Unfortunately, in today's world, identity theft has become a reality that we all have to contend with. Learning how to prevent it is important.
Below you'll find several tips that will reduce your changes of falling victim of this crime.
Credit Card Security Tips
{beginAccordion}
Credit Card Security
- Monitor Your Credit Report — Each year, request a free credit report from the three credit reporting companies at AnnualCreditReport.com or by calling 877-322-8228. Monitoring these reports can help spot fraud. Be sure to request credit reports for minors who live in your household. Identity thieves often target young people whose credit is not yet established.
- Cancel Credit Cards You No Longer Use — If you aren’t using it, cancel it. An active credit card in the wrong hands could result in fraud, so it’s best to eliminate the risk by cancelling the card.
- Monitor Your Account Activity — Visit your financial institution's and other creditors' websites at least once a week to review your account activity, so you can quickly spot any suspicious activity. At the very minimum, closely review your monthly statements.
- Pay Attention to Billing Cycles and Statements — Be alert to bills, account statements, or other information that does not arrive on time. Contact your financial institution/vendor if you don't receive your monthly bill.
- Don't Share Personal Information — Do not respond to unsolicited e-mails, telephone calls, or text messages that ask for personal information, such as account numbers or Social Security numbers. And do not order checks with your Social Security number or driver's license number printed on them.
- Protect You PINs and Passwords — When creating PINs and passwords, avoid using your mother's maiden name, your birth date, the last four digits of your social security number, your phone number, and other obvious strings of numbers (for example: 1234).
- Don't Let the Trash Be a Treasure — Use a shredder to destroy receipts, credit card offers, bank statements, returned checks and any other private documents you no longer need.
- Be Proactive with the Cards You Carry — Keep a list of all the cards you carry, account numbers, and contact numbers in the event of lost or a stolen purse or wallet. Carry only the minimum amount of identifying information and number of credit cards that you need.
- Store Personal Information in a Safe Place — Keep your Social Security card, checks and other important documents in a secure place in your home. Don't store confidential information on computers, memory sticks, cell phones and other electronic devices.
- Protect Your Computer — Never click on unsolicited emails. Use firewalls, anti-spyware, and anti-virus software to protect your home computer. Install updates to software as needed.
- Guard Your Mailbox — Don't leave payment envelopes in the mailbox with the flag up, instead drop payments directly into a post office collection box. If you've ordered a new box of checks, consider picking it up at the bank, rather than having it delivered to your mailbox. Pre-approved credit offers can be a danger. Identity thieves can steal these from your mailbox and attempt to get credit in your name. You can opt out of receiving these offers at OptOutPreScreen.com or by calling 888-567-8688.
{endAccordion}
Online and Mobile Security Tips
{beginAccordion}
Mobile Security
- Password Protect Your Mobile Device — This makes it much more difficult for someone else to view your information.
- Avoid Storing Your Passwords — Don't store your passwords or other sensitive information on your smartphone or in an app where it could be discovered if your phone is stolen.
- Frequently Delete Texts and Emails — Delete texts and emails containing personal information, especially before loaning, discarding, or selling your mobile phone.
- Don't Share Your Private/Sensitive Information — Keep your account numbers, passwords, Social Security number and date of birth private. Never share your personal or financial information in a text message, phone call or email.
- Keep Your Mobile Information Up to Date — If you lose your mobile device or change your cell phone number, sign into your online account at myexchangebank.com to remove the old number from your mobile banking profile or call customer service at 913-367-6000.
- Always Log Off Your Account — Once you've finished with an app or website, always log off. Connection Bank’s smartphone apps and mobile banking site will automatically log you off after 15 minutes of inactivity. This reduces the risk of others accessing your information from your mobile device
- Keep Your Mobile Operating System Current — Make sure you have the most recent version to ensure the highest level of protection. Before you download an update to your device, check the company's website to confirm it's legitimate.
- Avoid Using Public Wireless Access Points for Online Banking — Banking and other activities involving sensitive information should be on private, secure networks. Open wi-fi networks are prime targets for hackers and identity thieves.
- Log Off — Always "sign out" or "log off" when finished with an app rather than just closing it.
Online Security
- Be Wary of Suspicious Links — Never click on suspicious links in emails, tweets, posts, or online advertising. Links may take you to websites different from what their labels indicate. Typing the address into your browser is a much safer alternative.
- Protect Sensitive Information — Only give sensitive information to websites that are secure and encrypted, so it's protected as it travels across the Internet. Verify the web address begins with "https://" (the "s" is for secure) rather than just "http:''. Some browsers also display a padlock.
- Avoid Using Public Wireless Access Points for Online Banking — Banking and other activities involving sensitive information should be on private, secure networks. Open wi-fi networks are prime targets for hackers and identity thieves.
- Don't Trust Sites with Certificate Warnings or Errors — These messages could be caused by your connection being intercepted or the web server misrepresenting its identity.
- Always "Log Off" or "Sign Out" of Password Protected Websites — When you're finished with your session, log off to prevent unauthorized access. Simply closing the browser window may not actually end your session.
Password Security
- Create a Unique Password for Every Online Account — If you don't, one breach could leave all your accounts vulnerable.
- Never Share Your Password — If you are asked for your password, it's probably a scam. Never share it over the phone, via texts, by email, or in person.
- Use Unpredictable Passwords and Change Them Frequently — Combine lowercase letters, capital letters, numbers, and special characters. Changing your password once a month reduces your risk of fraud.
- Make Your Password Tough to Crack — The longer the password, the better. Use at least 8 characters. More than 8 is even better. Every additional character you add exponentially strengthens the password. Avoid using obvious passwords such as:
- Your social security number
- Your name
- Your business name
- A family member's name
- Your user name
- Birthdates or anniversaries
- Dictionary words
- Choose a Password You Can Remember — It's best not to write your password down or share it with anyone. If you must write it down, make sure you store it in a secure place.
General PC Security
- Maintain Active and Up-to-Date Antivirus Protection — Schedule regular scans of your computer in addition to real-time scanning and ensure that your vendor is reputable.
- Update Your Software Frequently— Having the latest security patches is crucial. This includes your computer's operating system and other installed software.
- Automate Software Updates — When the software supports it, automate updates to ensure they aren’t overlooked.
- If You Suspect Malware, Stop Using Your Computer — Discontinue using it for banking, shopping, or other activities involving sensitive information. Use security software and/or professional help to find and remove malware.
- Use Firewalls on Your Local Network — They add another layer of protection for all the devices that connect through the firewall (PCs, smart phones, tablets, etc.).
- Require a Password to Gain Access — Log off or lock your computer when it's not in use.
- Avoid Downloading Unknown Programs — Programs from unknown sources can be dangerous. Always be skeptical about what you’re downloading and verify the source.
- Non-Admin User — Create a non-admin user for normal daily uses. Only use admin account to perform admin features such as installing software.
{endAccordion}
Social Engineering Tips
{beginAccordion}
Social Engineering Attacks
In a social engineering attack, a fraudster uses human interaction to manipulate a person into providing information. People have a natural tendency to trust.
Social engineering attacks attempt to exploit this tendency in order to steal your information. Once the information has been stolen, it can be used to commit fraud or identity theft. Common types are Website Spoofing, Phishing, Pharming, and Smishing.
Website Spoofing
Website Spoofing is the act of creating a fake website to mislead individuals into sharing sensitive information. Spoof websites are typically made to look exactly like a legitimate website published by a trusted organization.
Prevention Tips:
- Pay Attention to the Web Address (URL) — A website may look legitimate, but the URL may have a variation in spelling or use a different domain. If you are suspicious of a website, close it and contact the company directly.
- Do Not Click Links on Non-Trusted Sites — Whether it’s social networking sites or a pop up, links can take you to a different website than their labels indicate. Typing an address in your browser is a safer alternative.
- Use an Encrypted Connection — Only give sensitive information to websites using a secure, encrypted connection. Verify the web address begins with "https://" (the "s" is for secure) rather than just "https:”.
- Pay Attention to Errors and Warnings — Avoid using websites when your browser displays certificate errors or warnings.
Phishing, Pharming, and Smishing
These techniques are used by a fraudster in an attempt to acquire information by masquerading as a trustworthy entity in an electronic communication. The electronic messages often direct the recipient to a spoof website. These attacks are typically carried out through email, instant messaging, telephone calls, and text messages.
Prevention Tips:
- Delete Email and Text Messages Asking for Sensitive Info — Delete email and text messages that ask you to confirm or provide sensitive information. Legitimate companies don't ask for sensitive information through email or text messages.
- Avoid Sites Sent Via Unsolicited Messages — Beware of visiting website addresses sent to you in an unsolicited message. Even if you feel the message is legitimate, type the web address into your browser or use bookmarks instead of clicking links contained in messages. Try to independently verify any details given in the message directly with the company.
- Use Anti-Phishing Features — Utilize anti-phishing features available in your email client and/or web browser to minimize chance of fraud.
- Use Email SPAM Filtering Solutions — Prevent phishing emails from being delivered from the get-go with your email solution’s spam filter.
Report Fraudulent or Suspicious Activity
Contact us immediately if you suspect you have fallen victim to a social engineering attack and have disclosed information concerning your Exchange Bank accounts.
Call us at 913-367-6000 or visit your nearest Exchange Bank branch location.
Regularly monitoring your account activity is a good way to detect fraud. If you notice unauthorized transactions on your account, notify Exchange Bank immediately.
{endAccordion}
Exchange Bank & Trust will never email, text, or call you unsolicited to ask for account information, social security numbers, online banking credentials, or other sensitive information.