|
Phishing |
Spyware |
Identity Theft
Over the past few years,
some of our customers
may have received email
from malicious
individuals or groups
posing as legitimate
financial service
companies, insurance
companies, and other
entities such as the
FDIC. These individuals
attempt to trick users
into revealing personal
information such as
Credit Card Numbers,
Personal Identification
Numbers (PINs), Social
Security Numbers and
Passwords.
These individuals use
this information to
perpetrate fraud and
financial crimes against
individuals and by the
time the victim realizes
it, it is too late. You
should be aware that:
Mechanics Co/operative
Bank will never send
unsolicited email or
other type of
communication request
asking you to verify any
of your personal or
financial information.
We will never send a
link to our website
through email without
telling you first or
without you requesting
us to do so.
If you receive a
suspicious request from
us please report it to
us at:
info@mechanics-coop.com
If you believe that you
gave out sensitive
information regarding
your accounts please
call us immediately at
508-823-7744.
PHISHING
How
Not To Get Hooked by a "Phishing"
Scam
Courtesy of
OnGuardOnline.gov
"We suspect an
unauthorized transaction
on your account. To
ensure that your account
is not compromised,
please click the link
below and confirm your
identity."
"During our regular
verification of
accounts, we couldn't
verify your information.
Please click here to
update and verify your
information."
Have you received
email with a similar
message? It's a scam
called "phishing" — and
it involves Internet
fraudsters who send spam
or pop-up messages to
lure personal
information (credit card
numbers, bank account
information, Social
Security number,
passwords, or other
sensitive information)
from unsuspecting
victims.
According to OnGuard
Online, phishers send an
email or pop-up message
that claims to be from a
business or organization
that you may deal with -
for example, an Internet
service provider (ISP),
bank, online payment
service, or even a
government agency. The
message may ask you to
"update," "validate," or
"confirm" your account
information. Some
phishing emails threaten
a dire consequence if
you don't respond. The
messages direct you to a
website that looks just
like a legitimate
organization's site. But
it isn't. It's a bogus
site whose sole purpose
is to trick you into
divulging your personal
information so the
operators can steal your
identity and run up
bills or commit crimes
in your name.
OnGuard Online suggests
these tips to help you
avoid getting hooked by
a phishing scam:
-
If you get an
email or pop-up
message that asks
for personal or
financial
information, do not
reply. And don't
click on the link in
the message, either.
Legitimate companies
don't ask for this
information via
email. If you are
concerned about your
account, contact the
organization
mentioned in the
email using a
telephone number you
know to be genuine,
or open a new
Internet browser
session and type in
the company's
correct Web address
yourself. In any
case, don't cut and
paste the link from
the message into
your Internet
browser — phishers
can make links look
like they go to one
place, but that
actually send you to
a different site.
-
Use anti-virus
software and a
firewall, and keep
them up to date.
Some phishing emails
contain software
that can harm your
computer or track
your activities on
the Internet without
your knowledge.
Anti-virus software
and a firewall can
protect you from
inadvertently
accepting such
unwanted files.
Anti-virus software
scans incoming
communications for
troublesome files.
Look for anti-virus
software that
recognizes current
viruses as well as
older ones; that can
effectively reverse
the damage; and that
updates
automatically.
A firewall helps
make you invisible
on the Internet and
blocks all
communications from
unauthorized
sources. It's
especially important
to run a firewall if
you have a broadband
connection.
Operating systems
(like Windows or
Linux) or browsers
(like Internet
Explorer or
Netscape) also may
offer free software
"patches" to close
holes in the system
that hackers or
phishers could
exploit.
-
Don't email
personal or
financial
information.
Email is not a
secure method of
transmitting
personal
information. If you
initiate a
transaction and want
to provide your
personal or
financial
information through
an organization's
website, look for
indicators that the
site is secure, like
a lock icon on the
browser's status bar
or a URL for a
website that begins
"https:" (the "s"
stands for
"secure").
Unfortunately, no
indicator is
foolproof; some
phishers have forged
security icons.
-
Review credit
card and bank
account statements
as soon as you
receive them to
check for
unauthorized
charges. If your
statement is late by
more than a couple
of days, call your
credit card company
or bank to confirm
your billing address
and account
balances.
-
Be cautious about
opening any
attachment or
downloading any
files from emails
you receive,
regardless of who
sent them. These
files can contain
viruses or other
software that can
weaken your
computer's security.
-
Forward spam that
is phishing for
information to
spam@uce.gov and
to the company,
bank, or
organization
impersonated in the
phishing email. Most
organizations have
information on their
websites about where
to report problems.
You also may report
phishing email to
reportphishing@antiphishing.org.
The Anti-Phishing
Working Group, a
consortium of ISPs,
security vendors,
financial
institutions and law
enforcement
agencies, uses these
reports to fight
phishing.
-
If you believe
you've been scammed,
file your complaint
at ftc.gov, and
then visit the FTC's
Identity Theft
website at
www.consumer.gov/idtheft.
Victims of
phishing can become
victims of identity
theft. While you
can't entirely
control whether you
will become a victim
of identity theft,
you can take some
steps to minimize
your risk. If an
identity thief is
opening credit
accounts in your
name, these new
accounts are likely
to show up on your
credit report. You
may catch an
incident early if
you order a free
copy of your credit
report periodically
from any of the
three major credit
bureaus. See
www.annualcreditreport.com
for details on
ordering a free
annual credit
report.
Back to Top
SPYWARE
Spyware Quick Facts
Courtesy of
OnGuardOnline.gov
Spyware is software
installed on your
computer without your
consent to monitor or
control your computer
use. Clues that spyware
is on a computer include
a barrage of pop-up ads,
a browser that takes you
to sites you don't want,
unexpected toolbars or
icons on your computer
screen, keys that don't
work, random error
messages, and sluggish
performance when opening
programs or saving
files.
To lower your risk of
spyware infections:
-
Update your
operating system and
Web browser
software, and set
your browser
security high enough
to detect
unauthorized
downloads.
-
Use anti-virus
software and a
firewall, and keep
them up-to-date.
-
Download free
software only from
sites you know and
trust. Enticing free
software downloads
frequently bundle
other software,
including spyware.
-
Don't click on links
inside pop-up
windows.
-
Don't click on links
in spam that claim
to offer anti-spyware
software; you may
unintentionally be
installing spyware.
-
Consider using anti-spyware
software.
Just when you thought
you were Web savvy, one
more privacy, security,
and functionality issue
crops up — spyware.
Installed on your
computer without your
consent, spyware
software monitors or
controls your computer
use. It may be used to
send you pop-up ads,
redirect your computer
to websites, monitor
your Internet surfing,
or record your
keystrokes, which, in
turn, could lead to
identity theft.
Many experienced Web
users have learned how
to recognize spyware,
avoid it, and delete it.
According to OnGuard
Online, all computer
users should get wise to
the signs that spyware
has been installed on
their machines, and then
take the appropriate
steps to delete it.
Back to Top
IDENTITY THEFT
Identity Theft
Courtesy of
OnGuardOnline.gov
What To Do If Your
Personal Information Has
Been Compromised
The bottom line for
online threats like
phishing, spyware, and
hackers is identity
theft. ID theft occurs
when someone uses your
name, Social Security
number, credit card
number or other personal
information without your
permission to commit
fraud or other crimes.
That’s why it’s
important to protect
your personal
information.
If your personal
information is
accidentally disclosed
or deliberately stolen,
taking certain steps
quickly can minimize the
potential for the theft
of your identity.
If the Stolen
Information Includes
Your Financial Accounts
Close compromised credit
card accounts
immediately. Consult
with your financial
institution about
whether to close bank or
brokerage accounts
immediately or first
change your passwords
and have the institution
monitor for possible
fraud. Place passwords
on any new accounts that
you open. Avoid using
your mother's maiden
name, your birth date,
the last four digits of
your Social Security
number (SSN) or your
phone number, or a
series of consecutive
numbers.
If the Stolen
Information Includes
Your Social Security
Number
Call the toll-free fraud
number of any one of the
three nationwide
consumer reporting
companies and place an
initial fraud alert on
your credit reports.
This alert can help stop
someone from opening new
credit accounts in your
name.
Equifax:
1-800-525-6285;
www.equifax.com;
P.O. Box 740241,
Atlanta, GA 30374-0241
Experian:
1-888-EXPERIAN
(397-3742);
www.experian.com;
P.O. Box 2002, Allen, TX
75013
TransUnion:
1-800-680-7289;
www.transunion.com;
Fraud Victim Assistance
Division, P.O. Box 6790,
Fullerton, CA 92834-6790
An initial fraud alert
stays on your credit
report for 90 days. When
you place this alert on
your credit report with
one nationwide consumer
reporting company,
you'll get information
about ordering one free
credit report from each
of the companies. It's
prudent to wait about a
month after your
information was stolen
before you order your
report. That's because
suspicious activity may
not show up right away.
Once you get your
reports, review them for
suspicious activity,
like inquiries from
companies you didn't
contact, accounts you
didn't open, and debts
on your accounts that
you can't explain. Check
that information — like
your SSN, address(es),
name or initials, and
employers — is correct.
If the Stolen
Information Includes
Your Driver's License or
Other Government-Issued
Identification
Contact the agencies
that issued the
documents and follow
their procedures to
cancel a document and
get a replacement. Ask
the agency to “flag”
your file to keep anyone
else from getting a
license or another
identification document
in your name.
Once you've taken these
precautions, watch for
signs that your
information is being
misused. For example,
you may not get certain
bills or other mail on
time. Follow up with
creditors if your bills
don't arrive on time. A
missing bill could mean
an identity thief has
taken over your account
and changed your billing
address to cover his
tracks. Other signs
include:
-
receiving credit
cards that you
didn't apply for;
-
being denied credit,
or being offered
less favorable
credit terms, like a
high interest rate,
for no apparent
reason; and
-
getting calls or
letters from debt
collectors or
businesses about
merchandise or
services you didn't
buy.
Continue to read your
financial account
statements promptly and
carefully, and to
monitor your credit
reports every few months
in the first year of the
theft, and once a year
thereafter. For more
information on getting
your credit reports free
once a year or buying
additional reports, read
Your Access to Free
Credit Reports.
If your information has
been misused, file a
report about your
identity theft with the
police, and file a
complaint with the
Federal Trade Commission
at
www.consumer.gov/idtheft.
Read Take Charge:
Fighting Back Against
Identity Theft for
detailed information on
other steps to take in
the wake of identity
theft.
Back to Top |