Virtual Product Fair. Protect your agency data protect your business

Similar documents
Agency Security. Quick Reference. Agency Security Quick Reference Page 1 I N T R O D U C T I O N

Why was an extra step of choosing a Security Image added to the sign-in process?

FACTS WHAT DOES FARMERS STATE BANK DO WITH YOUR PERSONAL INFORMATION? WHY? WHAT? HOW? L QUESTIONS?

IMPORTANT SECURITY INFORMATION PHISHING

Verizon Enhanced Security Authentication

Online Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts

Financial scams. What to look for and how to avoid them.

CIBC FirstCaribbean Mobile App. FREQUENTLY ASKED QUESTIONS (FAQs)

Best Practices Guide to Electronic Banking

ANNUAL SECURITY AWARENESS TRAINING 2012

FAQ: Privacy, Security, and Data Protection at Libraries

Frequently Asked Questions (FAQ)

Safety and Security. April 2015

CIBC FirstCaribbean Mobile App. FREQUENTLY ASKED QUESTIONS (FAQs) Page 1 of 9

Maria Hishikawa MSIX Technical Lead Sarah Storms MSIX Contractor Security

Federal Deposit Insurance Corporation. National Credit Union Administration. Office of the Comptroller of the Currency. Office of Thrift Supervision

CUSTOMER TIPS: HOW TO GUARD AGAINST FRAUD WHEN USING ONLINE BANKING OR ATM s

FAQ. Usually appear to be sent from official address

PIN / Password Security

When you provide personal information to us it will only be used in the ways described in this privacy policy.

COMMON WAYS IDENTITY THEFT CAN HAPPEN:

Regulation P & GLBA Training

It s still very important that you take some steps to help keep up security when you re online:

WHAT IS CORPORATE ACCOUNT TAKEOVER? HOW DOES IT HAPPEN?

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

The BUSINESS of Fraud. Don t let it put you out of business. AFFILIATE LOGO

Identity Theft Prevention Policy

Why you MUST protect your customer data

Access Control Policy

CAREERBUILDER.COM - PRIVACY POLICY

Identity Theft, Fraud & You. PrePare. Protect. Prevent.

Important Information

How to Build a Culture of Security

LightGig Communications, LLC Privacy Policy

STUDENT ACCEPTABLE USE OF IT SYSTEMS POLICY

TIPS TO AVOID PHISHING SCAMS

Terms and conditions of use for the Online and Mobile Banking Service

Privacy Policy. How we handle your information you provide to us. Updated: 14 March 2016

South Central Power Stop Scams

Taking control of your finances... 5 Use these tips to manage your finances

Guide to Getting Started. Personal Online Banking & Bill Pay

We reserve the right to modify this Privacy Policy at any time without prior notice.

HUMAN RESOURCES DEPARTMENT

Personal Online Banking & Bill Pay. Guide to Getting Started

SHS Annual Information Privacy and Security Training

Fraud Awareness Campaign for the Travel industry

Protecting your Security and Privacy on the Web. Tony Brett Head of IT Support Staff Services IT Services. 11 March 2013

VIEWING AND/OR USE AND/OR COMMUNICATION IS CONSTRUED AS ACCEPTANCE OF THE TERMS OF THIS POLICY

Data protection. 3 April 2018

UKIP needs to gather and use certain information about individuals.

CYBER THREATS: REAL ESTATE FRAUD ADVISORY COUNCIL

PBX Fraud Information

Us bank phishing letter. Us bank phishing letter

Guide to credit card security

Business Online Banking & Bill Pay Guide to Getting Started

Create strong passwords

University of North Texas System Administration Identity Theft Prevention Program

This policy is a public document and has been prepared in light of the National Privacy Principle 5: Openness.

It pays to stop and think

Retail/Consumer Client Internet Banking Awareness and Education Program

Target Breach Overview

MOBILE.NET PRIVACY POLICY

NMHC HIPAA Security Training Version

Cyber Security Guide for NHSmail

FREQUENTLY ASKED QUESTIONS

FRAUDULENT TRAVEL SCAMS

The Table Privacy Policy Last revised on August 22, 2012

Overview Bank IT examination perspective Background information Elements of a sound plan Customer notifications

Page 1 of 6 Bank card and cheque fraud

NTS ONLINE BOOKING TOOL SABRE.RES

Shaw Privacy Policy. 1- Our commitment to you

We will ask you for certain kinds of personal information ( Personal Information ) to provide the services you request. This information includes:

CURTIS BANKS LIMITED. Privacy Information Notice. curtisbanks.co.uk

Prevention of Identity Theft in Student Financial Transactions AP 5800

Enviro Technology Services Ltd Data Protection Policy

VAX VacationAccess Booking Engine

Employee Security Awareness Training

Client Resources. participant guide

( Utility Name ) Identity Theft Prevention Program

Business Services Centre itrent Employee Self Service

ANZ FASTPAY NEXT GENERATION MERCHANT OPERATING GUIDE ANZ FASTPAY PORTAL

Technology Safety Quick Tips

Privacy and cookie policy

Red Flags/Identity Theft Prevention Policy: Purpose

Security Awareness & Best Practices Best Practices for Maintaining Data Security in Your Business Environment

Cyber Security Guide. For Politicians and Political Parties

Security Awareness. Chapter 2 Personal Security

Phishing. What do phishing s do?

GREATER ESSEX COUNTY DISTRICT SCHOOL BOARD

9/11/ FALL CONFERENCE & TRAINING SEMINAR 2014 FALL CONFERENCE & TRAINING SEMINAR

Multi-Factor Authentication FAQs

Quick recap on ing Security Recap on where to find things on Belvidere website & a look at the Belvidere Facebook page

ETSY.COM - PRIVACY POLICY

The Insider Threat Center: Thwarting the Evil Insider

EDENRED COMMUTER BENEFITS SOLUTIONS, LLC PRIVACY POLICY. Updated: April 2017

Website Privacy Policy

What kind of information do you collect, when and how?

We may change the privacy notice from time to time by amending this page. What type of information will we collect from you?

Your security on click Jobs

Cyber Hygiene Guide. Politicians and Political Parties

Transcription:

Virtual Product Fair Protect your agency data protect your business October 2011

2 Are you doing all that you can to protect your business?

Agenda Background Fraudulent activities Sabre actions Steps you can take 3

Background Forms of fraud Over $40M was stolen from small businesses in 2009. The FDIC says this has grown to $200M in the last 12 months 4

Phishing Phishing emails can be difficult to recognize as they often include recognized graphics or logos that appear to be connected to legitimate websites Sample Links look legitimate and are designed to entice recipients to login to fraudulent systems Instead, the links take you to phony scam sites or legitimatelooking but fraudulent pop-up windows 5

Phishing examples Source: https://www.bankofamerica.com/privacy/control.do?body=fraud_demo_popup 6

Phishing examples 7 Source: www.bellsouth.com/residential/fraud_examples.html

8 Phishing example

9 Phishing example

Phishing example An example of a phishing email received from one of our customers 10

Phishing Sabre will never... send you an email asking if you ve used our system recently send you an unsolicited email notifying you to click on a link to change your password. 11

Phishing Steps you can take Never log on (enter user name and/or password) to a site with an emailed click-through link Bookmark your trusted login sites and access them only through your bookmark, or by manually typing in the web address Manually type the website address into your Internet browser, if you re concerned about a possibly fraudulent link, Sign in through a secured method and change your password as a precaution 12

Phishing Steps you can take If you receive a suspicious email that looks like it comes from Sabre, report the incident to the Sabre Help Desk immediately 13

Passwords Always keep your Sabre password private Your Sabre password is for only you to know Do not disclose or share your Sabre password with anyone, including others within your agency or branch locations Do not write your password down or store it where someone can access it 14

Passwords Sabre will never... ask you for your password have a 3 rd party company ask you for your password 15

Passwords Steps you can take Change your Sabre password regularly Make sure your password is difficult for someone else to guess If you receive a call from someone wanting your sign-on and/or password, do not provide your credentials Obtain the caller s contact information and report the incident immediately to the Sabre Help Desk Advise the Help Desk agent you are calling to report a potential invalid request for credentials Avoid using the same password for multiple accounts 16

Passwords Steps you can take If you receive a call from someone wanting your sign-on and/or password, do not provide your credentials 17

EPR Keywords and Ticket Safe Review your employee EPR keywords Employee Profile Record (EPR) keywords control your employees access to the Sabre system Your agents should have only the keywords necessary for their roles in your agency Every employee is unique and doesn t need the same keywords. Use Ticket Safe to open and/or close the ability to issue airline tickets outside of office hours 18

EPR keywords and Ticket Safe Sabre will never... contract with a 3 rd party to adjust your EPR keywords request private information from you regarding your clients or your bookings 19

EPR keywords and Ticket Safe Steps you can take Review EPR Quick Reference guide to understand keywords available to help manage your business Review your agents EPR keywords quarterly to ensure each employee has correct access for their role in the agency Increase new staff keywords over time and monitor their initial use of high risk keywords for a short period Inactivate EPRs of former employees Permanently delete 1234 EPR if it still exists. 20

EPR keywords and Ticket Safe Steps you can take If you use a robotic application to manage electronic ticketing while your agency is closed, work with your after-hours call center to determine who is authorized to activate and deactivate ticketing 21

If your ticketing has been compromised Immediately report incidents to ARC or BSP VOID any potentially fraudulent tickets at once If ticket cannot be voided, contact the air carrier to advise of potential fraud Track and document all activities from the point fraud was identified and reported and throughout the investigation Report incident immediately to the Sabre Help Desk Advise the Help Desk agent you are calling to report potential fraudulent tickets Report the incident to local law enforcement 22

Protection Always use designated protected fields for sensitive data like credit card numbers Position workstations so visitors can t see your screen Use a privacy filter on your monitor Use password protected screensavers when you step away from your desk Keep faxes and print copies away from visitor access 23

Protection Steps you can take If you receive unsolicited requests for office visits, do not allow these individuals access to your office or your Sabre records. If you receive a suspicious call requesting access to your data or Sabre records, immediately contact the Sabre Help Desk at your usual number Advise Help Desk agent you re reporting a suspicious activity Try to obtain the suspicious individual s contact information to report Report the incident to local law enforcement 24

Protection Sabre will never... request private information from you regarding your clients or your bookings. send anyone to your office to repair equipment or ask for you to send us your equipment 25

1. Bookmark your trusted login sites and access them only through your bookmark, or type in what you know to be the legitimate website address 2. Sign in through a secured method (using a legitimate link to a Sabre site) and change your password if you have logged on to the Sabre site after clicking on a link you received recently 3. Review your agents Employee Profile Records (EPRs) to ensure that all employees have the correct level of access for their roles in the agency 1. Click on email links that require you to enter your login credentials. 2. Disclose login credentials to anyone claiming to be from Sabre. If someone calls your office asking for login credentials, do not provide this information. The Sabre Help Desk or others at Sabre will never ask you to reveal your login and password information. 3. Disclose or share login credentials with anyone else, including others within your agency or branch location 4. Put sensitive data, like credit card numbers, in designated protected fields in the PNR 4. Don t delay reporting fraudulent tickets 26

Questions? Refer to our Agency Security community for information on how to protect your agency from this type of fraudulent activity. eservices.sabre.com > Business Tools > Community > Agency Security Today s slides Top right hand corner of the home page between the words FindIt: Site Index and Search Index there is a box. Type VPF in the box and hit enter. Click on the Virtual Product Fair (VPF) presentation link on the next page and then scroll down to 2011 10 Virtual Product Fair 27

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback