Your online security has always been a top priority.
That’s why Enhanced Login Security is so important. This security service is available at a small fee, easy, and most importantly, gives you extra protection from fraud
and identity theft.
Enhanced Login Security significantly increases your level of protection online. Not only will your password and user id be recognized, but your computer will be recognized as well. If we don’t recognize your computer – you’ve logged in from a public computer or one you haven’t used before - you will be prompted to provide information that only you will know. This step acts as an additional line of defense against unauthorized access to your account
Identity Fraud May Be Down
But Your Guard Needs to Stay Up!
Fraud comes in many shapes and sizes and unfortunately, it will never go away. Nor will
the money and time spent fixing it. That’s why it’s vital to ramp up your security arsenal.
Take the keys to consumer control: Prevention and Detection
Prevention stops identity theft at the source and protects your private data before it is compromised by fraudsters. Taking advantage of online bill pay and even good old fashioned paper-shredding contributes to your own online safety.
Early Detection is equally important. Successful detection includes records consolidation and the regular review of your financial accounts for unusual activity. Banking online gives you quick access to your accounts, so that you can detect fraudulent activity sooner.
Fraud Tactics
Different fraud tactics all share the same goal: to obtain your personal, confidential and financial information for fraudulent use.
From obtaining your information ‘the old fashioned way’ via discarded mail, to emails that ask you to verify personal information under the guise of a trusted source ― like your financial institution ― fraudulent activity comes in many different forms.
Fraud tactics include:
Dumpster Diving: Thieves rummage through trash looking for bills or other paper that includes your personal information.
Malware: Also known as ‘malicious software’, malware is designed to harm, attack or take unauthorized control over a computer system. Malware includes viruses, worms and Trojans. It’s important to know that Malware can include a combination of all three of the types noted.
Phishing: A scam that involves the use of replicas of existing Web pages to try to deceive you into entering personal, financial or password data. Often suspects use urgency or scare tactics, such as threats to close accounts.
Vishing: Vishing is a type of phishing attack where the attacker uses a local phone number in the fake email as a means of obtaining your sensitive information. The goal is to fool you into believing the email is legitimate by instructing you that responding to the request by phone is safer than responding by email and shows authenticity. The unsuspecting caller is then tricked through an automated phone system to relinquish their sensitive information.
Pharming: Pharming takes place when you type in a valid Web address and you are illegally redirected to a Web site that is not legitimate. These ‘fake’ Web sites ask for personal information such as credit card numbers, bank account information, Social Security numbers and other sensitive information.
Trojan: A Trojan is malicious code that is disguised or hidden within another program that appears to be safe (as in the myth of the Trojan horse). When the program is executed, the Trojan allows attackers to gain unauthorized access to the computer in order to steal information and cause harm. Trojans commonly spread through email attachments and Internet downloads. A common Trojan component is a “keystroke logger” which captures a user’s keystrokes in an attempt to capture the user’s credentials. It will then send those credentials to the attacker.
Spoofing: Spoofing is when an attacker masquerades as someone else by providing false data. Phishing has become the most common form of Web page spoofing. Another form of spoofing is URL spoofing. This happens when an attacker exploits bugs in your Web browser in order to display incorrect URLs in your browser location bar. Another form of spoofing is called “man-in-the-middle”. This occurs when an attacker compromises the communication between you and another party on the Internet. Many firewalls can be updated or configured to significantly prevent this type of attack.
Spyware: Loaded on to your computer unbeknownst to you, spyware is a type of program that watches what users do and forwards information to someone else. It is most often installed when you download free software on the Internet. Unfortunately hackers discovered this to be an effective means of sending sensitive information over the Internet. Moreover, they discovered that many free applications that use spyware for marketing purposes could be found on your machine, and attackers often use this existing spyware for their malicious means.
Pop-Ups: A form of Web advertising that appears as a “pop-up” on a computer screen, pop-ups are intended to increase Web traffic or capture email addresses. However, sometimes pop-up ads are designed with malicious intent like when they appear as a request for personal information from a financial institution, for example.
Virus: A computer virus is a malicious program that attaches itself to and infects other software applications and files without the user’s knowledge, disrupting computer operations. Viruses can carry what is known as a “payload,” executable scripts designed to damage, delete or steal information from a computer.
A virus is a self-replicating program, meaning it copies itself. Typically, a virus only infects a computer and begins replicating when the user executes the program or opens an “infected” file.
Viruses spread from computer to computer only when users unknowingly share “infected” files. For example, viruses are commonly spread when users send emails with infected documents attached.
RetroVirus: This virus specifically targets your computer defenses. It will look for vulnerabilities within your computer operating system or any third party security software. Most security vendors have some form of tamper-proof measure in place, so it is important to keep your patches up-to-date. Retro Viruses are usually combined with another form of attack.
Worm: A worm is similar to a virus but with an added, dangerous element. Like a virus, a worm can make copies of itself; however, a worm does not need to attach itself to other programs and it does not require a person to send it along to other computers.
Worms are powerful malware programs because they cannot only copy themselves, they can also execute and spread themselves rapidly across a network without any help.
Report Fraud
If you know, or even think, you’ve been a victim of identity fraud, take
immediate action and follow these five steps.
More specifics can be found on the FTC’s Identity Theft Site, located here:
http://www.ftc.gov/bcp/edu/microsites/idtheft/consumers/defend.html
Report the fraudulent activity. If the activity is related to our financial
institution please contact us directly. If it is related to another financial
institution, your credit card company, or any other organization
contact them directly.
Contact one of the three consumer reporting companies and have a fraud alert placed on your credit report. This will help stop fraudsters from opening any additional accounts in your name. Contact only one of the following (the others are required to contact the other two):
Equifax: 1-800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
Experian: 1-888-EXPERIAN (397-3742); www.experian.com; P.O. Box 9532, Allen, TX 75013
TransUnion: 1-800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790
Close any accounts that you know - or even think – might have been tampered with or opened fraudulently. Report the transgression to a security spokesperson at the relevant company. Ask them about any additional steps – they’ll probably ask you to send relevant copies of the fraudulent activity.
You can also use the FTC Theft Affadavit ID Theft Affidavit (PDF, 56KB) as formal certification of your dispute.
File your complaint with the FTC. Use the online complaint form; or call the FTC’s Identity Theft Hotline, toll-free: 1-877-ID-THEFT (438-4338); TTY: 1-866-653-4261; or write Identity Theft Clearinghouse, Federal Trade Commission, 600 Pennsylvania Avenue, NW, Washington, DC 20580.
Sharing your identity theft complaint with the FTC will help law enforcement officials track down identity thieves and stop them.
Call or visit the local police or police in the community where the identity theft took place and file a report. Have a copy of your FTC ID Theft complaint form available to give them. Obtain a copy of the police report and the police report number.
Fraud Prevention
To safeguard your email,
Never open or respond to SPAM (unsolicited bulk email messages).
Delete all spam without opening it. Responding to spam only confirms your email address to the spammer, which can actually intensify the problem.
Never click on links within an email.
It’s safer to retype the Web address than to click on it from within the body of the email.
Don’t open attachments from strangers.
If you do not know the sender or are not expecting the attachment,
delete it.
Safeguard your email
Email is often a vehicle used to transmit malware and commit fraud. It is important
to evaluate your email behaviors and develop good habits to help protect
your computer and your identity.
In addition to viruses and worms that can be transmitted via email, phishing also threatens email users. A type of email fraud, phishing occurs when a perpetrator, posing as a legitimate, trustworthy business, attempts to acquire sensitive information like passwords or financial information.
Don’t open attachments with odd filename extensions.
Most computer files use filename extensions such as “.doc” for documents or “.jpg” for images. If a file has a double extension, like “heythere.doc.pif,” it is highly likely that this is a dangerous file and should never be opened. In addition, do not open email attachments that have file endings of .exe, .pif, or .vbs. These are filename extensions for executable files and could be dangerous if opened.
Never give out your email address or other sensitive or personal information to unknown web sites. If you don’t know the reputation of a Web site, don’t assume you can trust it. Many Web sites sell email addresses or may be careless with your personal information. Be wary of providing any information that can be used by others for fraudulent purposes.
Never provide sensitive information in email.
Forged email purporting to be from your financial institution or favorite online store is a popular trick used by criminals to extract personal information for fraud.
Don’t believe the hype.
Many fraudulent emails send out urgent messages that claim your account will be closed if sensitive information isn’t immediately provided, or that important security needs to be updated online. Your financial institution will never use this method to alert you of an account problem.
Be aware of poor design, and/or bad grammar and spelling.
A tell-tale sign of a fraudulent email or Web site includes typos and grammar errors as well as unprofessional design layout and quality. Delete them immediately.
Backup your sensitive data records.
Consider backing up all sensitive files. This will not only help you restore damaged or corrupted data, but it will help protect against fraud attacks and help recover lost files if needed.