09/28/18 – Facebook has notified its users of a massive data breach affecting 50 million people. The breach impacts those who use Facebook credentials to log in to other accounts. If you were affected by the breach, Facebook logged you out of your account automatically. If you think you may have been impacted, change your Facebook password and consider enabling two-factor authentication.
08/22/18 – The Federal Trade Commission has released an alert on Bitcoin blackmail scams. In these schemes, scammers threaten victims with public disclosure of their “secret” unless they send a payment in Bitcoin. Refer to the FTC Alert for additional information.
Social media offers cybercriminals opportunities to manipulate people to their advantage. Many people don’t consider how much personal information is available online that could be used against them. Be cautious about how much information you are sharing on social media sites – if an attacker wanted to targe you personally, they could easily find your favorite hobbies or activities and then craft a relevant spear-phishing email or text.
We have compiled a list of recommended financial and information security practices for conducting financial business online. Click here to access this information.
There are many components to the topic of fraud prevention. OnlineOnGuard.gov is a valuable resource developed by the United States government where you can learn more about how to secure your computer, avoid scams, and protect children online. Highlighted below is important information on some of the topics addressed on OnGuardOnline.gov:
Maintaining a Safe Computer
Use Security Software that Updates Automatically – this applies to operating system software and web browsers too. Do not buy security software in response to unexpected pop-up messages or emails – especially those that claim to have scanned your computer and found malware. Scammers send messages to try to get you to buy worthless software – or worse – to break into your computer by installing malware.
Be Very Careful with Your Personal Information – every time you are asked to share personal information – via the Internet, an email, or even a text message – think first about whether you trust the request. Scammers will do just about anything to try to convince you to trust them. To learn more about phishing , read an article available through OnGuardOnline.gov.
Provide Personal Information over Encrypted Websites Only – if you are banking or shopping online, stick to sites that use encryption to protect your information as it travels from your computer to their servers. To find out if a website is encrypted, look for “https” at the beginning of the web address. Before submitting information, always double check that there is an “s” behind the http – the “s” stands for secure.
Create Strong Passwords and Keep them Safe – below are a few tips for creating and maintaining secure passwords:
– The longer the password, the tougher it is to crack. Use at least 10 characters; 12 is ideal for most home users.
– Mix letters, numbers, and special characters. Don’t use your name, birthdate, or common words.
– Don’t use the same password for many accounts.
– Don’t share passwords on the phone, in texts or by email. Legitimate companies will not send you messages asking for your password. If you get such a message, it’s probably a scam.
– Keep your passwords in a secure place, out of plain sight.
Avoiding Online Scams
Know Who You Are Doing Business With – try to find out more information from unknown Internet businesses by performing an Internet search for the company name and/or website to search for any negative reviews.
Use Caution when Wiring Money – it is very difficult to reverse a transaction that took place through a wire, therefore, fraudsters often insist that people wire money, especially overseas. Do not wire money to strangers. Don’t agree to deposit a check and immediately wire money – you are responsible for the checks you deposit.
Review Your Monthly Account Statements – if you see charges that are unfamiliar or that you did not authorize, contact your bank, card issuer or other creditor immediately.
Do Not Reply to Messages Requesting Personal Information – this includes texts, emails or Internet advertisements. Don’t click on links or call phone numbers included in the message.
Another great resource on fraudulent schemes is a pamphlet called Frauds and Scams which was developed by the Federal Reserve Bank. Included in the pamphet are some typical financial frauds and scams and suggestions for how to protect yourself and your money. Click here to view the pamphlet as a .pdf.
Identity theft occurs when one person’s identification (which can include name, social security number, or some other personal, financial, or medical information) is used or transferred by another person for unlawful activities. Online threats such as phishing, malware, or hacking can lead to identity theft. The State of Utah has a valuable online resource called IRIS containing information about identity theft as well as child identity protection. Visit Utah.gov for more information.
If your personal information is lost, stolen, or otherwise compromised, you can minimize the potential damage from identity theft.
Put a Fraud Alert on Your Credit Reports
Contact one of the three nationwide credit reporting companies, and ask them to put a fraud alert on your credit report:
The one company you call must contact the others. They will also place fraud alerts on your file.
A fraud alert can make it harder for an identity thief to open any accounts in your name. The alert stays on your credit report for at least 90 days. After you create an Identity Theft Report, you can ask for an extended alert on your file.
Review Your Credit Reports
After you place a fraud alert on your credit reports, you are entitled to one free copy of your credit report from each credit reporting company. Read the reports; check to see if your name, address, Social Security number, accounts, and other information are correct.
If the report shows accounts you did not open or debts that are not yours, contact the credit reporting companies to report the fraud and have them corrected. You may want to contact the security or fraud department of each company where an account was misused or opened without your permission, as well. Ask the company to send you proof that they corrected or closed the problem accounts.
Create an Identity Theft Report
An Identity Theft Report will help you resolve problems with credit reporting companies, debt collectors, and businesses that allowed the identity thief to open new accounts in your name. The Report can help you:
– get fraudulent information permanently removed from your credit report
– prevent a company from collecting debts that result from identity theft or selling the debts to others for collection
– get an extended fraud alert put on your credit report
It takes three steps to create an Identity Theft Report:
1. File an identity theft complaint with the FTC (http://ftc.gov/idtheft or phone – 1.877.438.4338)
2. When you file your complaint with the FTC, get a copy of the FTC affidavit that shows the details of your complaint. The online complaint site explains how to print your completed affidavit. If you file your complaint by phone, ask the counselor how to get a copy of the affidavit.
3. Take your completed FTC identity theft affidavit and go to your local police, or the police where the theft occurred, to file a police report. Get a copy of the police report or the report number
Your FTC identity theft affidavit plus your police report is the complete Identity Theft Report. Send copies of the Identity Theft Report to companies where you report fraud. Ask them to remove or correct fraudulent information in your accounts.
The Federal Reserve Bank has designed a booklet to help you understand what identity theft is, how it occurs, how you can protect yourself from becoming a victim, and what steps you need to take if it happens to you. We encourage you to review this valuable information; click here to view the booklet as a .pdf.
This page was created to provide security awareness to our customers as well as tips for protecting sensitive information in accordance with the Gramm-Leach-Bliley Act (GLBA). Click here if you are interested in learning more about GLBA.