Hang up on business imposter scams
Scammers love to use the same old tricks in new ways. One of their favorites is to pose as a business or government official to pressure you into sending them money or personal information. Now, some scammers are pretending to be popular online shopping websites, phishing for your personal information.
For example, you get a call from someone who claims to be with “Amazon.com.” (Spoiler alert: they’re not really from Amazon.) The voice on the phone will say that your credit card has been charged a large amount of money for some order. Then, they’ll give you the “Amazon Support” phone number and tell you to immediately call if you didn’t make that purchase.
If this seems suspicious, that’s because it is. Scammers want you to call the number they give so they can ask for your passwords, credit card number, and other sensitive information to get your money. If you get a call like this, there are a few steps you should take:
- Hang up. Don’t call them back on the number they gave you. If you’re concerned about an order you didn’t place, contact the business through a customer service phone number or email you know is legitimate. You can usually find a company’s real information on their website.
- Check your credit card account. If you see a charge you don’t recognize, file a dispute with your credit card company immediately.
- Report the fake call to the business. Make sure to use the contact information from their website – not the information from the phone call. You can also report the call to the FTC.
|
Online Shopping
Follow these tips for hassle-free online shopping: get the details, pay by credit card, keep records, and protect your personal and financial information.
Know who you're dealing with.
Anyone can set up shop online under almost any name. Confirm the online seller's physical address and phone number in case you have questions or problems. And if you get an email or pop-up message that asks for your financial information while you’re browsing, don't reply or follow the link. Legitimate companies don't ask for information that way.
Know what you're buying.
Read the seller's description of the product closely, especially the fine print. Words like "refurbished," "vintage," or "close-out" may indicate that the product is in less-than-mint condition, while name-brand items with bargain basement prices could be counterfeits.
Know what it will cost.
Check out websites that offer price comparisons and then compare "apples to apples." Factor shipping and handling into the total cost of your purchase. Do not send cash or money transfers under any circumstances.
Check out the terms of the deal, like refund policies and delivery dates.
Can you return the item for a full refund if you're not satisfied? If you return it, who pays the shipping costs or restocking fees, and when you will get your order? A Federal Trade Commission (FTC) rule requires sellers to ship items as promised or within 30 days after the order date if no specific date is promised. Many sites offer tracking options, so you can see exactly where your purchase is and estimate when you’ll get it.
Pay by credit card.
If you pay by credit or charge card online, your transaction will be protected by the Fair Credit Billing Act. Under this law, you can dispute charges under certain circumstances and temporarily withhold payment while the creditor investigates them. In the event that someone uses your credit card without your permission, your liability generally is limited to the first $50 in charges. Some companies guarantee that you won’t be held responsible for any unauthorized charges made to your card online; some cards provide additional warranty, return, and purchase protection benefits.
Keep Records.
Print or save records of your online transactions, including the product description and price, the online receipt, and the emails you send and receive from the seller. Read your credit card statements as you receive them; be on the lookout for charges that you don’t recognize.
Protect Your Information
Don't email any financial information. Email is not a secure method of transmitting financial information like your credit card, checking account, or Social Security number. If you begin a transaction and need to give your financial information through an organization's website, look for indicators that the site is secure, like a URL that begins https (the "s" stands for secure). Unfortunately, no indicator is foolproof; some fraudulent sites have forged security icons.
Check the privacy policy.
Really. It should let you know what personal information the website operators are collecting, why, and how they're going to use the information. If you can't find a privacy policy — or if you can't understand it – consider taking your business to another site that's more user-friendly.
|
Online Security
Ensuring Your Safety Online
Protecting your confidential information has always been a top priority at Community Bank, especially when you use online banking. As more and more people and businesses manage their finances online, the fight against Internet fraud grows stronger. In fact, the federal government has released new guidelines to help federally insured financial institutions keep customers’ accounts more secure than ever before.
The Federal Financial Institutions Examination Council (FFIEC) outlines steps for financial institutions to take to ensure that your identity is protected whenever you access your accounts online. We do our part by:
- Analyzing our Internet services for risk of potential fraud or identity theft.
- Requiring unique passwords and other authentication devices for all online banking access and transactions.
As new security technology becomes available, we may upgrade authentication methods for our online consumer and business banking services to continually help keep your private information secure and comply with the latest FFIEC guidelines.
You can do your part to help keep your accounts safe, too. By now you may have heard of "phishing" scams – fraudulent e-mails and look-alike Web sites that try to trick you into revealing personal information such as account numbers and passwords. Remember that we will NEVER ask you for account or password information in an e-mail. If you receive a suspicious e-mail, do not reply to it or click on any links. Instead, contact a banker at any Community Bank location.
By working together, we can protect your finances and your good name. Know that we are hard at work to keep our Internet services secure so you can continue to enjoy the convenience and ease of online banking.
|
Spyware
Keeping Tabs on Spyware
If you've spent time on the World Wide Web, chances are you've received a fair number of pop-up advertisements – those annoying little browser windows that clog the screen when you're trying to view a Web site. They might advertise a product or say you've won a contest you didn't enter. Be careful, these pop-up ads can be more than annoying – they could be an indication that your computer has been infected with what is known as spyware.
Spyware is a computer program installed on your computer without permission that can monitor your Internet activity, force your computer to view those annoying pop-up ads or even redirect you to certain Web sites.
Indications of a spyware infection can include an unwanted change in your homepage, random error messages, sluggish computer performance, new or unexpected icons on your computer or suddenly being taken to a different Web site.
Protect Yourself
Take control of your computer's security settings. Here are some ways to defend against spyware and other malicious electronic programs.
- Install anti-virus and anti-spyware software and run them regularly. Many anti-virus programs already include spyware protection that simply needs to be turned on.
- Only download software from sites you know are secure and have earned your trust.
- Don't click on links that appear in pop-up ads.
- Never click on any links in an e-mail you receive from a sender you don't know or trust.
- Update your operating system (Windows for PCs, OS-X for Macs) regularly.
If you do find spyware already installed on your computer, delete it immediately and run your anti-virus and anti-spyware programs to clean your computer.
|
Online Banking Security Tips
Mobile Device Security
- Configure your device to require a passcode to gain access if this feature is supported in your device.
- Avoid storing sensitive information. Mobile devices have a high likelihood of being lost or stolen so you should avoid using them to store sensitive information (e.g. passwords, account numbers, etc.). If sensitive data is stored, enable encryption to secure it.
- Keep your mobile device's software up-to-date. These devices are small computers running software that needs to be updated just as you would update your PC. Use the automatic updated option if one is available.
- Review the privacy policy and data access of any applications (apps) before installing them. Only download apps from trusted app stores (Apple, Google Play).
- Disable features not actively in use such as Bluetooth, Wi-Fi, and infrared. Set Bluetooth-enabled devices to non-discoverable when Bluetooth is enabled.
- "Sign-out" or "Log off" when finished with an app rather than just closing it.
- Utilize antivirus software where applicable (i.e. Android, Windows, etc).
- Do not Jailbreak or otherwise circumvent security controls.
Online Security
- Never click on suspicious links in emails, tweets, posts, or online advertising. Links can take you to a different website than their labels indicate. Typing an address in your browser instead of clicking a link in an email is a safer alternative.
- Only submit sensitive information to websites using encryption to ensure your information is protected as it travels across the Internet. Verify the web address begins with "https://" (the s is for secure) rather than just "http://". Sometimes browsers also display a closed padlock.
- Do not trust sites with certificate warnings or errors. These messages could be caused by your connection being intercepted or the web server misrepresenting its identity.
- Avoid using public computers or public wireless access points for online banking and other activities involving sensitive information when possible.
- Always "sign-out" or "log off" of password protected websites when finished to prevent unauthorized access. Simply closing the browser window may not actually end your session.
- Be cautious of unsolicited phone calls, emails, or texts directing you to a website or requesting more information.
General PC Security
- Maintain active and up-to date antivirus protection provided by a reputable vendor. Schedule regular scans of your computer in addition to real-time scanning.
- Update your software frequently to ensure you have the latest security patches. This includes your computer's operating system and other installed software (e.g. web browsers, Adobe Flash Player, Adobe Reader, Java, Microsoft Office, etc.).
- Automate software updates, when the software supports it, to ensure it's not overlooked.
- If you suspect your computer is infected with malware, discontinue using it for banking, shopping, or other activities involving sensitive information. Use security software and/or professional help to find and remove malware.
- Use firewalls on your local network to add another layer of protection for all the devices that connect through the firewall (e.g. PCs, smart phones, and tablets).
- Require a password to gain access. Log off or lock your computer when not in use.
- Use a cable lock to physically secure laptops when the device is stored in an untrusted location.
Passwords
- Create a unique password for all the different systems / websites you use. Otherwise, one breach leaves all your accounts vulnerable.
- Never share your password over the phone, in texts, by email, or in person. If you are asked for your password it's probably a scam.
- Use unpredictable passwords with a combination of lowercase letters, capital letters, numbers and special characters.
- The longer the password, the tougher it is to crack. Use a password with at least 8 characters. Every additional character exponentially strengthens a password. Passphrases are most effective. A passphrase is a short sentence and generally easier to remember.
- Avoid using obvious passwords such as: Names (your name, family member names, business name, user name, etc.), Dates (birthdays, anniversaries, etc.), Dictionary words.
- Choose a password you can remember without writing it down. If you do choose to write it down, store it in a secure location.
Additional Resources
- To learn more about information security, visit any of the below websites:
|
|
