Online Banking Security

Some of the e-threats types:

Phishing - You get an email that appears to be from your bank or an online service, most often PayPal or eBay, instructing you to click on a link and provide information to verify your account.

Pharming or spoofing - Hackers redirect a legitimate web site's traffic to an impostor site, where you'll be asked to provide confidential information.

Smishing - This is phishing done with text messaging on your smart phone. It instructs you to visit a bogus web site.

Spyware - You've unknowingly downloaded illicit software when you've opened an attachment, clicked on a pop-up or downloaded a song or a game. Criminals can use spyware to record your keystrokes and obtain credit card numbers, bank-account information and passwords when you make purchases or conduct other business online. They also can access confidential information on your hard drive.

You don't need to have a computer to become a victim.

Telemarketing Fraud - Phone calls that offer items where you must act now, you have just won a prize, or any offer that is too good to be true. Never give out account or personal information over the phone without you calling the company first, or verifying the phone number is the actual phone number for the company by looking in the phone book.

Nigerian Letter Scams - Letters seeking your help in claiming money for people whom are no longer living and have no living relatives. All you need to do is to claim to be a relative and claim the money. In return you will need to wire money for taxes or as a percentage of the money. Any time you receive a letter or check asking you to Western Union or MoneyGram (wire) funds it is usually a fraud. They should be able to take their payment out of the funds without you sending any back. For more information on the Nigerian letters and telemarketing fraud please go to FBI Fraud Alerts.

Vishing -- voice phishing - You get an automated phone message asking you to call your bank or credit card company. Even your caller ID is fooled. You call the number and are asked to punch in your account number, PIN or other personal information.

Bank-card "skimming" - Crooks use a combination of a fake ATM slot and cameras to record your account information and PIN when you use a cash machine. Your credit or debit card also can be skimmed by a dishonest store or restaurant worker armed with a portable card reader.

Crooks will steal your wallet or go through your mail or trash.

Tips to protect yourself

You can take steps to protect yourself from identity fraud:

1. Keep your confidential information private. We won't call or email to ask for your account information. We already have it.

2. Keep an inventory of everything in your wallet and your PDA, including account numbers. Don't keep your Social Security card or any card with your Social Security number, such as an insurance card, in your wallet.

3. Monitor your bank and credit card transactions for unauthorized use. Crooks with your account numbers usually start small to see if you'll notice. Don't assume that odd $40 electronic transfer or check is a payment you just forgot about; it could be a scammer probing to see if the fraud will go unnoticed. With bill payment systems, review your payment history as well as your payee list to make sure there aren't any unauthorized transactions. The sooner you report the theft the better; after 60 days, the bank may be under no legal obligation to provide a refund.

4. Use a credit card for online purchases. Technically, debit cards with the Visa or MasterCard logo offer you the same no-liability coverage for fraud that credit cards give you, but you have to wait a few days for the bank to restore the money to your account. Better to have a middleman like a credit card company between a thief and your checking account.

5. If you conduct business online, use your own computer. A public computer is less secure, as is wireless Internet.

6. Look for suspicious devices and don't let anyone stand nearby when you use an ATM. Take your card and receipt with you. Keep your PIN in your head, not in your wallet.

7. Don't store credit card numbers and other financial information on your cell phone.

8. Protect your computer from vulnerability:

   • Keep system and browser software up to date and set to the highest security level you can tolerate. Install anti-virus, anti-spyware and firewall protection, and keep them up to date as well. When possible use hardware firewalls, often available through your broadband connection router.

   • If you use wireless internet access, make sure that you get help from someone who understands wireless security when you set up your access point or router.

   • Back up your data and store it way from your computer.

   • Beef up your security. If you use Internet Explorer, Microsoft recommends cranking the security setting on your Internet browser up to "high" (you'll find it under the Tools menu; click on Internet Options and look for the security tab, then select Internet Zone). This may keep some Web sites from working properly, but you can make exceptions for trusted sites.

9. Don't open emails from strangers. Malware can be hidden in embedded attachments and graphics files.

10. Don't open attachments unless you know who sent them and what they contain. Never open executable attachments. Configure Windows so that the file extensions of known file types are not hidden.

11. Don't click on pop-ups. Configure Windows or your web browser to block them.

12. Don't provide your credit card number online unless you are making a purchase from a web site you trust. Reputable sites will always direct you to a secure page with an URL starting with https:// whenever you actually make purchases or are asked to provide confidential information.

13. Use strong passwords: at least six characters, including at least one special character and one number, and no reference to your name or other personal information. Use a different password for every site that requires one, and change passwords regularly. If you're asked to create a security question and answer, don't use one that's relatively easy to discover, such as your mother's maiden name.

14. Never send an account number, user name, password or other confidential information via email.

15. Consider turning off your computer when you're not using it or at least putting it in standby mode.

16. Don't keep passwords, tax returns or other financial information on your hard drive.

17. Don’t use gel pens to write checks. These inks can't be easily dissolved.

18. Get a locking mailbox. Make theft of your checks more difficult by locking up your mail and delivering any outgoing checks directly to the post office (In other words, don't let them sit in your mailbox).

Steps to clean up the mess

1. If you suspect your identity may be compromised, place a fraud alert with the three credit bureaus. When you place an alert, you are entitled to a free copy of your credit report from the credit bureaus. Go to one of the two following websites to obtain your free copy Free Credit Report.com or Annual Credit Report.com. After that, take advantage of the free annual reports the bureaus are required to give all consumers. Stagger your requests so that you get a report every four months.
2. If you've been phished, contact the bank or company named in the fraudulent email. You also may want to notify the Internet Crime Complaint Center and forward the email to spam@uce.gov.
3. If you are the victim of identity theft, take the following steps:

   • Make an identity-theft report to the police and get a copy. File a complaint with the Federal Trade Commission. Also, contact the office of your state's attorney general; you may be able to file a report there.

   • Close accounts that have been tampered with. Contact each company by phone and again by certified letter. Make sure the company notifies you in writing that the disputed charges have been erased. Document each conversation and keep all records.

   • Place a seven-year fraud alert or a "freeze" on your credit reports.

   • Begin the process of having the fraudulent information removed from your credit reports.

   • Find victim support at the Identity Theft Resource Center.

Scams on the Rise

Security State Bank would like all of our customers to be aware of some of the COVID-19 related scams. Phishing emails, suspicious phone calls, and even fraudulent check incidents have rapidly increased during the COVID-19 pandemic. Each different circumstance is used to try to steal personal data, such as login credentials or card information. Then the data is used to process fraudulent card transactions or ATM withdraws.

A Phishing event is a fraudulent attempt to obtain sensitive information possibly through an email, instant message, or text message. Tips on how to avoid getting phished:

Tips on how to avoid getting phished:

• Be skeptical of all unsolicited emails
• Never click on links or download attachments from strangers
• Verify the sender’s email address before clicking or responding
• Remember that offers too good to be true are usually scams
• Government agencies will NEVER correspond through email or text message.

Concerns with the “Economic Impact Payments”:

• IRS has stated the official term for the payments is called “Economic Impact Payments”
• If you receive any correspondence using the phrases “stimulus check” or “stimulus payment” may be fraud.
• There is no exact timeline for eligible customers to receive the economic impact payment
• Anyone who promises early or fast payment in exchange for personal information is most likely a scammer.

When receiving a call from Security State Bank, we will never ask you for:

• Your full social security number
• CVV (3 numbers on the back of the debit card)
• PIN numbers to debit cards
• Any password
• Online Banking credential

However, when our customers are calling Security State Bank we will verify the customer’s information for security purposes.