|
Protecting your privacy,
security and personal information is our top priority. We understand
the importance of security when managing your finances online. We use
advanced security methods to ensure your personal and account information
is safe and secure. Click Here
to see current Fraud Alerts.
Below are tips to keep you safe from many common
Internet security risks.
Identity
Theft | Spyware | Phising
| Pharming | Cross-Border
Scams
It’s important to
protect your personal information, and to take certain steps quickly to
minimize the potential damage from identity theft if your information is
accidentally disclosed or deliberately stolen:
*Close compromised
credit card accounts immediately.
*If someone steals your social security number (SSN), contact one
of the three nationwide consumer reporting agencies —
Equifax, Experian, or TransUnion — and place an initial fraud
alert on your credit reports.
*Monitor your credit report. Keep in mind that fraudulent
activity may not show up right away.
*Consult with your financial institution about handling the
effects on bank or brokerage accounts.
*Contact relevant government agencies to cancel and replace any
stolen drivers licenses or other identification documents, and to
“flag” your file.
*Watch for signs of identity theft: late or missing bills,
receiving credit cards that you didn’t apply for, being denied
credit or offered less favorable terms for no apparent reason, or
getting contacted by debt collectors or others about purchases you
didn’t make.
More
at www.onguardonline.gov/idtheft.html
(Source: onguardonline.gov)
|
Spyware is software
installed on your computer without your consent to monitor or control your
computer use. Clues that spyware is on a computer include a barrage of
pop-up ads, a browser that takes you to sites you don't want, unexpected
toolbars or icons on your computer screen, keys that don't work, random
error messages, and sluggish performance when opening programs or saving
files. To lower your risk of spyware infections:
|
*Update your
operating system and Web browser software, and set your browser
security high enough to detect unauthorized downloads.
*Use anti-virus
and anti-spyware software, as well as a firewall, and update them
all regularly.
*Download free
software only from sites you know and trust. Enticing free
software downloads frequently bundle other software, including
spyware.
*Don't click on
links inside pop-up windows.
*Don't click on
links in spam that claim to offer anti-spyware software; you may
unintentionally be installing spyware.
More at
www.onguardonline.gov/spyware.html
(Source: onguardonline.gov)
|
Phishing is a scam
where Internet fraudsters send spam or pop-up messages to lure personal
and financial information from unsuspecting victims. To avoid getting
hooked:
|
*Don't reply to
email or pop-up messages that ask for personal or financial
information, and don't click on links in the message. Don't cut
and paste a link from the message into your Web browser —
phishers can make links look like they go one place, but that
actually send you to a different site.
*Some scammers
send an email that appears to be from a legitimate business and
ask you to call a phone number to update your account or access a
"refund." Because they use Voice Over Internet Protocol
technology, the area code you call does not reflect where the
scammers really are. If you need to reach an organization you do
business with, call the number on your financial statements or on
the back of your credit card, or type in the web address yourself.
*Use anti-virus
and anti-spyware software, as well as a firewall, and update them
all regularly.
*Don't email
personal or financial information.
*Review credit
card and bank account statements as soon as you receive them to
check for unauthorized charges.
*Be cautious
about opening any attachment or downloading any files from emails
you receive, regardless of who sent them.
*Forward spam
that is phishing for information to spam@uce.gov and to the
company, bank, or organization impersonated in the phishing email.
You also may report phishing email to reportphishing@antiphishing.org.
The Anti-Phishing Working Group, a consortium of ISPs, security
vendors, financial institutions and law enforcement agencies, uses
these reports to fight phishing.
*If you've been
scammed, visit the Federal Trade Commission's Identity Theft
website at www.consumer.gov/idtheft.
More
at www.onguardonline.gov/phishing.html
(Source: onguardonline.gov)
|
Pharming refers to the
redirection of an individual to an illegitimate Web site through technical
means. For example, an Internet banking customer, who routinely logs in to
his online banking Web site, may be redirected to an illegitimate Web
instead of accessing his or her bank’s Web site. Pharming can
occur in four different ways:
|
*Static domain
name spoofing: The “pharmer” (the person or entity committing
the fraud) attempts to take advantage of slight misspellings in
domain names to trick users into inadvertently visiting the
pharmer’s Web site. For example, a pharmer may redirect a user
to anybnk.com instead of anybank.com, the site the user intended
to access.
*Malicious
software (Malware): Viruses and “Trojans” (latent malicious
code or devices that secretly capture data) on a consumer’s
personal computer may intercept the user’s request to visit a
particular site, such as anybank.com, and redirect the user to the
site that the pharmer has set up.
*Domain hijacking: A hacker may
steal or hijack a company’s legitimate Web site, allowing the
hacker to redirect all legitimate Internet traffic to an
illegitimate site. Domain names generally can be hijacked in two
ways: (1) Domain
slamming: By submitting domain transfer requests, a domain is
switched from one registrar to another. The account holder at the
new registrar can alter routing instructions to point to a
different, illegitimate server. (2) Domain expiration: Domain
names are leased for fixed periods. Failure to manage the leasing
process properly could result in a legitimate ownership transfer.
In this instance, trade name laws usually must be invoked to
recover lost domains.
*DNS poisoning: The most
dangerous instance of pharming may be domain name server (DNS)
poisoning. Domain name servers are similar to Internet road map
guides. When an individual enters www.anybank.com into his or her
browser, Domain Name Servers on the Internet translate the phrase
anybank.com into an Internet protocol (IP) address, which provides
routing directions. After the DNS server provides this address
information, the user’s connection request is routed to
anybank.com. Local DNS servers can be “poisoned” to send users
to a Web site other than the one that was requested. This
poisoning can occur as a result of misconfiguration, network
vulnerabilities or Malware installed on the server. There
are 13 root DNS servers for the entire Internet, which are closely
protected and controlled. Most requests are directed by the local
DNS server before they reach a root DNS server. However, if a
hacker were to penetrate one or more of these root servers, the
Internet could be severely compromised.
(Source:
fdic.gov)
|
If you are using the Internet:
|
*Know who
you're dealing with. In any electronic transaction, independently
confirm the other party's name, street address, and telephone
number.
*Resist the
urge to enter foreign lotteries. These solicitations are phony and
illegal.
*Delete
requests that claim to be from foreign nationals asking you to
help transfer their money through your bank account. They're
fraudulent.
*Ignore
unsolicited emails that request your money, credit card or account
numbers, or other personal information.
*If
you are selling something over the Internet, don't accept a
potential buyer's offer to send you a check for more than the
purchase price, no matter how tempting the plea or convincing the
story. End the transaction immediately if someone insists that you
wire back funds.
More
at www.onguardonline.gov/crossborder.html
(Source: onguardonline.gov)
|
|
Phone:
606.723.2139 