Posted March 5, 2014
National Consumer Protection Week 2014
Five Key Tips From the FDIC for National Consumer Protection Week
No matter your age or stage in life, it’s important to have as much information as possible to effectively manage your money and avoid financial frauds and scams. That’s why, in observance of National Consumer Protection Week 2014 (March 2-8), the FDIC will post information about a specific topic each day on the agency’s web site, along with links to helpful FDIC Consumer News articles, to encourage discussion and provide tips about what you need to know to save and protect your money.
Click here to view the 5 key tips posted daily.
The goal of FDIC Consumer News is to deliver timely, reliable and innovative tips and information about financial matters, free of charge. To find current and past issues of FDIC Consumer News, visit www.fdic.gov/consumernews.
Posted March 4, 2014
Hotmail Email Account Scam
Cybercriminals are trying to trick Hotmail users into handing over their credentials with fake emails that claim to come from "The Microsoft account team." The emails, analyzed by researchers from Malwarebytes, inform recipients that their Hotmail account is upgraded to Outlook.
The scam claims their Hotmail Account has expired and that due to a new system upgrade to Outlook they need to follow the link, sign in and re-activate their account.
The email address is spoofed and the link points to a website whose owners are probably not aware of the fact that they’ve been hacked.
Posted February 27, 2014
Important Security Announcement for Computers Running Windows XP
Microsoft will no longer provide support for computers running Windows XP after April 8, 2014.
Microsoft provides current operating systems with regular security updates. After April 8, 2014, they will stop providing these updates for computers running the Windows XP operation system. If your computer is running on Windows XP, and you use it to access the internet, it is highly recommended that you consider upgrading your computer before the April 8th deadline. Upgrading your computer will insure that you are provided with access to the latest updates from Microsoft necessary to protect it from malware and other vulnerabilities that can potentially compromise the information stored or accessed on that computer.
You can click here to see what version of Windows you are using:
Using Windows XP after April 8, 2014 puts your computer and your personal information at risk. Your personal computer security is your responsibility. First Federal encourages all users of Windows XP to consult with a computer professional for upgrade options as soon as possible, or alternatively, replace the computer with a new one.
Posted January 29, 2014
Credit Card Fraud Alert - $9.84
News agencies are issuing fraud alerts related to consumer complaints reporting a charge to your credit card in the amount of $9.84. We encourage you to closely monitor all your credit card activity and confirm the charges.
Credit card scam artists believe that many cardholders will ignore small dollar amounts listed on their credit cards. If you do see a charge for $9.84 that you cannot verify, please contact your credit card provider immediately: you can then request a new card and place a fraud alert on your credit file. Learn More
Please click on the links below to read more information.
Finance Yahoo News
USA Today News
Posted January 24, 2014
Target Debit Card Fraud
In mid-December Target Stores announced that they experienced a data breach. It is believed that as many as 40 million debit and credit cards used at their stores and 70 million customer data records have been compromised. Target has been active in reaching out to all their affected customers. Target is offering one year of free credit monitoring to all Target guests who shopped in U.S. stores, through Experian’s® ProtectMyID® product which includes identity theft insurance where available. For additional information, please visit the link below to view their latest updates.
First Federal’s Commitment to You, Our Customer:
- In late December, First Federal was notified of customers who shopped at Target during the data breach time period and those customers were issued new cards.
- Please be assured that our Customers are protected from any loss related to debit card fraud by Regulation E. This Regulation provides 100% protection and zero liability to customers for any unauthorized transactions in events such as these.
- We continue to monitor accounts for unusual activity and will alert you of any suspicious activity.
- There has been some discussion in the media regarding the safety of using your card as “credit” versus “debit”. However, when card data is breached, there is no difference.
- We will periodically update this site as additional information becomes available. Your safety and peace of mind is important to us.
- We encourage you to review the recommendations below. We have also provided a link to our security tips for good advice on how to keep your information safe and secure.
FIRST FEDERAL recommends the following to help keep your information safe:
1) Watch your account closely for any suspicious activity. If you see any transactions that are fraudulent, please call us at 360/417-3204. If you have online banking, you have the ability to check your account when you are able to and as often as you would like.
2) You can set up balance alerts to receive notification of any unexpected changes in your account.
3) If you are one of our customers affected by the Target breach, we encourage you to enroll in the free year of credit monitoring and identity theft protection that Target is offering.
4) We know that customer education is the first line of defense against these scams and have compiled the following tips and resources to help in this education process. Below are some of the valuable resources available to you via our First Federal website.
Important Tip – “Phishing” Education:
There has been a worldwide increase in phishing scams. Phishing refers to criminal activity that attempts to fraudulently obtain sensitive information, such as your social security number, driver’s license, credit card and/or bank account information. We know that customer education is the first line of defense against these scams and have compiled the following tips and resources to help in this education process.
- Please do NOT respond to any email that directs you to update your personal information by dialing a telephone number. Only use the customer service number that is listed on the back of your credit/debit card.
- Phishing scam artists try to replicate the look and feel of the company they are scamming. Be sure to check the website address and the “look and feel” of the information being sent. Does the email ask you to do something that seems unusual or ask you to provide personal information? When in doubt, please contact the sender to confirm. Our Contact Center is available to take your phone call (360) 417-3204 Monday-Thursday 8:00 am to 5:30 pm, Friday 8:00 am to 6:00 pm, and Saturday 9:00 am to 1:00 pm.
- Below are additional resources available to you via our First Federal website.
October - National Cyber Security Awareness Month
This year marks the tenth anniversary of National Cyber Security Awareness Month sponsored by the Department of Homeland Security in cooperation with the National Cyber Security Alliance and the Multi-State Information Sharing and Analysis Center
5 Ways to Protect Your Small Business
7 Tips for Protecting Yourself Online
8 Tips to Protect Your Identity
10 Ways to Protect Your Mobile Device
TurboTax Scam - February
We have been made aware of fraudulent emails that appear to be related to TurboTax. The email does not contain a link; however, the email has a .zip attachment that contains malware. If you receive emails that appear to be from TurboTax stating that “Your State Return Has Been Rejected,” please be aware that these are not from First Federal or TurboTax. Please heed the following:
- Do not open the attachment in the email.
- Do not forward the email to anyone else.
- Delete the email.
If you have any questions please contact First Federal Customer Service 417.3204 or 800.800.1577.
Below is a copy of the fraudulent email – the attachment was named “TAX_610717852.zip”
Frequently Asked Security Questions about online banking.
Q I'm still hesitant about banking online. Can other people see my account information?
Your account information is just as secure as it is at our physical brick and mortar bank. We've taken every step possible to be sure our system meets the latest security standards, including using the latest security encryption methods and software.
Q What about filling applications out online? How secure is that?
Filling out applications online is as secure as the Online Banking System. Your entire session, from beginning to end, is encrypted. Our system supports 128-bit encryption, so you can also use the latest browser from Netscape or Microsoft that supports this security level. In fact, the highest encryption Netscape and Microsoft browsers support is 128-bit, so you will be using the highest bit encryption currently available if you use a 128-bit encryption capable browser.
Q I keep hearing a lot about encryption? What exactly is it, and why does it make everything more secure?
Encryption is basically a way to rewrite something in a code which can then be decoded later with the right key. The encryption we use employs a mathematical process for the key which is made up of a certain number of bits (hence, 128-bit encryption). The higher the number of bits, the better the encryption. While using our Online Banking System, all communication from you to the system and from the system to you is encrypted using a maximum of 128 bits. In other words, when you send information to the system, your browser encrypts it using a 128-bit key, then sends it to the system. The system then decodes the information you sent it using the key (which is predetermined when your Online Banking session is started) and processes it.
Q What about information that is stored? Is it encrypted as well?
Information stored on our system is also encrypted using at least 128 bits.
During the course of the day you may write a check, charge tickets to your favorite event, mail your bills, call home, or apply for a credit card. Normally you wouldn't give these transactions a second thought. But someone else may.
The age of information technology has created a new line of crooks called identity thieves. With each transaction, you may share personal information; your credit card number, account number, social security number, name, address, and phone numbers. An identity thief may capture this information without your knowledge and commit fraud or theft. And you may not even know it until months later.
How do thieves get your information?
They use a variety of methods such as:
- Stealing wallets and purses containing identification and credit and bank cards.
- Stealing mail, including bank and credit card statements, pre-approved credit offers, new checks, or tax information.
- Rummaging through your trash, or the trash of businesses or dumps in a practice known as "dumpster diving."
- Stealing credit and debit card numbers as your card is processed by using a special information storage device in a practice known as "skimming."
- Completing a "change of address form" to divert your mail to another location.
Once they have your personal information they may:
- Go on a spending spree using your credit and debit card numbers to buy "big-ticket" items like computers that can easily be resold.
- Open a new credit card account, using your name, date of birth, and Social Security Number. When they don't pay the bills, the delinquent account is reported on your credit report.
- Take out auto loans in your name.
- Establish phone or wireless service in your name.
- Create counterfeit checks or debit cards, and drain your bank account.
- Give your name to the police during an arrest. If they are released and don't show up for their court date, an arrest warrant could be issued in your name.
How can you tell if you are a victim?
Monitor the balances of your financial accounts. Look for unexplained charges or withdrawals. Pay attention to your mail; if you fail to receive bills or other mail your address may have been changed. You may be denied credit for no apparent reason, or you are receiving calls from debt collectors or companies about merchandise or services you didn't buy.
The key to protecting your identity and minimizing your exposure to potential damage is to exercise caution!
- Make sure all of your credit card, bank, and phone accounts have strong passwords. Do not use easily available information like your mother's maiden name, your birth date, the last four digits of your social security number or a series of consecutive numbers. When asked for your mother's maiden name, use a password instead.
- Secure your personal information in your home, especially if you have roommates, employee outside help, or are having service work done in your home.
- Don't give out personal information on the phone, through the mail, or over the Internet unless you've initiated the contact and you are sure you know who you are dealing with. Identity thieves can be skilled liars and may even pose as representatives of banks, service providers, or government agencies to get you to reveal identifying information. You may even receive an e-mail message that looks legitimate, but is really part of a "Phishing" scam.
- Guard your mail from theft. Deposit outgoing mail in post office collection boxes or at your local post office and not unsecured mail boxes. If you are planning to be away from home, stop by your local post office and place a hold on your mail. Or call the US Postal Service at 1-800-275-8777 to ask for a vacation hold.
- Don't leave your trash out in the open. To thwart a thief who may pick through your trash or recycling bins, tear or shred your charge receipts, copies of credit applications or offers, insurance forms, medical statements, checks and bank statements, and expired charge cards.
- Limit the identification information and the number of credit and debit cards that you carry to what you will actually need. Keep your purse or wallet in a safe place!
- Your computer may be a gold mine of personal information. Be sure to update your virus protection software regularly. Look for security repairs and patches you can download from your operating system's Web site. Don't download files from strangers or click on hyperlinks from people you don't know. Opening a file could expose your system to a virus or program that could hijack your modem. Use a firewall, especially if you have a high-speed or "always on" connection to the internet.
- Be sure you are dealing with a legitimate Web site when providing credit card information online. Look for a logo of a padlock or other indication that card numbers are protected during Internet transmissions. In addition, only provide your credit card information when you originate a transaction, not in response to an unsolicited call or e-mail, which may be fraudulent.
- Check your credit report at least annually. Under the Fair and Accurate Credit Transactions Act (FACT Act) consumers have access to one free credit report each year. You can request a copy through www.annualcreditreport.com, the only service authorized by Equifax, Experian, and TransUnion - the three major credit bureaus. Additionally, you may request a copy by phone or e-mail.
||Annual Credit Report Request Service
PO Box 105281
Atlanta, GA 30348-5281
Web sites with more information:
What is Phishing?
Phishing is the practice of sending fraudulent e-mail messages requesting someone to supply confidential information. The e-mail is disguised to look like a request from a legitimate organization such as a bank, credit card company, or a retail merchant with which recipients may already have a business relationship. Often the message includes a warning regarding a problem related to the recipient's account and requests the recipient to respond by providing specific confidential information. The format of the e-mail typically includes proprietary logos and branding, a "From" line disguised to appear as if the message came from a legitimate sender, and a link to a web site or an e-mail address.
All of these features are designed to assure the recipient that the e-mail is from a legitimate business source. Victims may be directed to provide personal account information by responding to the e-mail, or they may be directed to click on a link that takes them to a legitimate looking web page containing a form on which they are instructed to provide information. Typically, the information requested includes account numbers, passwords, Personal Identification Numbers (PINs), Social Security numbers or other personal identifying information that will allow the perpetrator to gain access to the victim's accounts.
First Federal will never send an e-mail to a customer asking for any personally identifiable information. While you may occasionally receive an e-mail from First Federal, the e-mail will not contain personal information and will be informative in nature regarding products and services First Federal is offering, or information on transactions associated with your online banking service. You have the option of "Opting Out" of promotional e-mail by signing in to your Online Banking Service, and updating your user options.
Who do you call if you suspect you are a victim?
Call the fraud department at any one of the three major credit bureaus. Ask for a fraud alert to be placed in your file at all three companies. The alert tells lenders and other users of credit reports to be careful before opening or changing accounts in your name. The toll free numbers for the fraud departments are:
- Equifax 800-525-6285
- Experian 888-397-3742
- TransUnion 800-680-7289
Call your bank, credit card company or any other financial institution that may need to know. Ask to speak with someone in the security or fraud department and follow up with a letter if necessary, close old accounts and open new ones, and select new passwords and "PINs".
Call your local police or the police where the identity theft occurred. Fill out a police report that will detail what happened and get a copy for future reference.
Call the Federal Trade Commission. Call toll-free 877-IDTHEFT (877-438-4338). Also, an "ID Theft Affidavit" available on the FTC Web site can be used to help you prove you are an innocent victim and help you keep debts you did not incur from appearing on your credit report.