can be entered against the recipient. A victim can then seek to enforce the judgment by applying for a third-party payment order (also known as a garnishee order) against the banks where the funds are held. Such an order requires the bank to remit the funds in the account to the victim in satisfaction of the judgment.

Michael S. Kim is co-founder and Randall Arthur and Kelly Spatola are attorneys with Kobre & Kim.

screen-shot-2016-09-28-at-7-28-21-pm_____________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Bank of Tucson Websites

This icon appears next to every link that directs to a third party website not affiliated with Bank of Tucson. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Bank of Tucson. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Bank of Tucson assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

Welcome, Christina Lynn!

christina-lynnWe’d like to extend a big welcome to Christina Lynn, who has joined Bank of Tucson as a financial service representative.

Christina has had her eye on our bank for a while now. She heard great things about working here from a friend and former co-worker, so when she saw an opening posted, she wasted no time in submitting her qualifications.

Christina’s past experience working as an assistant branch manager for a credit union gives her a great foundation for helping Bank of Tucson clients open new accounts. At the credit union, Christina focused mostly on opening personal bank accounts, so she’s enjoying shifting her focus to business accounts now.

Christina is a Tucson native and a graduate of Rincon High School (go Rangers!), and she has supported our community by volunteering with several local nonprofits, including Children’s Miracle Network, Community Food Bank of Southern Arizona and the Susan G. Komen Race for the Cure.

She loves to camp and fish with her husband and two teenage children, and she enjoys crocheting when she can carve out some time for herself.

We hope you get the chance to meet Christina and find out for yourself why she is a great addition to our team.

screen-shot-2016-09-28-at-7-28-21-pm

fbtwitterLinkedIngp

Nonprofit Loan Fund of Tucson & Southern Arizona – A Creative Financial Solution

true-concord-recording-far-in-the-heavens

NPLF borrower True Concord recording GRAMMY winning album “Far in the Heavens”

We are proud to be a founding member (through our president, Mike Hannley) of the Nonprofit Loan Fundscreen-shot-2016-09-13-at-11-07-51-am (NPLF) of Tucson and Southern Arizona. Established in 2014, NPLF has made nearly $1.3 million in loans to local nonprofits to help strengthen operations, bridge cash-flow gaps, further their initiatives and make them overall financially sustainable.

Some of the many worthy recipients of NPLF loans include YWCA of Southern Arizona, Southwest Folklife Alliance, Esperanza En Escalante, Tucson Botanical Gardens and International Sonoran Desert Alliance. Loans range from $10,000 to $200,000 for up to five years.

NPLF’s liquidity is funded by a variety of investors which lend money to NPLF for a term of up to 10 years. Those investors include public agencies, nonprofits, individuals and several private foundations.

Investors receive two percent interest, while NPLF lends money out to local nonprofits at approximately eight percent. Since its inception, NPLF has grown its loan pool from $450,000 and three investors to nine investors and $850,000, with an additional $200,000 pending.

“This system is win-win,” says Don Jenks, Executive Vice President and Regional Credit Administrator for Bank of Tucson and NPLF board chair. “Investors make a return on their investment while also helping many wonderful nonprofit organizations make a difference in our community.”

Each loan recipient is thoroughly vetted, and the loan is structured to meet the unique needs of the recipient organization.

“With grant and donor funding, that capital is often restricted to certain uses,” said Jenks. “A NPLF loan gives the nonprofit the leeway to use the loan funds for general operations or other important priorities.”

For True Concord Voices & Orchestra,screen-shot-2016-09-13-at-11-07-51-am it was a cash flow issue that brought them to NPLF. In the fall of 2015, True Concord made its New York debut at Lincoln Center, a performance that hit number five on the Billboard charts. The performance was swiftly followed by a Grammy nomination for a composition performed on the group’s first internationally released album “Far in the Heavens.”screen-shot-2016-09-13-at-11-07-51-am While True Concord maintains a balanced budget, cash flow was not adequate to fund the travel requirements that arose from these honors. Fortunately, NPLF helped bridge the gap.

The NPLF board continues to recruit additional investors as well as collaborate with other lenders in Arizona to provide options for local nonprofits. Board members are also pursuing grants to expand the financial education programs NPLF offers to area nonprofits — education that will help them achieve long-term financial stability. Most recently, NPLF has applied for Community Development Financial Institution (CDFI) certification, which will provide access to federal funding and partnerships with local and national financial institutions. Our bank is proud to also provide some of the financial support for NPLF’s operations.

Launching NPLF was made possible through the joint efforts of the Community Foundation of Southern Arizonascreen-shot-2016-09-13-at-11-07-51-am (CFSA), and Diamond Family Philanthropies.

For more information about NPLF, visit http://nonprofit-loans.org/screen-shot-2016-09-13-at-11-07-51-am

screen-shot-2016-09-28-at-7-28-21-pm_____________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Bank of Tucson Websites

This icon appears next to every link that directs to a third party website not affiliated with Bank of Tucson. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Bank of Tucson. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Bank of Tucson assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

Roger M. Laverty Named President of Grandpoint Bank

grandpoint_rocky_laverty_993_cropPlease join us in welcoming the new president of Grandpoint Bank, (of which Bank of Tucson is a division) Roger M. “Rocky” Laverty. Rocky, a member of the Bank’s board of directors since its inception in 2010, has a distinguished business career, most recently serving as President and Chief Executive Officer of Farmer Bros. Co. He is also the former President and CEO of Smart & Final, Inc. and Diedrich Coffee, Inc., and he was a founding member and Chairman and CEO of Prime Advantage, Inc.

“Rocky is a remarkable businessman, and we are fortunate to have his leadership in guiding our bank’s growth across all of our markets,” says Don M. Griffith, Chairman and CEO of Grandpoint Capital, Inc., and Grandpoint Bank. “I’ve known Rocky for years, and his business acumen, his ability to identify and cultivate strategic growth opportunities and his track record of building successful businesses will be a tremendous benefit to Grandpoint.”

Rocky will remain on the bank’s board of directors.

“I’ve had the opportunity to be part of the bank’s growth as a member of the board,” says Rocky. “It is now exciting to be on the frontlines, working with an exceptionally talented group of regional executives and their teams. I’m looking forward to contributing the experience I’ve garnered over the course of my career to support the bank’s internal growth and develop new product strategies.”

Rocky is a member of the Board of Trustees for Children’s Bureauscreen-shot-2016-09-13-at-11-07-51-am and for the Jean Perkins Scholarship Foundation,screen-shot-2016-09-13-at-11-07-51-am which provides college scholarships to children of LA County Sheriff Deputies. He also serves on the board of the Jimmy Miller Memorial Foundation,screen-shot-2016-09-13-at-11-07-51-am which provides ocean therapy to wounded warriors and veterans as well as at-risk youth.

Rocky attended Stanford University and Stanford Law School.

screen-shot-2016-09-28-at-7-28-21-pm_____________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Bank of Tucson Websites

This icon appears next to every link that directs to a third party website not affiliated with Bank of Tucson. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Bank of Tucson. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Bank of Tucson assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

FBI Article: Ransomware

ransom

We receive a lot of positive feedback when we run articles from the FBI’s cyber crime division. We’re pleased the Bureau has encouraged us to share their articles on this topic, so we want to share a recent post from their website about ransomware. Ransomware refers to a malware that restricts access to the infected computer/network and demands that the operators pay some sort of ransom to regain control of their network. We hope this article is helpful to you. Please let us know if you have information or ideas on this topic that our readers may want to hear.

You can find this article, as well as many other articles you may find valuable to keep your business and staff secure against cyber crime, at this web address: https://www.fbi.gov/investigate/cyberscreen-shot-2016-09-13-at-11-07-51-am

For more information about fraud protection tools and product features provided by Bank of Tucson, please visit our website.

Ransomware 

Hospitals, school districts, state and local governments, law enforcement agencies, small businesses, large businesses—these are just some of the entities impacted by ransomware, an insidious type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them.

The inability to access the important data these kinds of organizations keep can be catastrophic in terms of the loss of sensitive or proprietary information, the disruption to regular operations, financial losses incurred to restore systems and files, and the potential harm to an organization’s reputation. Home computers are just as susceptible to ransomware and the loss of access to personal and often irreplaceable items— including family photos, videos, and other data—can be devastating for individuals as well.

In a ransomware attack, victims—upon seeing an e-mail addressed to them—will open it and may click on an attachment that appears legitimate, like an invoice or an electronic fax, but which actually contains the malicious ransomware code. Or the e-mail might contain a legitimate-looking URL, but when a victim clicks on it, they are directed to a website that infects their computer with malicious software.

One the infection is present, the malware begins encrypting files and folders on local drives, any attached drives, backup drives, and potentially other computers on the same network that the victim computer is attached to. Users and organizations are generally not aware they have been infected until they can no longer access their data or until they begin to see computer messages advising them of the attack and demands for a ransom payment in exchange for a decryption key. These messages include instructions on how to pay the ransom, usually with bitcoins because of the anonymity this virtual currency provides.

Ransomware attacks are not only proliferating, they’re becoming more sophisticated. Several years ago, ransomware was normally delivered through spam e-mails, but because e-mail systems got better at filtering out spam, cyber criminals turned to spear phishing e-mails targeting specific individuals. And in newer instances of ransomware, some cyber criminals aren’t using e-mails at all—they can bypass the need for an individual to click on a link by seeding legitimate websites with malicious code, taking advantage of unpatched software on end-user computers.

The FBI doesn’t support paying a ransom in response to a ransomware attack. Paying a ransom doesn’t guarantee an organization that it will get its data back—there have been cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.

So what does the FBI recommend? As ransomware techniques and malware continue to evolve—and because it’s difficult to detect a ransomware compromise before it’s too late—organizations in particular should focus on two main areas:

  • Prevention efforts—both in both in terms of awareness training for employees and robust technical prevention controls; and
  • The creation of a solid business continuity plan in the event of a ransomware attack.

Tips for Dealing with Ransomware. While the below tips are primarily aimed at organizations and their employees, some are also applicable to individual users.

  • Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
  • Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
  • Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
  • Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
  • Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write-access to those files or directories.
  • Disable macro scripts from office files transmitted over e-mail.
  • Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).
  • Back up data regularly and verify the integrity of those backups regularly.
  • Secure your backups. Make sure they aren’t connected to the computers and networks they are backing up.

screen-shot-2016-09-28-at-7-28-21-pm_____________________________________________________________________________________________________________

screen-shot-2016-09-13-at-11-07-51-am Linking to Non-Bank of Tucson Websites

This icon appears next to every link that directs to a third party website not affiliated with Bank of Tucson. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Bank of Tucson. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Bank of Tucson assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp