Consumer Awareness Program
Security Tips | Definitions | Protection
What is a Phishing Attack?
Phishing is an email fraud method in which the perpetrator sends out legitimate-looking emails in an attempt to gather personal and financial information from recipients. Typically, the messages appear to come from well-known and trustworthy websites like popular social sites, auction sites, banks, online payment processors or IT administrators. Phishing emails may contain links to websites that are infected with malware or viruses.
How to Avoid Phishing Scams
- Be suspicious of any email message that asks you to enter personal information through a website or by replying to the message itself. Never reply to or click the links in a message. If you think the message may be legitimate, go directly to the company's website (i.e., type the real URL into your browser) or contact the company to see if you really do need to take the action described in the email message.
- Do not click on links, download files or open attachments in emails from unknown senders. It is best to open attachments only when you are expecting them and know what they contain, even if you know the sender.
- Never email personal or financial information, even if you are close with the recipient. You never know who may gain access to your email account or to the person’s account to whom you are emailing.
- Periodically check your accounts. It never hurts to check your bank accounts periodically to be aware of any irregularities in your online transactions.
- Enhance the security on your computer. Install a reputable antivirus or web-blocking software package.
When you recognize a phishing message, delete the email message from your inbox, and then empty it from the deleted items folder to avoid accidentally accessing the website it points to.
How to Protect Yourself from Online Fraud
Online fraud continues to grow in sophistication and frequency. These scams appear in many forms but they are especially prevalent in Emails and Web sites. Here are a few tips on protecting yourself online.
- Connect to websites using a secure connection (HTTPS). This helps secure a connection to your favorite site and prevents eavesdropping into your connection with that site. You can type in HTTPS into your address bar to see if that service is available for your favorite service. i.e. HTTPS://google.com.
- Change your password frequently.
- Do NOT use the same ID and Password for every online account you have.
- Do NOT store your ID and password information where others could gain access to it. It is best not to write the information down at all.
- Secure your PC with Antivirus, Firewall and Anti-Malware software.
- Be aware of Phishing attempts (websites or emails) that try to obtain personal information from you.
- Be careful of Pop-up advertisements. They might contain attempt to obtain sensitive information from you or harbor malicious links.
- Make sure your software and Operating system is up-to-date with the latest security patches.
- Use web blocking and filtering applications or services. Many of them contain software that will help you determine if a website is safe or not.
- Use layered system security measures: Create layers of Firewalls, Anti-Malware software and encryption. One layer of security might not be enough to protect you.
- Beware of public Wi-Fi connections and public computers because they could have malicious software installed on them that can collect your data.
- Remember to log off properly - You may not always be at your own computer when banking online. Therefore, it’s important to log off using the “log off” link at the top of each Internet banking page.
Do you know what ID Theft is? Do you know how to identify and protect yourself should someone steal your identity? Do you know who to contact in the event it does happen? Security Federal Bank would like to help you answer these questions with the following article.
What is ID Theft - Identity theft involves the unlawful acquisition and use of someone's identifying information, such as:
- Date of Birth
- Social Security Number
- Mother's Maiden Name
- Driver’s License
- Bank or Credit Card Account Number
Thieves then use the information to repeatedly commit fraud in an attempt to duplicate your identity which may include opening new accounts, purchasing automobiles, applying for loans, credit cards, and social security number.
How to protect yourself
- Report lost or stolen checks or credit cards immediately.
- Never give out any personal information including birth date, SSN or passwords.
- Shred all documents containing personal information, like bank statements, unused checks, deposit slips, credit card statements, pay stubs, medical billings, and invoices.
- Don't give any of your personal information to any web sites that do not use encryption or other secure methods to protect it.
Clues That Someone Has Stolen Your Information
- You see withdrawals from your bank account that you can’t explain.
- You don’t get your bills or other mail.
- Merchants refuse your checks.
- Debt collectors call you about debts that aren’t yours.
- You find unfamiliar accounts or charges on your credit report.
- Medical providers bill you for services you didn’t use.
- Your health plan rejects your legitimate medical claim because the records show you’ve reached your benefits limit.
- A health plan won’t cover you because your medical records show a condition you don’t have.
- The IRS notifies you that more than one tax return was filed in your name, or that you have income from an employer you don’t work for.
- You get notice that your information was compromised by a data breach at a company where you do business or have an account.
What if my information is lost or stolen?
P O Box 105069
Atlanta, GA 30349-5069
To order a report: (800) 685-1111
To report fraud: (800) 525-6285
P O Box 1000
Chester, PA 19022
To order a report: (800) 916-8800
To report fraud: (800) 680-7289
P O Box 2002
Allen, TX 75013-0949
To order a report: (888) 397-3742
To report fraud: (888) 397-3742
For more information about identity theft and other tips on how to protect yourself, please visit the websites below.
Federal Trade Commission:
FDIC Consumer Alerts:
FTC’s website to help you be safe, secure and responsible online.
Definitions | TOP
Virus -a malicious computer program that can infect other computers, sometimes referred to as malware, computer worms, Trojan horses, most rootkits, spyware, dishonest adware and other malicious software.
Spyware - a type of malware that can be installed on computers and collects little bits of information at a time about users without their knowledge.
Phishing - the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity.
Protection | TOP
- Change your passwords often. Even if your financial institution doesn't require it, it is good practice to change your passwords at least every six months or at anytime you feel your password may have been exposed.
- Use passwords that are challenging (alpha-numeric and non-repeating characters).
- Do not use the same ID and password for every online account you have.
- Do not store your ID and password information where others could gain access to it. It is best not to write the information down at all.
Wi-Fi/Wireless hotspots - While “Wi-Fi hotspots” provide easy and convenient access to the Internet, they are not secure, and often leave your system vulnerable to unauthorized access.
The most dangerous aspect of these public networks is that they are, by definition, open to access by everyone—even those with malicious intent. In the same way that leaving your home network open to unwanted users is dangerous; similarly, connecting to a public network with unverified users poses a security threat.
Public networks connect you to the Internet, but also to all of the other people that are using the Wi-Fi hotspot. In order to protect your personal data and Internet activity, you should always attempt to use public networks that verify their users identities in some way or another. If someone’s identity is being recorded, they are less likely to stage an attack because it could be traced back to them. However, clever hackers have devised methods to avoid detection. Logging onto a public Wi-Fi connection can leave your personal computer vulnerable to unauthorized access and attacks.
From an unprotected Wi-Fi connection, hackers could:
- Monitor your every move online
- Steal passwords and other sensitive account details
- Install spyware and other malware on your PC
- Record your private email and chat conversations
Secure Sites - Use secure sites whenever possible (https://) for all sites (Google, Facebook, etc). This will help prevent the interception of information.
Emails - Be suspicious of unknown emails and attachments. They could contain a virus, a link to a malicious site or could be a phishing scam trying to obtain information. If you are unsure of the origins of an email, you should delete it. Security Federal Bank will NEVER ask you for confidential information( i.e. passwords, account numbers) via e-mail.