First Community Bankwww.fcbnm.com

Prevx Safe Online Rollout&

Best Practice Presentation

• Given the increasing cyber threats and Trojans that specifically target business on-line bank accounts, we at First Community Bank looked for some options to offer customers to help protect their on-line banking sessions. In the recent past, we've had a few customers infected with the Zeus or related Trojans, which led to some attempted ACH fraud.

• We found a vendor that offered a product that helps protect users when they log into a web site such as on-line banking. The vendor is Prevx. The product we are offering is Prevx 'SafeOnline' .

• We went live 2/22/2010 with this offering.

• This software is offered for free to our customers. It provides protection of the on-line sessions as well as some anti-virus like scanning. It protects from the key board thru the browser to the website. The vendor advertises it as still protecting the on-line banking sessions even if the PC is infected. Note - The free version will scan for viruses, but will not remove the viruses. A user can upgrade to a full version that removes the infections for a nominal annual fee. This software is compatible with other security products and anti-virus software

Internet Fraud – What is it? Viruses, Trojans, malicious software growing and

spreading rapidly Allows unauthorized electronic access to customer

accounts - Able to defeat two factor authentication Scams – Phishing, Spoofing Impact to date – estimated at $40 million

transferred out of US in 2009, primarily to Eastern Europe

Impacts ACH, Wire Transfer, Auto transfers, Bill Pay, and check fraud

Can we stop Internet Fraud?• Education of customers• Customer security procedures

– Dual control– Prohibit password sharing– Policy regarding internet access and unauthorized e-mail– Confirm communications with the bank via e-mail or phone– Communicate personal changes to bank immediately

• Verify account balances daily• Immediately report unusual activity• Dedicated PC for on-line activity

Is there risk for an individual as well?

• Yes, phishing and spoofing scams are not limited to businesses. These criminals are attempting to move as many dollars as possible and in many cases individuals are an easy target

• Do not open e-mails from unknown sources• Keep your PC’s operating system up-to-date with all of the

current patches from Microsoft• Install and keep current your virus protection software• Set-up multiple users on your personal computer that do not

have complete administrative rights. All of the current viruses require a software program to be downloaded and installed on your computer, without administrative rights the user cannot complete the task and the software cannot be activated.

Customer Experience - Start

Step 1: Customer views the First Community Bank information webpage, accesses the Prevx landing page for more information and downloads Prevx SafeOnline

First Community Bank

information webpage

Customer Experience – plus 15secs

All HTTPS websites

First Community bank HTTP websites

All social networking websites

Step 2: Customer accepts EULA and they are instantly protected

MI Reporting – 7 days plus

Step 3: Prevx provide detailed reports on First Community Bank customers using Prevx SafeOnline

• Downloads• Infected PCs• PC state• Existing security software• Blocked websites

7

Summary Report:This was provided to the Bank over 2 week period after rollout:21 downloads to date

19 PCs seen since launch

No support requests to date

7 PCs have been seen that were infected

4 PCs now clean were infected with:

Adware

Malicious software

Cloaked malware

Fraudulent security program (Vundo, typically used to deliver fraudulent AV software)

Spyware

3 PCs still infected

No access to blocked URLs

3 PCs upgraded to Prevx 3.0

Customer Experience – 7 days plus

Step 4: Security review advises customer of recommended actions

7+

Prevx SafeOnline

Protecting the Customer

Blocking Online Scams

Prevx SafeOnline identifying and blocking a phishing attack.

1)

2)

Hijacked Internet Connectivity

Prevx SafeOnline blocks any attempt to direct a user to an unauthorised IP address:

• Visit www.fcbnm.com the

First Community Bank Website Current linkage to the our Fraud information https://

fcbnm.com/index.php/personal/legal_fraud/ PrevX link: http://www.prevx.com/firstcommunitybank.asp

Questions- Call PrevxGarry Scott-Savage

Work: (630) 761-0722

Cell: (630) 660-5816

Email: garry@prevx.com