Online Security Tips & Identity Theft
PROTECTING YOURSELF AGAINST THE LATEST SCAMS
The security of your personal information is of utmost importance to Wheatland Bank. We have state-of-the art systems in place to secure our servers and networks and additional layers of security to guarantee your personal information is secure. In addition, Wheatland Bank wants to ensure you have the necessary information to protect your personal and account information online. The following tips will help protect you against fraudulent e-mail and Internet related activity from unauthorized third parties.
- Many fraudulent schemes will attempt to disguise themselves as your bank. Keep in mind that Wheatland Bank will never ask you to submit personal or account information via e-mail.
- If you receive an e-mail appearing to be from Wheatland Bank, asking for your account numbers, or Social Security Number, DO NOT RESPOND and notify us immediately.
- Sensitive or personal information, such as account numbers, Social Security Numbers, Personal Identification Numbers, or passwords, should never be sent via e-mail to Wheatland Bank or any other third party.
PHISHING SCAMS AND SPEAR PHISHING
Crooks are using the latest in technology to pull off scams, called “Phishing.” “Phishing” scams occur when the “Phisher” sends an email directly to an individual, containing an infected file or link to an infectious Web site. The e-mail recipient is generally a person within a company who can initiate funds transfers or payments on behalf of an individual or business. Once the user opens the attachment, or clicks the link to open the Web site, malware is installed on the user’s computer which allows the crook to record and identify the user’s corporate online banking credentials, giving them access to the user’s online accounts. Here are some tips to help protect you from this type of scam:
- Reconcile all banking transactions on a daily basis.
- Initiate ACH and wire transfer payments using dual control, with a transaction originator and a separate transaction authorizer.
- Be suspicious of e-mails purporting to be from a financial institution, government department or other agency requesting account information, account verification or banking access credentials such as user-names, passwords, PIN codes and similar information.
- Use caution when opening file attachments or clicking on web links in suspicious e-mails, as they could expose the system to malicious code that could hijack the computer.
- Install a dedicated, actively managed firewall, especially when using a broadband or dedicated connection to the Internet, such as DSL or cable. A firewall limits the potential for unauthorized access to a network and computers.
- Create a strong password with at least 10 characters that include a combination of mixed case letters, numbers and special characters.
- Do not share user-names and passwords for online banking systems.
- Use a password for online banking that is not used at other Web sites.
- Change your password frequently.
- Never share user-name and password information for Online Services with third-party providers.
- Limit administrative rights on users’ workstations to help prevent the inadvertent downloading of malware of other viruses.
- Install commercial anti-virus and desktop firewall software on all computer systems. Free software may not provide protection against the latest threats compared with an industry standard product.
- Ensure virus protection and security software are updated regularly.
- Ensure computers are patched regularly particularly operating system and key application with security patches. It may be possible to sign up for automatic updates for the operation system and many applications.
- Consider installing spyware detection programs.
- Verify use of a secure session (https not http) in the browser for online banking.
- Avoid using automatic login features that save user-names and passwords for online banking.
- Never leave a computer unattended while using any online banking or investing service.
- Never access bank, brokerage or other financial services information at Internet cafes, public libraries, etc. Unauthorized software may have been installed to trap account number and sign on information leaving the customer vulnerable to possible fraud.
- Careful of phone calls and on-site visits pretending to be from your bank; always know your banker. If you ever are suspicious of a visit or phone call please call your bank immediately to verify in they, in fact, have sent someone out.
Here is an example of a real phishing email sent in an attempt to install malware on the user's computer. Please note that Microsoft will never attempt to send an update through email.
Never respond to unusual e-mail. Please notify us immediately if you believe you have received a suspicious or fraudulent e-mail or detect suspicious transactions by calling 800-748-8132.
- Paying company receives a request to change account information for future ACH credit payments
- Request usually arrives on official looking letterhead
- Paying company sends one or more credits to this account, to pay its invoices
- Defrauded company learns it’s been scammed when trading partner (biller) asks why it hasn’t been paid
You receive a letter appearing to be from your office supply company. It is on their company letterhead and it is asking for you to update your account information for future ACH credit payment. You follow the instructions included in the letter without verifying the letter with the supplier. After some time passes you are contacted by the office supply company wondering why they haven’t been paid. You then realize the letter was a scam and the payments have been going to a fraudulent source.
- Always verify with the supplier directly when being asked to change account and ACH information.
Identity theft occurs when a criminal uses key pieces of someone’s personal information such as a Social Security Number, driver’s license, credit card or bank account information to obtain credit or commit a crime in your name.
While some identity theft victims can resolve their problems quickly, others spend hundreds of dollars and many days repairing damage to their good name and credit record. Some consumers victimized by identity theft may lose out on job opportunities, or be denied loans for education, housing or cars because of negative information on their credit reports. In rare cases, they may even be arrested for crimes they did not commit.
What You Can Do
Due to the recently enacted The Fair and Accurate Credit Transaction Act (FACTA), you are entitled to one free credit report each year from one of the three major credit bureaus. To order your free credit report visit www.AnnualCreditReport.com* or call any of the numbers listed below.
- Equifax: 1-800-685-1111
- Experian: 1-888-397-3742
- Trans Union: 1-800-888-4213
Take some simple precautions to help protect yourself:
- Don’t give your personal information to a stranger who contacts you, especially by phone or via e-mail.
- Quickly remove your mail from your mailbox after delivery. Take any outgoing mail directly to the post office.
- Don’t carry unneeded identification and credit cards with you, such as your Social Security card. Keep them in a secure place such as a safe deposit box.
- Password protect your online and phone accounts.
- Destroy any receipts, statements, credit applications or other documentation.
If you think you have become a victim of identity theft, contact your local law enforcement agency and the Federal Trade Commission’s Identity Theft Hotline at 1-877-IDTHEFT.
The FTC and Washington State Attorney General post step-by-step directions on their websites for reporting identity theft and protecting your credit history.
Click here to download a pdf brochure put out by Federal Trade Commission regarding Identity Theft.