Fraud Prevention Tips: Protecting Your Identity
With the holidays behind us and tax season on the horizon, ‘tis the season for identity theft. In Pennsylvania, at least 11,300 keystone state residents fell victim to Internet scams in 2017 alone, and it seems like there is a new high-profile data breach in the news every month. As your community bank, we want to help you protect your identity and bank account from theft. Keep reading for our tips on protecting yourself from fraud. And remember, Muncy Bank will never ask for your personal information or password over the phone or in an email. If you have any questions about your Muncy account or debit card, contact us.
Password Creation and Management
In a 2014 study of account hacking, 30 percent of participants said they’d experienced an unauthorized login to their email or social media account. That figure has surely grown in the years since, as big data breaches have routinely made headlines. Most recently, Marriott disclosed a data breach from 2014 that leaves 500 million people more vulnerable to identity theft. These “third-party” breaches, along with phishing schemes, are cyber criminals’ primary strategies for stealing your password.
Your email address and password are particularly valuable because this combination can unlock other accounts. Many people use their email address to login to social media accounts and for online shopping. People also tend to use the same password across platforms, so once a hacker gains access to your email account, they may be able to quickly break into your other online accounts as well. Therefore, password security is the most important step you can take to protect yourself from identity theft. Here are our three top tips for password creation and management:
- Use a password manager service. Many security companies provide an automated way to follow the latest password security tips. If you haven’t already created a unique password for each of your accounts, and if you don’t change your passwords a few times a year, it’s probably because it feels like too much of a hassle or you are worried you won’t remember all of them. Let a password manager do it for you. These services will also create passwords that are long and random to prevent a human or computer from guessing yours.
- Don’t save your passwords in your browser. You may feel like your Google Account or browser is already performing the role of a password manager by suggesting strong passwords and saving them for you. However, these methods are more vulnerable to hacking than a password manager. If you’re not going to use one, write all your passwords down and save your list in a secure place with other precious documents like your passport.
- Don’t reuse old passwords. Some companies and institutions force users to change their password every so often. In this case it can be tempting to revert back to an older password you remember. However, once passwords are stolen they are usually posted on the “dark web” for other hackers to see. Continually creating new passwords is the only way to protect yourself from inadvertently using an already “public” login.
Identifying Email Phishing Attempts
Do you know how to spot a suspicious email? As mentioned above, phishing scams are a top hacking tool. This strategy is pronounced like the word ‘fishing’ because hackers send out a bunch of “bait” emails and wait to see how many people will bite. Simply put, a phishing email is intended to resemble a legitimate business email from your bank, cable service, or favorite retailer. The message may bear the same logo as the company it pretends to be from, and hackers have gotten better at avoiding spelling errors and mimicking professional language and phrases. However, it’s still pretty easy to identify a phishing email if you know what to look for.
- You’ve never done business with the sender. An email from a bank that’s not your actual bank? The wrong cable provider? A company you’ve never patronized? This is perhaps the easiest red flag. If you receive an “urgent message” from a sender you don’t have an account with, delete the message immediately without opening it.
- The writing seems “off.” Despite the increased sophistication of phishing email language, many hackers are based in countries where English is a second language. Therefore, a phrase may be spelled correctly but still use an odd-sounding word that a native speaker wouldn’t choose. If the language seems “off,” delete the message right away.
- Urgent calls to action. Hackers try to scare you into clicking on a fake link or giving them your login credentials. Remember that Muncy Bank and other companies will never ask for your password or other sensitive information. If you are unsure or concerned, call customer service for the company the email is supposedly from. Never give out your personal information or password. Also check a link’s real destination by hovering your cursor over it before clicking. If it doesn’t look right, don’t click.
Identifying Phone Scams
Your cell phone used to be a refuge from the constant telemarketing calls on your landline. Unfortunately, those days are long gone. It’s not uncommon to receive several calls a day from unknown numbers. Scam messages can also arrive by text. As with phishing emails, the objective of phone scams is to steal your money or personal information.
The two primary approaches phone scammers utilize are fear and temptation. They may say you’ve won a contest or offer an attractive investment opportunity. If it seems too good to be true, it probably is. On the other hand, you may receive a threatening call saying you owe money to a company or, particularly this time of year, to the IRS. If you don’t make a payment right now over the phone, scammers say, you could go to jail. In addition to requests for money, these “scary calls” may also try to get personal information out of you such as a password, social security number, and more. If you believe you’ve received a scam call, you can report telephone scams to the Federal Trade Commission, either online or by phone at 1-877-382-4357.
Looking Out For Credit Card Skimmers
While identity theft often plays out online, you can also have personal information stolen through physical interactions. Credit card skimming is when a small device is planted on an ATM or gas station pump. As you complete a legitimate transaction, your credit or debit card information is captured by thieves for use in online charges or the creation of a counterfeit card. The best way to avoid credit card skimming is to detect a tampered-with pin pad before you use it. Here’s what to look for:
- Some ATMS and gas station pumps may have a “security seal” on them. If it has been broken, that’s a sure sign the pin pad has been tampered with.
- The card reader is loose or can be moved with your hand.
- Additionally, the reader may stick out too far.
- The pin pad feels thicker than usual.
If anything seems amiss, don’t use the machine and let the gas station attendant or banking employee know.
What To Do If Your Identity Is Stolen
Despite your best efforts, identity theft can happen to anyone. If it happens to you, Muncy Bank is here to help. Visit our contact page to find the appropriate number to call with questions about fraudulent transactions or to cancel a lost or stolen card. You can also visit your local police station to file a report and get advice on what to do next. At the state level, contact the attorney general’s office to report scams and get help. Finally, the federal government also provides assistance through the FTC’s Bureau of Consumer Protection. Identity theft is traumatic, but you are not alone in experiencing it.
Note: Due to the government shutdown, you may not be able to file a complaint at this time.
We value your security. Give us a call or visit your nearest branch in Muncy, Hughesville, Clarkstown, Montoursville, Dewart, Linden or Avis anytime you need help with one of your personal or business banking accounts.
Want to learn more? Visit the American Banker Associations Protect Your Money page for more tips on safeguarding your finances and information.