Protecting the financial information of our members is top priority at Family Savings. Whether you are using online, mobile or telephone banking, or simply shopping online, we all have a role to play in keeping your personal and financial information secure. If you suspect fraudulent activity has occurred on your account, please contact our Fraud Analyst, Paula Knowles, at 256-439-5915 or 888-311-3728 Ext. 5915.
If you suspect fraud on your Family Savings Visa® Debit/ATM card, you may block your card by calling 256-543-9530 (toll free at 888-311-3728) or by using NetTeller Online Banking . Our Visa® Fraud after-hours line may be reached by calling 1-844-484-0049.
December Holiday Security Tips
With the growing risk of cybersecurity, it is imperative that you stay safe during the holiday season. Due to the pandemic, global shipping and delivery rates have been affected, so it’s best to get ahead of your holiday shopping. While you might consider doing your last-minute shopping online, Tokenex advises you to keep your eyes open because cybercriminals can be everywhere.
In 2021, customers in the United States who utilized online shopping spent on average around $209 billion. A big chunk of that online shopping comes from holiday spending. With the ease of staying home and browsing on your phone or computer instead of physically going to a store, cybercriminals have begun strategically advertising to increase the use of their services.
There are on average 7.9 million online businesses around the world. Some websites are perfectly safe and some you should be a bit skeptical about. With the popularity of online shopping, many fake businesses have been established and are trying to trick you into giving away your personal information. Be wary of deals that are too good to be true. If a store is offering a heavily discounted item, it might be a scam. Research the company and make sure this is a legitimate business before entering your credit card information.
These tips are not only helpful for shoppers, but they can be beneficial for business owners as well. If your website looks and feels like a scam site, it may be flagged or get taken down. You could also fall victim to someone trying to buy something from you using fake or inaccurate information.
We all know of someone who has been a victim of a cyber-attack. It’s not a fun process and can definitely put a damper on your holiday spirit. By following these simple steps, you can safely enjoy the holiday season with family and friends.
Five Tips to Keep you Safe This Holiday Season:
- Only Shop from Trustworthy Sites
It can be difficult looking for a specific gift for a loved one during the holidays, but keep in mind that there are many online stores online posing to be something they’re not. Only trust retailers you know to avoid making a purchase at an illegitimate site. Hackers can easily create fake websites and steal credit card information, so be aware if an item is ridiculously cheaper, it might be a fake.
- Use Strong Passwords and Multi-Factor Authentication
It is always important to create passwords that are strong and have a variety of characters, numbers, and symbols. Using simple passwords like a pet’s name or 123 can be easily detected and your security could be in jeopardy. If there’s ever an option to opt into a Multi-Factor Authentication for a website, utilize it to offer an extra level of protection. Sure, it may be annoying to receive a verification code every time you log into a website, but it will be more of a hassle in the long run if your information becomes stolen or compromised.
- Monitor Your Activity
You might already closely follow your financial accounts, but it is important to keep an eye on any suspicious transactions that may occur on your financial statements during the holidays. If you think there might be a fraudulent charge on your account, notify your credit union immediately so they can prevent future loss on your end. Be mindful of small transactions that seem like nothing at first. Hackers like to test how much they can steal before making large transactions.
- Be Aware of Holiday Scams
Cybercriminals are constantly looking for ways to let your guard down. Be diligent when opening emails, answering phone calls and text messages, and responding to social media ads during the holidays. If something seems off about a particular communication method, trust your gut and report or block the sender.
- Keep Your Devices Updated
Staying on top of your system updates can be a huge help against cyber-attacks. These updates often release fixes for security issues. There is also a feature available for automatic updates, so you don’t have to worry about manually updating every time there’s a new solution.
Beware of Bogus Charitable Solicitations
Produced by Jay Slagel, VP of Risk Management at Allied Solutions
It is a sad, but real fact that charity fraud scams spike in the wake of a tragic event or natural disaster, such as the recent hurricanes.
The culprits of these heinous crimes typically use email and social media ploys to lure victims to visit a bogus website or download malicious software so they can then gain access to the private information on consumers' devices.
The perpetrators may also try to obtain money from individuals through soliciting donations to a bogus charity. The following are steps that you can take to prevent exposure to charity scams:
- Do not respond to any unsolicited incoming e-mails, and do not click links contained within those messages, because they may contain viruses.
- Be skeptical of individuals representing themselves as members of charitable organizations or officials asking for donations via e-mail or social networking sites.
- Beware of organizations with copy-cat names similar to - but not exactly the same as - those of reputable charities.
- Rather than follow a purported link to a website, use online resources to confirm the group’s existence and its non-profit status.
- Be cautious of e-mails that claim to show pictures of the disaster areas in attached files because the files may contain viruses. Only open attachments from known senders.
- To ensure contributions are received and used for intended purposes, make contributions directly to known organizations rather than relying on others to make the donation on your behalf.
- Do not be pressured into making contributions; reputable charities do not use such tactics.
- Be aware of whom you are dealing with when providing your personal and financial information. Providing such information may compromise your identity and make you vulnerable to identity theft.
- Avoid cash donations, if possible. Pay by credit card or write a check directly to the charity. Do not make checks payable to individuals.
- Do not respond to any charities soliciting donations via money transfer services, because no charity would request fund that way.
- Be especially wary of organizations with websites ending in ".com" claiming to be charities. Most legitimate charities have websites ending in ".org".
Report suspicious e-mail solicitations or fraudulent websites to your financial institution and to the FBI’s Internet Crime Complaint Center: www.ic3.gov.
Steps to Protect Yourself: Online, Mobile, Debit Cards and Email
Change your Password regularly. Family Savings CU recommends this be done every 60-90 days.
Never give your passwords to anyone. Family Savings CU will NEVER ask for your password in an email, over the phone, in a text or any other communication method.
Do not reuse passwords. Do not use the same password you have set for Family Savings Online Banking for any other account.
Use a password manager. If you use a password manager, you do not have to remember all your passwords; only the one to the password manager. This allows you to use long, complex and unique passwords for all your accounts. Be sure to make the password to your password manager a strong one. Macs have a password manager built in (Keychain) and there are many available for Windows.
Do not send sensitive information via e-mail. Never e–mail passwords, account numbers, social security numbers or other sensitive information to anyone.
Use a “two factor” method for authenticating to sites if available. This is especially important for email since email is often used to reset passwords, confirm actions and as additional method for identity verification.
Install protection software on your home computers such as anti-virus, anti-spyware and anti-fraud protection software and keep them up to date.
Use a physical home router/firewall between your computer and your cable or DSL modem.
Turn on automatic updates for your operating system ( Windows updates, Mac updates) and applications that you have installed, especially your web browser, Adobe Reader, Adobe Flash, Adobe Shockwave and Oracle Java.
Create a second, non-privileged operating system account, for normal, everyday use and use your privileged (administrator) account only when needed, like when installing software. ( Windows user accounts, Mac user accounts)
Use a pop-up blocker. Set your browser preferences to block pop–ups as pop-ups can contain malicious code.
Use a browser add-on that blocks advertisements (an ad blocker)
Use a browser add-on that blocks scripts such as No-Script, uBlock or use a sandboxing technology like Sandboxie.
Conduct online banking and make financial transactions only with a trusted computer (one owned by you or someone you trust) on a trusted network—wired or wireless.
Never use a public computer for online banking. If you must bank while away from a trusted computer, use the Family Savings Mobile App.
Turn off your computer when not in use.
Review your account and transaction information regularly —least once a week. If you notice any changes to your account that you didn't make, contact us immediately at 1-888-311-3728.
Set up account alerts to receive alerts on your cell phone or in e-mail so you can stay updated on your account activity. Set up account alerts using NetTeller Online Banking.
Freeze your credit report. A security freeze prevents potential creditors from being able to pull your credit file. When your credit file is frozen, ID thieves can apply for credit in your name, but not be able to establish new lines of credit. Few creditors will extend credit without determining the risk of doing so (i.e., view your credit file). You can unfreeze your credit file any time.
If you do not freeze your credit report, check it regularly. Ensure you recognize all the accounts listed. Contact one of the three major credit-reporting agencies (Equifax, Experian, and Transunion) for a copy of your credit report.
Sign out of accounts and websites. When you have finished using an Internet service that you logged into, sign out and do not just close the browser. It is possible that some sites may not close your session (log you out) when the browser window is closed.
Check certificates. When visiting secure sites that have a padlock, green or orange address bar or a URL that begins with “https”, view the site certificate and verify that it is for the site you believe you are visiting. This can be done by clicking on the padlock and then “view certificate” or “more information”. This will display the details about the certificate including the owner and issuer.
Do not root or jailbreak your mobile device to get around limitations set by your carrier or device manufacturer. It removes protections built into the device to defend against mobile threats.
Only download Apps from official stores such as iTunes or Google Play.
Avoid connecting your smart phone to an unsecured wireless network.
Far more hacks are accomplished with words than technical knowledge. This is called Social Engineering, and the goal is to convince you to help the attacker do all the work for them!
How does the attacker trick you into doing this? They rely on four general strategies… appealing to greed, appealing to fear, appealing to authority or relying on human kindness.
- Appeal to greed: an attacker will offer you some method to make some easy money.
- Appeal to fear: the hacker will tell you, your bank account has been hacked, or tell you your computer has been filled with malware and must be cleaned immediately.
- Appeal to authority: a hacker will attempt to mimic someone in charge and ask you to do something because of their position.
- Appeal to human kindness: they may send an email stating they really need your help to do “X”. It may even appear to be from someone you know.
Every one of these scenarios can occur over email, chat, text, the phone or even in person.
In all of these situations, you can avoid being caught out with a few strategies.
- Take your time. Don’t let them force you to make a decision. Spend a few minutes asking yourself if this is a good idea.
- Verify their identity. Verify they are who they say they are through an outside channel.
- Be very careful with email attachments. If you were not expecting it, verify that the sender intended to send it to you.
- Do not click on a link in an email until you’ve hovered your mouse over it to reveal where it truly leads and it is where you expected it to go.
ATM/Debit and Credit Card Security
Memorize PINs & Passwords - do not write them down. If you must write them down, keep them in a password manager or on paper nowhere near your credit or debit cards.
Protect your card information Do not provide it online unless you are making a purchase from a website you trust. Secure sites typically will direct you to a secure page with a URL starting with “https://” whenever you are making purchases or are being asked to provide confidential information.
Don’t store credit card numbers and other financial data on your cell phone or PDA.
If you have a card with RFID, use an RFID blocking (Faraday) wallet , purse or other container to protect your card from unauthorized reading.
Beware of Skimmers . Skimmers are small devices that are designed to fit over card slots and keypads to collect card data and card PINs. Common places for these are ATMs and gas pumps. Some are virtually impossible to identify. If the card reader is loose or you see exposed wires, do not use it.
Spotting Identity Theft
Identity theft can happen even if you've been very careful with your personal information. Below are some potential indicators of identity theft.
- Failing to receive bills or other mail.
- Receiving cards or billing statements on accounts for which you did not apply.
- Receiving calls from debt collectors or companies about merchandise or services you didn't buy.
- You see withdrawals from your bank account that you can’t explain.
- Merchants refuse your checks.
- You find unfamiliar accounts on your credit report.
- The IRS notifies you that more than one tax return was filed in your name, or that you have income from an employer you don’t work for.
- You get notice that your information was compromised by a data breach at a company where you do business or have an account.