The Equifax Data Breach: What to Do
September 8, 2017 Federal Trade Commission
If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies. Read More.
Recent reports show a rise in fake check scams throughout the United States.
Fake check scams occur when a fraudster convinces a victim to deposit a check, money order or cashier’s check to an institution, and then wire a portion of the funds back to them before the funds have cleared. The scammer typically tells the victim that they can keep the rest of the money from the check as a thank-you or promises to send more money when the wired funds are received. However, the victim ends up losing money in the end. Days or even weeks later, it’s discovered that the check was actually fraudulent, leaving the victim to pay back the entire amount of the check.
Remember, if it sounds too good to be true, it probably is. Never divulge personal information to someone you do not know or trust.
If you feel that you may have been scammed or if you provided your personal information to someone you don’t know, please contact us immediately.
The number of attacks on mobile devices is growing. The rise in the popularity of mobile devices has certainly made them a target for cyber-criminals. Banks work hard to protect customer information and customers play an important role. Any device used to connect to the Internet is at risk and we urge users to keep safety measures in place.
In recognition of National Cybersecurity Awareness Month, Wood & Huston Bank recommends that consumers take extra precaution to protect the data on their mobile device by doing the following:
- Use the passcode lock on your smartphone and other devices. This will make it more difficult for thieves to access your information if your device is lost or stolen.
- Log out completely when you finish a mobile banking session.
- Protect your phone from viruses and malicious software, or malware, just like you do for your computer by installing mobile security software.
- Use caution when downloading apps. Apps can contain malicious software, worms, and viruses. Beware of apps that ask for unnecessary “permissions.”
- Download the updates for your phone and mobile apps.
- Avoid storing sensitive information like passwords or a social security number on your mobile device.
- Tell your financial institution immediately if you change your phone number or lose your mobile device.
- Be aware of shoulder surfers. The most basic form of information theft is observation. Be aware of your surroundings especially when you’re punching in sensitive information.
- Wipe your mobile device before you donate, sell or trade it using specialized software or using the manufacturer’s recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen.
- Beware of mobile phishing. Avoid opening links and attachments in emails and texts, especially from senders you don’t know. And be wary of ads (not from your security provider) claiming that your device is infected.
- Watch out for public Wi-Fi. Public connections aren't very secure, so don’t perform banking transactions on a public network. If you need to access your account, try disabling the Wi-Fi and switching to your mobile network.
- Report any suspected fraud to your bank immediately.
What to Keep Where: From Bank Services to Document Storage Online
Certain financial papers and valuables are essential to keep secure and accessible. What should go where?
A safe deposit box may be the best place for important things that will be costly, difficult or impossible to replace and that you won't need to access immediately. Examples include property deeds, car titles and U.S. Savings Bonds that haven't been converted into electronic securities. In case there's a flood or other water damage, seal important documents in waterproof plastic bags or containers.
Anything that might be needed in an emergency — such as your original "power of attorney" (your written authorization for another person to take certain actions on your behalf) — should probably not be in your safe deposit box in case your bank is closed for the night, the weekend or a holiday. Depending on state law, it might take even longer to access your safe deposit box if you die.
For guidance on where to store your original will and other documents needed if you die or become disabled, check with an attorney. And for cash, a federally insured deposit account is the safest place. Money in a bank account is protected up to the FDIC's deposit insurance limits, unlike cash in a safe deposit box, a home safe or elsewhere. You can earn interest, too.
A home safe is less secure than a safe deposit box. A home safe is much easier for a burglar to get into, either by removing the safe or by forcing you or a family member to open it.
A waterproof emergency evacuation bag is the best place for essential items if you need to quickly leave your home because of a flood, fire or other crisis. Contents would likely include copies of identification cards, your birth certificate, and the front and back of your key credit and debit cards.
The Internet gives you options to keep copies of certain valuable items that you want to access from anywhere. Examples include some of the same documents in your emergency bag (in case you are away from home when a disaster strikes) as well as pictures or videos of your home's contents for insurance purposes. An online "cloud" storage service from a reputable provider is one possibility. Another strategy is to e-mail yourself copies. "But remember to choose passwords that will be difficult for someone to guess, and only access your account through a secure Internet connection and not over a public Wi-Fi network." In general, decide who you want to be able to access your personal and financial documents in an emergency. A trusted family member who would be responsible for your affairs if you suddenly become disabled or die should know where you may have a safe deposit box or a safe and where to find important documents.
The Heartbleed Bug has grabbed lots of headlines and impacted internet sites that use a type of OpenSSL encryption. Wood & Huston Bank does not use this type of OpenSSL encryption for electronic banking.
You might be exposed to Heartbleed problems on secure and unsecure sites if you reuse you passwords from site to site rather than having an individual password for each site, which is highly recommended. Should your unsecure site’s password be compromised and you use it on other sites, fraudsters can simply use your stolen
credentials from the unsecure site to gain access to your other accounts. As we have always recommended, y ou should have a unique username and password for individual banking, financial and healthcare websites to avoid just such a situation.
According to CNET, Google, Facebook, YouTube and Yahoo!, among others, were vulnerable to Heartbleed and have patched their systems. They recommend a password change and a change to any other sites that simply used the same passwords. More details and the top 100 sites’ vulnerability status can be found at http://www.cnet.com/how-to/which-sites-have-patched-the-heartbleed-bug/ Watch the sites you use for updates on their statuses.
Security experts urge consumers to change their passwords, after the websites they use have run the available patch.
Again, Wood & Huston Bank does not use OpenSSL encryption for electronic banking. Protection of customer information is our highest priority and we will continue to monitor our banking platforms as always.
Crooks hijack retirement funds via SSA portal
September 18 Krebs on Security
The Social Security Administration (SSA) and financial institutions reported a rise in identity theft cases where criminals register as account on the SSA Web portal in the name of a retiree and then divert the benefits to themselves in the form of prepaid cards. Read more.