Holiday Cybersecurity Tips
11/21/2024
The holidays can be a hectic time of year – buying gifts online, making travel arrangements and wanting to give back to charitable organizations.
It is also a busy time for cybercriminals who are trying to take advantage of you. But you can fight back against thieves and better protect your personal information.
- Safety Tips for Online Shopping – Many Americans plan to shop online during the holiday season; however, cybercriminals often attack during these times. When shopping online there are several tips that will help to avoid falling victim to an online scam.
-
- Keep a clean machine. Before picking out that perfect gift, be sure that all internet-connected devices ‒ including PCs, smartphones and tablets ‒ are free from malware and infections by running only the most current versions of software, web browsers and other apps.
- Use secure Wi-Fi. Using free public Wi-Fi to shop online while at your favorite coffee shop is tremendously convenient, but it is not cyber safe. Don’t make purchases while connected to public Wi-Fi; instead use a virtual private network (VPN) or your phone as a hotspot.
- Lock down your login. Create long and unique passphrases for all accounts and use multi-factor authentication wherever possible. Multi-factor authentication will fortify your online accounts by enabling the strongest authentication tools available, such as biometrics or a unique one-timecode sent to your phone or mobile device.
- Resist the urge. Be wary of offers too good to be true – no matter how tempting they might be. Buy only from trusted and established online retailers and avoid websites of retailers you have never heard of.
- Think before you click. Pay attention to emails you receive. Do not open emails from unknown senders or click on links in suspicious messages.
- Shop securely. Not only should you make sure your internet connection is secure. Check to make sure you are shopping on a site that uses SSL protection. The easiest way to tell is to check your browser’s address bar. Look for https is the URL. Sites without the s are not safe to submit payment information or other personal details.
- Pay wisely. Use a credit card or pre-paid debit card instead of a debit card linked to your bank account. Or, use a reliable, established third-party payment service, such as Google Pay, Apple Pay or PayPal.
- Monitor your accounts. Check your online financial accounts regularly for suspicious spending. Also, take advantage of text and email alerting services that many banks and credit card companies now offer.
- Safety Tips for Giving Online – Online thieves know the holidays spark the desire to give back, making charity donations a hot target.
-
- Do your research first. Never feel pressured to give on the spot. Visit the website of the Internal Revenue Service’s website to learn more about what types of organizations can get tax-deductible donations.
- Ignore unsolicited requests. Be wary of emails and phone calls asking for donations, especially from organizations unfamiliar to you. If you want to donate, visit their websites directly or call to donate.
- Think before you pay.Never wire money or send cash. When writing a check, make it payable to the organization or pay via credit card. If you donate online, make sure the website is secure by looking for the s in https at the beginning of the URL.
- Doublecheck the website.Check website URLs carefully since cybercriminals often create websites and names that are very similar to legitimate, reputable organizations. Check the spelling of the organization’s name and the URL very closely for discrepancies.
- Safety Tips While Traveling – No one is exempt from the threat of cybercrime, at home or on the go, but you can follow these simple tips to stay safe online when traveling during the holidays.
-
- Avoid free Wi-Fi.Although connecting to free public Wi-Fi sounds great, it is often unsecure and can expose your devices and personal information to hackers. Instead, use a VPN or your mobile phone as a hotspot when going online.
- Confirm your network. If you do connect to public Wi-Fi, be sure to confirm the name the name of the network and exact login procedures with appropriate staff to ensure that the network is legitimate.
- Disable auto-connect on your devices. If your mobile phone or table automatically connect to wireless networks or Bluetooth devices, disable those features and connect manually only when you want to.
- Secure your devices.Keep track of your laptop, smartphone, tablet and even accessories such as USB drives – especially while on the go, and do not leave your devices unattended in public places.
- Avoid shared computers. If using computers at hotel business centers and other places that offer shared systems, avoid making purchases or logging into email. You do not know if the systems are up to date with the latest security software or if the machines are safe.
Cybersecurity Awareness Month
#BanksNeverAskThat
10/1/2024
Phishing scams are taking a toll on consumers, including bank customers.
- Every day, thousands of people fall for fraudulent emails, texts, and calls from scammers pretending to be a bank. These are commonly referred to as phishing scams. The communication is designed to trick you into providing confidential information (like account numbers, passwords, or PINs) either online or over the phone to someone imitating a bank employee.
- Victims of phishing scams can lose hundreds, even thousands of dollars. The FTC estimates that consumers lost $10 billion to phishing schemes and other fraud in 2023, a 13.6% increase compared to 2022.
- Scammers are taking advantage of the expanded use of digital banking platforms and tricking consumers into giving up their personal and financial information.
Education is the key to preventing these types of scams.
- Educating our customers is one of the most effective ways to prevent them from falling victim to these scams.
- We are joining more than 2,000 banks who have participated in this campaign since its inception to raise awareness about phishing scams and to help customers think twice before clicking a link or giving up personal information by email, text or over the phone.
To spot phishing scams, just remember “Banks Never Ask That.”
- If you receive an email, text, or phone call asking for confidential information, it’s a definite red flag. It’s better to be safe than sorry. End the call, delete the text, and trash the email, because banks never ask that!
- You may be asked to verify confidential information if you call your bank, but never the other way around. If you receive an incoming call from someone claiming to be your bank, the safest thing you can do is hang up and call your bank’s customer service number on the back of your debit or credit card.
- (SEE ADDITIONAL CONSUMER TIPS BELOW.)
The #BanksNeverAskThat campaign seeks to turn the table on fraudsters by empowering consumers to spot bogus bank phishing scams.
- The campaign poses questions like, “Boxers or Briefs?” and “Do you believe in Aliens?” to grab the consumer’s attention, then reminds them that #BanksNeverAskThat and they never ask for your account information, PIN or password.
- Consumers can visit BanksNeverAskThat.com for an interactive game, a quiz and tips to help them learn more about these scams. There are also social media posts that they can share with their family and friends to help spread the word.
- To reach a broader audience, the campaign now offers a Spanish language website and other consumer resources.
ADDITIONAL CONSUMER TIPS
If you receive a suspicious email or text:
- Do not download any attachments in the message. Attachments may contain malware such as viruses, worms or spyware.
- Do not click links that appear in the message. Links in phishing messages direct you to fraudulent websites.
- Do not reply to the sender. Ignore any requests from the sender and do not call any phone numbers provided in the message.
- Report it. Help fight scammers by reporting them. Forward suspected phishing emails to the Anti-Phishing Working Group at reportphishing@apwg.org. If you got a phishing text message, forward it to SPAM (7726). Then, report the phishing attack to the FTC at ftc.gov/complaint.
If you receive a suspicious phone call:
- If you receive a phone call that seems to be a phishing attempt, hang up or end the call. Be aware that area codes can be misleading. If your Caller ID displays a local area code, this does not guarantee that the caller is local.
- Do not respond to the caller’s requests. Financial institutions and legitimate companies will never call you to request your personal information. Never give personal information to the incoming caller.
If you feel you’ve been the victim of a scam and may have provided personal or important financial information, contact your bank immediately at their publicly listed customer service number. Often, this is found on the back of your bank card. Be sure to include any relevant details, such as whether the suspicious caller attempted to impersonate your bank and whether any personal or financial information was provided to the suspicious caller.
National Public Data
8/14/2024
In light of the recent news of personally identifiable information being stolen from the background check company National Public Data, here are some useful names, numbers and tips to help you if you have unfortunately been compromised.
The Three Credit Bureaus
- Equifax:
- Online: Visit the Equifax Credit Freeze page.
- By Phone: Call Equifax at 1-800-685-1111.
- By Mail: Send a request to Equifax, P.O. Box 105788, Atlanta, GA 30348. Include your name, address, Social Security number and copies of documentation proving your identity (like a driver’s license, utility bill, or bank statement).
- Experian:
- Online: Visit the Experian Credit Freeze page.
- By Phone: Call Experian at 1-888-397-3742.
- By Mail: Send a request to Experian Security Freeze, P.O. Box 9554, Allen, TX 75013. Include your name, address, Social Security number and proof of identity.
- TransUnion:
- Online: Visit the TransUnion Credit Freeze page.
- By Phone: Call TransUnion at 1-888-909-8872.
- By Mail: Send a request to TransUnion, P.O. Box 160, Woodlyn, PA 19094. Include your name, address, Social Security number and proof of identity.
- Personal Information: Full name, address, date of birth, Social Security number and possibly other personal details.
- Identification: You might need to provide a copy of your driver’s license, passport, utility bills or other documentation to verify your identity.
What should I do if my information was stolen?
If you are concerned that your data and personal information were compromised, there are some steps you can follow to prevent fraud and identity theft.
- Store documents that have your personal information, including financial documents, Social Security, Medicare, and credit cards, in a safe place at home and work.
- Limit what you carry. Leave your Social Security card and Medicare card at home unless you will need them for a specific reason.
- Do not share your personal, financial or health plan information over the phone, through the mail or over the internet unless you have a trusted relationship with the requestor and you initiated the contact.
- Inspect your credit card receipts. It should not show your full account number. If your receipt shows more than the last four digits, report it to the Office of the Attorney General.
- Use only one credit card for your online purchases. Do not use a debit card.
- Shred receipts; credit offers; loan and credit applications; insurance forms; bank statements; and similar documents when you no longer need them. A “cross cut” shredder is best for this.
- Before you sell, give away or dispose of a laptop, computer or mobile device, get rid of all the personal information you have stored on it.
Bravo Star Falls Victim to Imposter Scam
6/14/2024
Bravo Television personality Andy Cohen recently appeared on the Today Show, revealing that he had fallen victim to an imposter scam. He had lost his debit card and, the next day, received an email that appeared to be from his bank’s fraud alert department. It was not.
Scams come through many different channels — including text, voice calls, and emails. In an imposter scam, the victim receives a fake fraud prevention alert via text, pretending to originate from a bank or credit union. It often includes information about a suspected fraudulent purchase from a major retailer. It might provide a fake number to call or link to click in the initial message, or you might be asked to reply “yes” or “no” to verify that you made the listed transaction.
If you reply, the scammer will call you pretending to be from your financial institution’s fraud department — they can even spoof the phone number, so it appears it is coming from your trusted institution. IF YOU ARE CONTACTED, DO NOT REPLY. JUST HANG UP OR IGNORE IT AND CALL YOUR INSTITUTION’S LEGITIMATE, PUBLISHED NUMBER TO VERIFY.
There are many different imposter scams, including:
- Super low-priced offers for streaming services such as Netflix
- Phony job offers
- Alerts about package deliveries (UPS, USPS, FEDEX)
- Fake Amazon security alerts
Many people admitted to providing their Social Security numbers and other personal information to the scammers.
In Cohen’s case, they were after his bank account. He clicked a link in the fraudulent email, which took him to what appeared to be his bank’s sign-in page. He entered his information, unknowingly giving the scammers access to his account. He eventually discovered the alerts were not legitimate, but the damage had been done.
“When money is wired out of your account, it’s gone,” Cohen said. “This is an active case with the NYPD Cyber Security Unit. It’s very easy to fall prey to.”
The scheme was quite elaborate, and you can read all about it (or watch the video) and get Cohen’s tips for avoiding the same misfortune at the Today Show website.
Remember: The First Bank and Trust Company of Murphysboro will never contact you by email, text or phone to ask you for personal account information — that includes your card number, PIN, account number, online banking password. Never reveal this information to someone who contacts you. Never click on links or respond to unexpected texts.
Better safe than sorry — if you are not sure a message is legit, call us at 618-687-1711 or via email at customerservice@fb-t.com (please do not put any personally identifiable or sensitive information in email.) Do not use the information in the text message. For more helpful information on fraud and scams, or to report fraud, visit ftc.gov. Texting is cheap and easy, and scammers are counting on the ding of an incoming text being hard to ignore.
How to Avoid Identity Theft Online: 4 Internet Safety Tips
A little bit of vigilance goes a long way when it comes to protecting your identity online. Adding an extra layer of security can be as simple as keeping an eye on your accounts, looking out for suspicious activity, and shredding sensitive documents. Some data breaches are out of our control, like when retailers or other companies get hacked. We must trust certain entities to handle personal data, but we encourage people to do all they can to protect their private information.
Complete privacy is difficult in the digital age, so users must be cautious and wary. Take these precautions to make sure identity thieves do not steal your personal information.
Monitor Your Credit Reports
Keeping an eye on your credit is an important way to make sure no one is trying to mess with your personal financial information. If you want to see who is making inquiries about you credit, you can request a free credit report from any of the three national credit reporting companies:
We recommend reviewing your credit reports occasionally to make sure there is no suspicious activity, and everything appears as expected.
If you want an extra layer of protection, a credit freeze is an effective line of defense against fraud and identity theft. As of September 2018, there is no cost, so learn how to freeze your credit for free.
Be On the Lookout For Unusual Statements Or Bills
Pay attention to statements, receipts, and bills. If you are signed up for electronic bills or statements, it is easy for them to get lost in your email inbox. Regularly looking at statements will help you notice if there is suspicious activity happening in any of your accounts. If you become a target for fraud, you will want to catch it as soon as possible and contact your bank for help.
Shred Documents Containing Financial Or Personal Information
Do not throw sensitive documents in the trash! Use a paper shredder or shredding service to dispose of anything with your full name, phone number, address, social security number, bank account information or other private personal details. Check out this helpful shredding guide, and consider shredding documents such as:
- ATM Receipts
- Bank and Credit Card Statements
- Paid Bills and Invoices
- Pay Stubs
- Credit Offers
Use Caution While Traveling
You are more vulnerable to certain types of fraud and identity theft while traveling. If you want to protect your identity online while traveling, take extra precautions. Let your bank know where you’re going and how long you’ll be gone and ask the post office to hold your mail. If any bills are due while you are gone, see if you can plan payments before you leave.
While you are on your trip, observe extra safety measures to protect your personal items and information.
- If you need to pay a bill online while you’re away, make sure you’re connected to a secure Wi-Fi network.
- Ask your hotel if your room has a safe and use the safe to protect valuables and extra cash when you’re not in your room.
- Exercise caution when using your debit card to pay local vendors and retailers; when in doubt, pay with cash.
- Carry copies of important travel documents, and make sure to store them separately from the original versions. It is also a good idea to have a digital copy of your passport stored online, just in case.