Protecting Your Financial Well-Being
At First Resource Bank, we care about your financial security and well-being. We provide information and advice to help you make smart financial decisions. We also offer resources and information that can help you protect yourself from financial scams.
At First Resource Bank, we are also committed to providing you with helpful information and resources so that you may better protect yourself when on line. One of the best ways to stay safe is to educate yourself about online fraud, and to learn tips to avoid falling prey to fraudsters. Below you will find information on important topics in internet usage and identity protection.
Identity theft, or identity fraud, is committed when someone uses your personal information without your permission to obtain credit, make purchases, withdraw monies, or open accounts in your name. These actions can damage your credit and your reputation, and can take much time and effort to unravel. Below you will find some common online scams used to commit identity theft, and some of the ways you can avoid becoming a victim.
Common Online Scams
Phishing involves unsolicited emails, or “spam,” that appear to come from legitimate sources – reputable companies you do business with, or government agencies. In these emails, some pretext is used to bait you into providing personal information for verification purposes: your account number, social security number, password or other private information used by a financial institution to identify you. This information is then captured by the fraudster to commit identity fraud.
Beware of emails that:
- Urge you to act quickly to avoid termination or suspension of your account.
- Ask for confidential, personal information, which may be used to identify you or perform a transaction on your accounts.
- Contain misspelled words, grammatical errors, or unknown attachments.
- Emails that ask you to respond by clicking on a link embedded in the email.
- Web-pages with changes to the logon screen, or some distortion in the company logo.
- Unrequested changes to your browser (e.g. showing a different toolbar or home page).
Pharming or Spoofing
This scam is related to phishing, in that unsolicited emails will urge you to take immediate action by clicking on a link embedded in the email. This link will re-direct you to a fake website that looks very much like the legitimate company’s website, using their logos and graphics, in order to entice you to provide personal identifying information, such as PINs or account numbers. Sometimes the fake, or “spoofed,” web page may be a pop-up window or image overlaying the actual site. These fake sites are used to fool you into providing personal information, which is then used to steal your identity.
Spyware, or Malware
This scam involves the use of spying software, or malicious software, which captures any information you type into your computer (including user IDs, passwords, credit card numbers used in on-line purchases, etc.) and forwards that information to a fraudster. These programs attack your computer through email attachments and downloads, some piggybacking along downloads from legitimate sources.
Unexpected slowness in your computer, although there may be no signs at all.
Fake Check Scams
If someone you don’t know wants to send you a check, but expects you to wire some of the money back, you likely have been targeted in a fake check scam. The scam may take one of many different forms, but all operate the same way:
- A stranger overpays for goods listed for sale on-line.
- A prospective tenant is interested in leasing an apartment, and sends a check for much more than the requested security deposit.
- A “work at home” offer requires the worker to send payment back to the “employer.”
- An initial installment on winnings of a foreign lottery or sweepstakes is paid to a surprised “winner,” but the winner must pay customs or taxes on the winnings before the entire prize can be released.
- In each of these scams, the target or victim is given a check to deposit, but then urged to quickly wire back the amount overpaid, or the funds cleared in a work at home scheme, or an amount needed to release the remaining “winnings” in a foreign lottery or sweepstakes. The victim wires out the money as instructed, only to learn later that the check he or she received is fake. It may take weeks, even months, for a counterfeit to be identified; but by then the wire is gone and the victim loses as much as thousands of dollars.
These checks look real, even to bank tellers. Many of them appear to be cashier’s checks drawn on real banks, or U.S. Postal money orders. Fraudsters know that, by law, banks must make funds available long before the checks deposited are identified as fake. A consumer may deposit these checks, but just because he or she then can withdraw the funds, it doesn’t mean the check is good. The depositor is ultimately responsible for all checks deposited, and in these schemes, the depositor bears the loss.
If someone sends you a check to deposit in exchange for a return of funds via wire, you may be targeted in a fake check scam. If so, or if you’ve been a victim of a fake check, report it to one of our Bank representative immediately, and your local law enforcement agency.
Tips for Safe Computing and Preventing Identity Theft
- Keep your operating systems and internet browsers current, by downloading the most recent system software fixes for security issues. You can visit the official website for your internet browser in most cases to obtain free updates.
- Install and regularly update anti-virus, firewall and anti-spyware software, such as McAfee VirusScan and Spybot Search and Destroy. Select security settings, including the disabling of pop-ups, as appropriate.
- Do not open emails, attachments or images from unknown senders; do not download software or use links embedded in emails from sources you don’t trust. Any of these may be fraudulent, and may infect your computer with spyware.
- Do not choose the option to have passwords “remembered” by your browser; spyware can find and send this data to fraudsters.
- Never reply to requests for personal information via email. Any email or unsolicited phone call requesting personal information from a legitimate company should be considered suspect; rather, initiate contact with the company directly using a phone number or web address you know to be genuine. Remember that confidential, identifying information should never be sent in email, even to a genuine address, as email is not a secure communication.
- For websites your regularly visit, type the web address into your browser. Once you’ve confirmed the address is correct and the site is legitimate (no odd graphics, distorted logos, slightly modified web-address, etc.), then bookmark the site, and only access the site through the saved bookmark.
- Look for the padlock icon on the browser’s status bar (lower right) and a web address including https:// to indicate a secure connection before sending any financial information through a website.
- Review all account statements regularly and promptly to ensure all transactions are authorized and correct. If your statement is late, call your financial institution to find out why. If your bills or statements include questionable items, contact the issuer immediately to investigate. Use online account access (like Online Banking) to review activity between statements for legitimacy.
- Report lost or stolen checks, ATM/debit cards and credit cards immediately. Do not keep written copies of PINs for cards or online banking, and safeguard ATM receipts. Shred any financial solicitations (e.g. direct mail credit card applications) and bank, investment and credit card statements before disposing of them. Obtain your free annual credit report from the major credit reporting agencies, and periodically review your file to ensure the information they report is correct. Ask the agencies to place a fraud alert on your credit file if you feel you have been, or may reasonably be, at risk for identity theft. To obtain your annual free report, visit www.annualcreditreport.com, or call 1.877.322.8228. Contact the three reporting agencies via:
- Report any suspicious email or other activity to the Federal Trade Commission. Send the actual spam email to firstname.lastname@example.org. Learn more by visiting the FTC’s identity theft website at www.ftc.gov/idtheft or call 1.877.FTC.HELP (1.877.382.4357).