Guarding Against Account Hijacking
Information Provided By:
Bank Stuffers and Financial Education Corporation
It is the fastest growing form of identity theft, and it can have the most devastating effect on us. It is called ACCOUNT HIJACKING and some 2 million people are victimized yearly.
Account hijacking occurs when a criminal obtains your personal banking information and uses it to take over your bank accounts. It can take weeks or months to discover. Fortunately, there are steps you can take to protect yourself.
| STEP 1 - Protecting Yourself - Understand the Threat
Hijacking by phishing deceives customers into providing their user names, passwords, and account numbers via deceptive e-mails, fake Web sites, or both. The classic phishing attack involves a deceptive e-mails, fake Web sites or both. The classic phishing attack involves a deceptive e-mail that tends to be from a legitimate financial institution. The e-mail typically tells the customer that there is some sort of problem with customer's account, and instructs the recipient to click on the included hyperlink to "fix" the problem. In reality, the fake Web site is simply collecting customer user names and passwords in order to hijack accounts.
| Hijacking with Spyware works by inserting malicious software, often referred to as "Spyware," on a person's personal computer. Spyware can be loaded when a user opens a seemingly harmless e-mail attachment or clicks on a pop-up advertisement. The spyware collects selected information (user names, passwords, and account numbers) and forwards that information to the fraudster.
| STEP 2 - Protecting Yourself - Fortify Your System
Password Protection - If your password is easy for you to remember, the chances are good it is also easy for an Internet hacker to figure out. Experts advise a combination of letters and numbers... and avoiding pet names, your home address, and similar easy-to-crack codes.
Phishing Awareness - If you receive an unexpected email, or one that you consider suspicious, delete it. REMEMBER: Your bank will NEVER email you and ask you to go to another site to "verify information".
Anti-Virus - Your computer's antivirus software is like a vaccine - it works at first, but you need to keep it up-to-date to guard against new strains.
Anti-Spyware - Anti-spyware programs are readily available, and every computer connected to the Internet should have the software installed...and updated regularly.
| STEP 3 - Protecting Yourself - Vigilance Pays
| Chances are you will never be victimized by account hijacking identity theft. But if you are victimized, early detection is critical.
Check Your Statements Regulary - If something seems irregular, contact your banker to discuss it. A recent study showed that customers who monitor their account online discover problems sooner.
Check Your Credit Report At Least Annually - You are entitled to one free credit report annually from each of the three major credit bureaus. If a hijacker is misusing your credit, clues are likely to show up here. For a free report: www.annualcreditreport.com
Quick Facts About Account Hijacking
- An estimated 2 million people are hit with account hijacking each year; most say it was from a phishing scam.
- Overall account fraud totals more than $2.4 billion annually, $1,200 per victim.
- People who monitor their accounts online (rather than just with mailed statements) can detect hijacking earlier. In one report, victims' losses were one-eighth of those who detected the crime via paper statements due to early detection.
Return to the top
Tips for Travlers
Planning Ahead Can Help You Keep Your Money Safe!
Washington, D.C. (May 23, 2011) - With the kick off of summer less than a week away and many Americans planning to hit the road or the skies for their much-anticipated summer vacation, the Independent Community Bankers of America (ICBA) and the nation's more than 7,000 community banks want consumers to have the information they need before they leave home so they can keep their money safe.
"Nothing can ruin a vacation faster than losing your wallet or running out of funds, so plan ahead and talk to your community banker about how you can protect your money while traveling both domestically and abroad, "said Sal Marranca, ICBA chairman and president and CEO of Cattaraugus County Bank, Little Valley, N.Y. "Since community banks are relationship bankers who work one-on-one with their customers, they can help customers be better prepared for travel emergencies. And in the event that something unfortunate does happen, they are ready and willing to help."
Financial professionals agree that the safest and most convenient way to travel with your money is to take a small amount of cash with you. It's also a good idea to carry a debit, credit or ATM card. These cards are convenient while traveling because they are easy to carry, easy to use and often offer the lowest fees and the best exchange rates.
However, travelers still need to plan ahead to be prepared. To help, ICBA offers these tips to consumers about what they need to take care of before they take off:
- Let your community bank know when and where you will be traveling so that you will avoid any potential for fraud alerts when out-of-the-ordinary transactions are posted.
- Call or stop by your community bank to find out what ATM or debit card fees you may be subject to in this country and abroad.
- If you're traveling overseas, keep in mind that ATMs in many countries only accept four digit personal identification numbers (PINs) and some countries have keyboards with numbers only, while others do not ackowledge zeros. Ask your community bank if you should create a new PIN for your account before you take your trip.
- Carry a back-up card that you keep in a separate place. Families or couples may get even greater back-up coverage if each person takes a different card.
- Make copies of all the cards you'll be carrying. Be sure to copy the front and back of the card.Take a copy with you and give a copy to someone you trust back home. Be sure to also include the security code for the card and the customer-service phone number.
- Bring a list of emergency phone numbers, but remember, 800 numbers can only be used in the United States and Canada. Be sure to get a number for your bank that you can call if you're out of the country.
- Many credit cards provide travel accident insurance and traveler's assistance. Ask your community bank what special services are available through your card.
- Check your balance before you leave. Know the limits on how much you can withdraw. Save all your receipts.
"Whether your destination is overseas or closer to home, it really is better to be safe than sorry. And your community bank can help you make sure that you're safe," Marranca said.
Return to the Top
ATM & Debit Card Safety
Information provided by:
Bank Stuffers and Financial Education Corporation
With the banking convenience made possible with Automated Teller Machines (ATMs) and orther Point of Sale terminals comes an increased need for security and personal caution.
It's no longer enough to take measures to protect your physical safety and your cash after a transaction at the ATM - now you must be aware of cameras and skimming devices that secretly record (steal) your bank account numbers and PIN numbers. Here are some other tips for safer transactions:
Protect Your Card - Report lost or stolen cards IMMEDIATELY. Don't write your Personal Identification Number (PIN) on your card or give the number out to anyone, including friends and family and DO NOT reveal it to anyone over the phone. Avoid using number that are easily identified with your personal identity.
Conduct Your Transactions Privately - When you use the ATM conduct your business quickly and efficiently, make sure no one watches you key in your PIN number. Use your body and free hand to shield the ATM keypad during the transaction. This simple step prevents a camera or remote reader from recording your personal information including card numbers.
Be Watchful for "Skimmers" - Do not swipe your card in machines that claim to clean, re-magnetize or renew your card. If the machine looks like it has been tampered with, re-manufactured or has any loose parts don't use it. This machine could be a "skimmer" which is used to copy identifying information from the magnetic strip on your card.
Take the Receipt With You - NEVER leave the receipt behind, even after an incomplete transaction. Discarded receipts can lead to identity theft and account hijacking.
Check Your Debit Card Account Frequently - If you find any irregularities in your statement, e.g. charges made for items that you didn't order, cash withdrawals that you didn't make. Then contact your bank immediately to report the incident. Your liability under federal law for unauthorized use of your ATM or debit card depends on how quickly you report the loss.
- Lock Your Car - if you leave your car and walk to the ATM, turn off your ignition and lock your car. If you use a drive-up ATM, be sure to roll up passenger windows and lock your car doors.
- Observe Lighting and Landscape - Use extra caution when using an ATM at night. If the lights at the ATM are not working, don't use it. If shrubbery has grown up,or if a tree blocks the view, select another ATM and notify the bank. In fact, it's always a good idea to let the bank know whenever you notice anything our of the ordinary at an ATM.
- Take a Friend at Night - If you use the ATM at night, consider taking a friend along.
- Count your Cash Later - Once you've completed your ATM transaction, put your money away immediately and leave the ATM premises. It's best to count your money later.
BOTTOM LINE: Always use common sense when using an ATM and be aware of your surroundings, whether at your bank ATM or other point of sale device.
Return to the top
Deposit Safety Tips
Counterfeit Cashier's Checks
Cashier's check fraud has become more prominent as online auction sites, chat rooms, and classified ads have become more popular. Typical fraud scenarios involve buyers from overseas claiming someone in the United States owes them money after a purchase has been made. The person who owes the buyer money then offers to send you a cashier's check for an amount over the purchase price and asks that you wire back the difference to the buyer. You agree, so you deposit the cashier's check once you receive it and wire the leftover sum to the buyer. Days later your bank informs you that the cashier's check was fraudulent and you are now responsible for the money you've drawn against it. You've now lost your money and merchandise to a scam.
REMEMBER: Use caution when dealing with foreign buyers and sellers. Also, banks can take up to 10 days to determine if a check is counterfeit; do not be rushed into any transaction. No legitimate company will offer to pay you by arranging to send you a check and asking you to wire some money to their bank. If that's the pitch, it's a scam.
Fake Check Scams: Can a bank tell if a check or money order is fraudulent when it is deposited?
Fake checks and money orders often look so real that even bank tellers may be fooled. Many times, the name listed on the check is a legitimate business name, but is matched up with a fake bank or account number.
Under federal law, banks must make the funds available to the customer within one to five days. So just because the funds show up in your account, doesn’t mean the check is good. Forgeries can take weeks to be discovered.
If you suspect a check may be fraudulent, ask the teller if they can verify funds with the issuing check’s bank. It’s better to be safe than sorry.
Fake Check Scams: If the check is fake, is it the customer's problem?
Every customer is responsible for the items they deposit. "The customer is in the best position to determine how risky the transaction is" (Fraud Alert: Fake Check Scams). When a check or money order is returned, you owe your bank the money you deposited or withdrew. The bank may recover the funds by debiting your account. "In some cases, law enforcement authorities could bring changes against the victims" (Fraud Alert: Fake Check Scams).
If you don’t already have your paycheck set up with direct deposit, you should consider the benefits. Direct deposit is safe, reliable, quick, and convenient. Direct deposit puts money in your account on time, every time. It can’t get lost or stolen because it will never be in your possession. You won’t have to make that special trip to the bank or pay for the stamp to mail your deposit, your paycheck will be credited to your account and available for you to use immediately. Check with your employer about direct deposit today!
Tax Refund Direct Deposit
Sixty-six million taxpayers are already using direct deposit for their tax refund. So why should you? The IRS can electronically transmit your refund directly into your account. It’s safe, easy, and fast. You can also select up to three financial accounts for direct deposit of your tax refund. You can choose IRA accounts, checking and savings as well as Health Savings Accounts, Coverdell education accounts or medical savings accounts. To arrange direct deposit use IRS Form 8888 to split your refund. Use the appropriate line under “Refund” on Form 1040 to deposit into a single account.
Return to the top
Loan Safety Tips
Advance Fee Loan Scams
Advance fee loan scams target clients who use their legitimate looking Web sites. After filling out an online loan application, the client quickly receives verification that their loan has been approved and can obtain their funds after first wiring a deposit or fee. After doing so, the victim quickly realizes that the loan never materializes; leaving the client vulnerable to identity theft.
REMEMBER: It is illegal for a lender to ask you to pay a fee before you get a loan. Your best defense is to do business with an institution you know and trust, such as your bank.
Return to the top
Partnership for Safe Online Banking
Information provided by:
Bank Stuffers and Financial Education Corporation
| Online banking has grown rapidly from a niche service to a major new way to bank. In fact, some surveys show that far more people prefer to bank online than in the traditional ways. This phenomenal growth was made possible by increases in technology, of course, but even more so by increases in the safety and security measures undertaken by banks and their customers. This partnership for safe online banking means that you can access your account whenever and wherever you want. But care should be taken because cyber criminals are always looking for new ways to electronically break into the bank and steal your money.
| Safe online banking depends on continuing and strengthening this safe online partnership between the bank and customer.
- Ensure the security and confidentiality of customer information.
- Protect against any anticipated threats to the security of customer information.
- Protect against unauthorized access that would result in substantial harm or inconvenience to any customer.
Customers Role: Some common sense and easily implemented precautions can help you safeguard your personal Information from Identity theft and account fraud:
- Strong passwords - Security begins with a strong password, which only you know. Experts advise a combination of letters and numbers, and advise against using easily guessed passwords such as birthdays or home addresses.
- Anti-Virus Protections - Make sure the anti-virus software on your computer is current and scans your email as it is received. This simple step is critical to your personal safety and security when online.
- Email Safety - Email is generally not encrypted so be wary of sending any sensitive information such as account numbers or other personal information in this way. If you receive an unscheduled or unsolicited email purporting to be from your bank be cautious - take the time to call your bank and make sure the email was sent from your banker.
- Sign Off and Log Out - Always log off by following the bank's secured area exit procedures to ensure the protection of your personal information.
- Don't Get Phished - Crooks are always trying to get your personal information, and they employ some ingenius methods. Don't respond to any unusual email requests for personal information - when you opened your bank accounts you already gave it. When in doubt, call your bank.
- Monitor Your Accounts - When you check your accounts regularly, you can let your bank know immediately if you encounter anything that does not seem right. Doing this has the added benefit of keeping you aware of recurrent transactions going through your acount for services you no longer use, such as a gym membership or club.
- Use a dedicated computer for online transactions.
- Business account holders to conduct periodic assessment of their internal controls.
- Use layered security for system administrators.
- Initiate enhanced controls for high-dollar transactions.
- Provide increased levels of security as transaction risks increase.
- Offer customers multi-factor authentication.
Return to the top
Online/Internet Safety Tips
Online 101: Identifying the Threats
Phishing- This usually happens in the form of fraudulent e-mails, which appear to be from a trusted source, such as your bank. The fraudulent e-mail usually directs you to a site that is designed to appear like the company they are trying to imitate. Once at the site, the customer is directed to verify their information, such as their name, account, credit card numbers, and passwords. Your personal information is then used to hijack your accounts and your identity.
Pharming- This fraudulent activity happens when a user is at a legitimate site and is then redirected to a fraudulent site and fooled into entering personal information. It is different from phishing because the user does not have to click on a link in an e-mail to go to the page, they are simply redirected by the attacker from the legitimate site to the malicious web site.
Malware- This is software that is designed to damage a computer system without the user knowing it is present. This includes computer viruses, worms, trojan horses, spyware, and adware.
REMEMBER: Be aware of the website you are using when entering in personal information. If you receive an e-mail from your bank directing you to click on a link, verify with your bank that the e-mail is legitimate before doing so.
Safe Online Shopping
Important things to remember when shopping online…
Secure Connection- Look for signs of a secure connection on your browser. The address bar should have an https or shttp instead of http and a picture of a lock should be shown at the bottom of your browser.
Public Computers- Use a personal computer to make online purchases. Never use a public computer to make purchases because it is hard to tell who may be watching you. Hackers sometimes install software, which cannot be detected, on public computers to gather customer information when entered in on the computer.
Understand the Terms- Always read important merchant information; such as, return policies, refunds, shipping costs and privacy protection, before making a transaction from an online business.
Responding to Information- Often times companies will send you an e-mail confirmation of your purchase after completing the transaction. These e-mails are good to keep record of because they often list information about your purchase. Usually these e-mails specifically say, Do not Respond to this E-mail. If you do receive an e-mail saying a merchant needs to confirm your billing information, beware. These e-mails are usually fraudulent and when entering your information, you are leaving yourself susceptible to identity theft.
Review Statements- When shopping online make sure you check your monthly statements issued by your billing company. This will help you identify any unauthorized transactions that may have been placed on your account. If a transaction is present that was not authorized by you, call your bank or credit card company to report the fraudulent activity immediately.
Information provided by McGlasson, Linda. "Do's and Don'ts for Safe Online Shopping" December 14, 2007
IRS Scan & E-Mail Fraud
With the tax season in full swing, it is important to protect yourself from scams aimed at taxpayers. Several fraud related e-mails have been sent out to taxpayers to try and acquire personal and financial information by stating they are entitled to a tax refund check. Another scam involves a downloadable form that the taxpayer is to use in filing their taxes. Individuals are told that if they do not use this form, they will be subject to an IRS audit. By downloading this form, spyware is then placed on the individuals computer that can obtain passwords and other valuable information. Some scams are even coming through phone calls, instead of e-mail, with the caller claiming to be an IRS agent. It is important to remember that you should only access tax information by going directly to the IRS’s website, www.irs.gov
Information provided by Krebs, Brian. “IRS Warns of Scams to Steal Data With Offer of Tax Rebate”. www.washingtonpost.com Jan. 31, 2008.
Malware Targeting Online Banking Users
We have been informed of a new malware that is affecting online banking users. This has not affected any of our Citizen’s State Bank online users directly, but we want our customers to be aware of what is going on.
Once the malware is present, it attempts to trick the user by popping up fraudulent login screens. These pop up screens acquire personal data such as usernames, passwords, challenge questions, token challenge numbers and other information.
Please report any suspicious activity or anything that looks different on the login window. These could be signs that the computer has been affected by the malware. As a precaution, please close all other browsers and tabs before logging into your online banking.
Safe Online Banking
Online banking has been an added convenience to our everyday lives in several different ways, but it is important to be safe when using this helpful device.
1. Passwords. Use a strong password and do not share it with anyone else. By using a combination of numbers and letters, (and not using easily guessed words) hackers will have a harder time trying to figure out your password.
2. Anti-Virus Protection. Make sure the anti-virus software on your computer is up-to-date.
3. E-Mail Communication. E-mail is generally not encrypted, so be cautious about sending personal information (account numbers & social security numbers) through your e-mail.
4. Log Off. Always make sure you log off your account, especially if you’re using a public computer.
Return to the top
Consumer Information Safety Tips
Know Your Credit Report
In today’s world, credit is a privilege. It is important to have good credit as several decisions can be based on this statistical number.
1. Monitor your Credit Report. The three national credit reporting agencies offer free credit reports every year. Take advantage of this and order a report from a different company every four months to monitor any new activity year round. Go to www.annualcreditreport.com to get your free credit report.
2. Improve your Credit Score. If your credit score isn’t as high as you’d like it to be, take these steps to improve your credit score: Pay bills on time, keep credit card balances low, consider close unused accounts, and pay off debt.
3. Correct your Credit Report. When looking at your credit report, verify that all information is correct. If you notice something that is wrong on your credit report, you have the right to dispute any discrepancy. Credit bureaus are required by law to investigate any written complaint within 30 days.
Save Time When Paying Bills
There are two advances in electronic banking that will allow you to save time and pay bills faster and easier.
Direct Payment- Bills are paid automatically every month from your bank account to the company you wish to pay.
- Contact your bill companies in which you have a reoccurring monthly bill and tell them you want to set your bill up on direct payment
- Give them your account number and bank’s routing number
- Authorize the amount and payment date
By setting your monthly bills up on direct payment, you not only save valuable time, but you will no longer have to pay for postage, checks, or late fees.
On-Line Bill Payment- Pay bills by using your computer.
- Go to a company’s website that allows you to pay bills online
- Enter in your bank account information and the amount you wish to pay
- Your payment will be automatically deducted from your account upon your approval
By paying your bills online, you save money on postage and checks.
Warning Signs of Financial Stress
Here are a few warning signs that show you might be in financial stress:
· You pay the minimum payment amount each month. (This includes credit cards, bills, and loan payments.)
· Important payments are late. (Like your mortgage payment.)
· Taking out a loan to pay-off another loan elsewhere.
· Taking cash advances for everyday living expenses.
· Getting a new credit card because your other credit cards are maxed out.
· Running out of cash before your next payday.
To help get back on track, sit down and write out your budget so you know where your money is going and see what areas you can maybe cut back on. It is important to seek professional help if you believe your finances may be in trouble.
It’s that time of year again to be thinking about your upcoming holiday budget. Here are a few tips to help you get through this holiday season.
· Make a list of all the people to plan to buy a gift for. Next to each name make a note of what you plan to buy that person and how much you want to spend. This will help you keep track of what items need to be bought and the amount you will be spending.
· Once you have your list made, start watching for sales. Look at different stores and compare prices on different items. If shopping online, purchase multiple items from one online store to cut down on shipping costs.
· Review your receipts from last years purchases. This will give you an idea of how much you spent last year, so you can better calculate your spending for this year.
· Save your receipts from your purchases made for this holiday season and add them up to see if your spending is on track. By totaling your receipts weekly, it will help you keep a better grasp on the amount you have spent.
· And finally, start saving for next year. It’s never to early to get ahead on your holiday budget.
It is important to take certain precautions when shopping during the holiday season to avoid being a victim or identity theft or fraud.
· Look at your bank and credit card statements every month to make sure each transaction was authorized by you. If not, contact your bank or credit card company immediately.
· If shopping online, use a secure site, which is indicated with a lock symbol or https in the url address.
· Only give out your checking or credit card information if you initiated the transaction. Do not respond to e-mails or phone calls asking for your billing information.
· Shred information that has your name, account number, or other personal information to avoid identity theft. It is also important to get a free copy of your credit report to check for fraudulent activity and that accounts are being reported with the correct status.
Stop Identity Theft
With identity theft on the rise, here are three important things to remember:
1. Never provide personal information to someone if you did not initiate the contact, including over the internet and telephone. If someone does call you requesting personal information, do not feel pressured to give them the information even if they claim dire consequences. Get the name of the company and verify their phone number, the key is that YOU should be the one to initiate the contact.
2. Never click on a link in an e-mail from an unknown source, it could contain a virus or steal your personal information. Type in the company’s website or use a previous bookmark instead if you are unsure of the legitimacy.
3. Report lost or stolen checks immediately so your bank can put a watch on your account and block payment on the checks. Guard your ATM PIN number and ATM receipts and shred any bank statements before throwing them away.
4. Watch your mail for any suspicious activity. If you do not receive a bill contact the company and place all outgoing mail in a secure collection box.
5. Act immediately if you fall victim to identity theft. Contact your financial institution, place fraud alerts on your credit files. Report any suspicious e-mails or calls to the Federal Trade Commission at http://www.ftc.gov/bcp/edu/microsites/idtheft/, or call 1-877-IDTHEFT
Return to the top
Information provided by the American Bankers Association, 2007 Financial Education Corporation and 2009 American Bankers Association.