Defending Yourself Against Identity Theft

  • 03 Jul 2017
  • Posted by Amarasco

As technology advances, you can be sure that identity thieves are not far behind. Here are some common methods cyberthieves use to steal your personal information and how you can increase your security while shopping or banking.

Phishing/vishing

Your email messages may not be quite what they appear to be if you’re targeted by a phishing scam.

Phishing is the act of sending fraudulent emails that seem to come from familiar businesses. These messages contain links to phony websites designed to steal personal information either directly or through malware and keyloggers. Often you’ll see a problem referenced with a request to click on the link provided to correct it. Once you’ve entered your information, ID thieves can access your accounts.

Vishing is the telephone version of phishing. Callers are sometimes bold enough to suggest the victim call back to verify authenticity. But the vishers don’t actually hang up; instead they play a recorded dial tone to make the victim believe he’s making a call.

Debit and credit card fraud

Most shoppers love the convenience of plastic, and identity thieves use this to their advantage whether it involves skimming, phishing, vishing, malware, mail theft or just looking over a victim’s shoulder to steal account numbers. When debit cards are compromised, it’s particularly alarming because fraudulent purchases drain your checking account instantly.

BEC scams

Business email compromise, or BEC, scams have cost companies more than $1.2 billion. A phony email from a CEO requesting that funds be transferred per attached instructions is sent to an employee. Because the email appears to come from the employee’s superiors, and because the message so closely resembles requests this employee receives regularly, the transfer is often made without question. The money then ends up in overseas accounts that are almost impossible to trace.

Tips to protect yourself

To even further reduce fraud risk:

  • Install the latest editions of antispyware, antivirus, firewalls and browsers to all devices, and password-protect them.
  • Use strong passwords for all accounts and change them frequently.
  • Monitor accounts and credit reports to detect fraud early
  • Don’t use public Wi-Fi networks for financial transactions.
  • Keep cards away from public view, and shred personal documents before discarding.
  • Opt in for two-factor authentication on accounts.
  • Turn off bluetooth and near field communication when not in use.
  • Don’t click on email links. Type full web addresses to access business websites.
  • Never share sensitive information with unsolicited callers or email senders.
  • To verify calls, hang up for at least one minute to insure the first call is disconnected.
  • To protect your business from BEC scams, use a two-step verification process for all money transfers. Verbal confirmation is also wise.

Staying informed and adopting smart fraud prevention practices will go a long way toward protecting your identity. Between your efforts and your bank’s security, you should be able to stay a step ahead of identity thieves.

© Copyright 2016 NerdWallet, Inc. All Rights Reserved

 

Read More

Travel and Holiday Financial Security Tips

  • 23 Dec 2015
  • Posted by Amarasco

The Holiday Time is a popular time for holidaying and traveling. We want to help you keep your banking safe and secure, easy and hassle-free. Here are some helpful tips you can use to look after your finances while you’re traveling.holiday-travel

Security

You should make sure your cards are kept safe while you’re on holidays, just as you would when you’re at home.

• Keep your card, PIN and online banking secure code safe and secure at all times, remember your pin and

do not write it down
• Register for eStatements so future statements don’t come in envelopes which means your account details can’t being intercepted at the mailbox. With eStatements, you can retrieve your current and previous statements online via Online Banking, at a time that suits you.
• Never hand over your card where it is taken out of your sight.
• Carefully check ATMs for suspicious devices and select another ATM if you’re unsure.
• Pay attention when making purchases - normally your card should only be swiped once, and if a transaction is cancelled or unsuccessful, ask for a copy of the cancellation.
• Use Online Banking to keep track of the transactions you’ve made, so you can quickly spot and notify anything out of the ordinary. also, it’s a good idea to have your mail redirected or collected while you’re away.

Let your bank know if you’re traveling overseas

If you’re lucky enough to be traveling overseas, just let your bank know so they can look out for unusual transactions.

• Have travel insurance organized prior to going and take the details of how to contact the insurer in case you need to report an incident/make a claim.
• Make sure your cards won’t expire while away and contact your bank beforehand if they will
• Look at taking a ‘mixed wallet’ overseas – a combination of a number of ways to get foreign cash/pay for purchases. For example, it may be worthwhile taking a small amount of currency and currency of the country you’re going to, plus a debit and credit card.

Don’t make it easy for pickpockets

With a bit of planning you can ensure that pickpockets and travel scams which are common overseas don’t happen to you.

• Most people usually keep their wallets in their back pockets, they’re easy to pick, so use an inside pocket or hard to reach place instead
• Even consider limiting the amount of cash you require to carry on you at any one time
• Only take or carry the items you really need rather than all your cards and ID
• Keep handbags and backpacks in front of you, locked if possible and never let them out of your sight.
• Keep your cards and cash in different places so you have a back-up if your pocket is picked or bags are lost or stolen
With a bit of planning, you will have your finances all safely organized. Now you can get on with riding the waves, skiing the slopes, tasting the exotic foods and taking all those wonderful photos.

Enjoy your traveling holidays.

 

Read More

Your History Lesson, featuring the ATM

  • 20 Oct 2015
  • Posted by Amarasco

ATM-PhotoATM, cashpoint, hole in the wall...regardless of how you refer to it, chances are you’ve experienced standing in front of one, and in line for one, more than you realize. Maybe you’ve been outside in subzero temperatures, maybe an absurd service fee has been inflicted upon you, or even a combination of the two.

Nearing its 50-year anniversary, the now ubiquitous cash dispenser made its debut in 1967. Though its uniqueness is undeniable, its origins are a bit knotty. It’s been said the first cash machine appeared in Japan, though there’s very little published on the matter. Whether or not that’s true, Europe certainly had the most successful implementation of after-hours cash dispensers, a response from bankers to the rising labor costs and unionization.

The automated teller machines of today are essentially the culmination of several inventions from multiple people over a few decades. The history is confusing, but we’ve decided to take it upon us to break it down.

In 1960, American inventor and businessman Luther Simjian persuaded a New York City bank to purchase a few of his Bankograph machines, a machine that could accept cash or check deposits at any time of day or night. So that customers could trust that they would in fact see their loot again, a camera inside took a snapshot of each deposit, dispensing a photocopy receipt.

Well, unfortunately for Simjian, his automatic-deposit machines didn’t quite take off, quite possibly due to his niche market. “The only people using the machines were prostitutes and gamblers who didn’t want to deal with tellers face to face,” he once said.

Then there was John Shepherd-Barron. A Scottish inventor, it’s been said he had a flash of genius for a cash dispensing machine while soaking in the bathtub. Using paper vouchers printed with radioactive ink, Shepherd-Barron’s first ATM was installed at a Barclays branch in London during 1967. Customers entered an identification code and withdrew a maximum of £10, translating to about $15 today.

By the end of the 1960s, engineer, and former professional baseball player, Donald Wetzel had the first automated banking machine installed in the U.S. on Long Island. This machine, like today, used plastic cards where account information was stored in magnetic strips. Dozens of banks followed suit, outfitting their branches and installing ATMs in cities and beyond.

The true value of ATMs was confirmed in 1977, when Citibank’s chairman had ATMs installed throughout New York City – that winter a blizzard dumped some 17 inches of snow that blanketed the city and essentially shut it down. ATM use increased by 20 percent during that snowstorm.

Several bankers, engineers and inventors would’ve liked to lay claim to the birth of the ATM. But in reality it was the culmination of each of them attempting to design a different aspect of a machine that would one day even be in Antarctica.

Pretty cool, right?

(And even cooler: Howard Bank does not charge ATM fees.)

 

Want to learn more?
Automated Teller Machines
A Brief History of the ATM
Long Live the ATM
Top 10 Things You Didn't Know About Money
Read More

Protect Yourself from ID Theft

  • 15 Jul 2015
  • Posted by Amarasco

Protect Yourself from ID Theft

 

Identity theft is everywhere. Turn on your TV, and you'll see "special reports" on how to prevent it. Turn on the radio, and hear ads for services pledging to protect you from it. Search for it on Google, and you get 140 million results. In fact, according to a

2013 report by Javelin Research, there is one incident of identity fraud every three seconds.

The Javelin report also shows that the number of identity fraud incidents increased by 1 million consumers in the past year and the dollar amount stolen increased to $21 billion.

Fortunately, there are some easy ways to lower your risk of becoming another ID theft victim.
Don't over-share on social networking websites

Thanks to social networking sites such as Facebook and LinkedIn, people are now putting unprecedented levels of personal information online, and many aren't doing enough to keep it away from would-be criminals. A 2011 Javelin report found longtime social networking users were almost twice as likely as those newer to social networking to become victims of ID theft.

"The Internet has turned into this place where the less-educated consumer will willingly give up information in places where they just shouldn't," says Sean Brady, director in the identity management protection group for RSA, an information security firm based in Bedford, Mass.

The good news is you can protect yourself, Brady says. He recommends setting your privacy settings at the highest level and not sharing facts like your exact birth date, including the year, or information that could be used to answer your security questions such as your mother's maiden name.

Ultimately, Brady says social media users will have to decide how much information they're willing to disclose and weigh it against the benefits of social networking.
Maintain anti-virus and anti-malware software

Increasingly, identity thieves are using viruses and harmful programs known as malware to steal Americans' financial information, says Michael McKeown, supervisory special agent, FBI Cyber Division.

These programs can enter your personal computer in several different ways, the most common being email with links or attachments that when clicked on, install malware on your machine. From there, they can record keystrokes to mine passwords, hijack online banking sessions and probe your PC for financial information.

Beside keeping anti-virus and anti-malware software up to date, another way to prevent yourself from being hurt by malware is to keep the financial information on your PC limited, Brady says. He advises consumers to decline every time you're asked to save your password when you're logging on to a financial site.

"Malware these days, that's one of the first areas that it goes to, the location where all that's kept," Brady says.
Handle financial documents with care

Physical documents aren't as much of a threat as they once were, simply because stealing them from a mailbox or the trash can be dangerous work for thieves, Brady says. Still, the key to minimizing the risk is storing needed documents carefully and destroying the ones you don't need.

"A shredder is your friend," says Steven Toporoff, attorney with the Federal Trade Commission's Division of Privacy and Identity Protection.

Certain documents need to be retained for tax and other purposes. "Short of that, you should be shredding documents regularly that you no longer need, especially those that have any kind of account number or identifying information," Toporoff says.

Also, shred any kind of financial solicitations you get in the mail, especially those credit card offers containing blank checks.
Create strong passwords

In a world where online banking is increasingly ubiquitous and access to large chunks of your net worth is just a username and password away, having a strong password is important.

That's because once thieves have zeroed in on your email address or account username, they'll often try to guess your password, either manually or using a computer program to try thousands of passwords until they find the correct one.

To keep from becoming a victim of ID theft, stay away from obvious passwords. "'12345' is just not a good password," Brady says. "Everybody has passwords that he can remember -- mnemonics or very personal things that are better passwords that aren't publicly known."

Incorporate spaces, special characters, and lowercase and uppercase letters. "Whatever your password is, (it) should not be a word that's found in the dictionary," he says.

McKeown says using multiple passwords also can limit the damage a thief can do, especially for your online banking accounts.
Be careful with unsecured Wi-Fi

It may be convenient to do online banking at a cafe or to keep your home Wi-Fi network unsecured to avoid typing a password, but criminals have become increasingly adept at intercepting unsecured Wi-Fi communications, Toporoff says.

"You don't want to do banking or to look up your financial accounts in a Wi-Fi situation where it's not secure," he says. "Others who are sitting there with you on the same network conceivably can get access to your information."

To protect yourself, Toporoff recommends putting a password on your home Wi-Fi network and waiting until you get home or to another secured network to make financial transactions.
Don't be reeled in by phishing scams

Phishing, or the practice of sending out fraudulent emails soliciting financial information or getting users to click on virus-laden links or attachments, is a growing identity theft threat, RSA's Brady says.

That's because phishing emails have grown increasingly convincing, thanks to growing information available to thieves about you to make the emails more persuasive. Brady says consumers are seeing emails, referring to them by name and containing their address, friends and family names or their job stolen from social networking sites and data breaches, known as "spear phishing."

Brady cites one example of spear phishing as the 2011 data breach at Dallas-based marketing firm Epsilon, where thieves accessed millions of Americans' email addresses and names.

"That gave the ability ... to send personalized emails that have a greater chance of success," he says.

To avoid becoming a victim, read emails carefully before clicking on links or attachments, especially if an email comes from out of the blue or asks for personal or financial information, Toporoff says.

Instead of clicking on such links, Toporoff recommends contacting the company directly, using contact information you know to be accurate.
Monitor credit and bank accounts closely

Checking your credit card and debit card statements online on a daily basis is a good way to limit the damage that fraudsters can do to your accounts, McKeown says.

That's especially true now. You may remember those ID theft commercials with a male actor talking in a dubbed female voice about the fraudulent purchase of a pricey $1,500 bustier, but many thieves are actually smarter than that these days, McKeown says. Instead of making a big, obvious purchase likely to trigger a fraud alert, thieves will charge small amounts under $20, hoping to remain undetected and keep the card number active as long as possible.

To be sure, ID thieves don't limit themselves to existing accounts. Javelin's 2011 study found that although it's less common, when thieves are able to establish new accounts in a victim's name, the average loss per incident is a whopping $7,350 compared to just $4,197 for fraud committed using existing accounts. The report says new-account fraud is harder to detect.

To avoid being a victim of new-account fraud, get regular, free credit reports. Using this strategy will help you identify any new, unauthorized accounts that have been opened in your name.

 

Read More

Your Security, Business Account Takeover

  • 06 Jul 2012
  • Posted by Admin

Business Account Takeover is the business equivalent of personal identity theft. Businesses not only need to protect themselves from identity theft but also ensure they have protections in place so that they do not have a business account takeover.

Hackers, backed by professional criminal organizations are targeting small and medium businesses to obtain access to their web banking credentials or remote control of their computers. These hackers will then drain the deposit and credit lines of the compromised bank accounts, funneling the funds through channels that quickly redirect the monies into other accounts not owned by the business.

Avoid Business Account Takeover

A business account takeover is generally initiated by opening email or visiting legitimate websites and clicking on links, documents, videos or photos that unknowingly install malware programs designed to collect sensitive permissions and passwords. Sophisticated versions of malware can even capture token-generated passwords, alter the display of a website to a user, or display a fake website indicating the bank's website is down.

Once installed, the malware provides information to hackers to impersonate the business in online banking sessions. To the banks, the credentials look just like the legitimate user. The hackers then move funds via wire transfers or ACH (electronic) transactions to other accounts not owned by the business.

Many hackers are currently targeting small and medium size businesses, municipalities, and non-profit organizations that may not have the sophisticated detection software or internal controls of larger businesses. Nevertheless, there are several steps a small business should consider to reduce the likelihood of a business account takeover.

Protect Yourself

  • Use a dedicated computer for financial transactional activity. DO NOT use that computer for general web browsing and email.
  •  Never open attachments or click on links from unsolicited emails.
  • Apply operation system and application updates (patches) regularly.
  • Use the latest versions of Internet browsers, such as Internet Explorer, Firefox or Google Chrome with "pop-up" blockers and ensure that updates (patches) are most recent versions.
  • Use and maintain updated spam filters and anti-virus software.
  • Have host-based firewall software installed on computers.
  • Turn off your computer when not in use.
  • Segregate responsibilities; require one person to enter/perform a transaction and a second person to approve the transaction.
  • Do not approve transactions by batching them together, be sure to review and approve each one individually.
  • Review your banking transactions daily.
  • Use a dedicated bank account for ACH and wire transactions, only funding that account before you initiate transactions.
  • Contact your information technology provider to determine the best way to safeguard the security of your computers and networks.

Potential Signs Your Computer System May Be Compromised

  • Inability to log into online banking.
  • Dramatic loss of computer speed.
  • Changes in the way things appear on the screen.
  • Computer locks up so the user is unable to perform any functions.
  • Unexpected rebooting or restarting of the computer.
  • Unexpected request for a one time password (or token) in the middle of an online session.
  • Unusual pop-up messages, especially a message in the middle of a session that says the connection to the bank system is not working.
  • New or unexpected toolbars and/or icons.
  • Inability to shut down or restart the computer.
Read More

Your Security, Identity Theft

  • 20 Jun 2012
  • Posted by Admin

Identity theft is a growing problem and consumers need to take measures to protect themselves at all times.  Awareness is one of the best deterrents against fraud. Criminals can steal your identity in many ways, and are inventing new avenues every day.  Howard Bank takes real interest and responsibility in protecting our customers against fraud, and while we have many checks in place to detect deceitful activity, we both can only benefit from customers who are

educated on the risks.

Avoid Identity Theft and Online Fraud

Scams such as Spoofing and Phishing to commit identity theft are becoming more prevalent. Identity theft involves the use of your personal information - your name, Social Security number, credit card, bank account numbers, or other identifying information - by someone else, to commit fraud or other crimes.

E-mail Phishing - Involves you receiving an e-mail, with something similar to “Official Information” or “Online Banking Problem” in the subject line, that appears to be from a legitimate company. It may even include the company's logo and a link to an Internet address that looks appropriate. This e-mail directs you to link to a website where you are to supply account or personal information. This is not normal operating procedure for a reputable company and should be questioned.  Howard Bank will never send and e-mail that asks for information such as social security number, account number, or PIN.  Simply clicking the link could secretly install software on your computer. The software may infect your computer with a virus or record and transmit everything you type, including passwords. Additionally, the website you link to may be spoofing the correct Internet site.

Website Spoofing - Involves you trying to visit a website but accidentally keying-in or linking-to a different address. This may lead you to a website that mimics the legitimate site that you were trying to visit. The spoof Internet site may route whatever information you provide to criminals. This can include your account numbers, Social Security Numbers, credit card information, passwords and personal identification numbers. To make spoof sites seem legitimate, criminals may use the logos, graphics, names and code of the real company's site. They also may attempt to fake the URL that appears in the address field at the top of your browser window and the padlock that appears in the lower right corner.

Skimming - Another method is called “skimming”. This method uses a small electronic device placed over or sometimes even inside a card slot at an ATM, gas pump, etc.  The device will capture information from a customer’s card, such as account numbers and PIN.  This recorded information is then used to create fraudulent cards.  If you notice anything out of ordinary, notify the machine’s owners immediately.

Sometimes, the scheme can be as simple as a phone call or letter asking you to update your information.  You should never give out personal information such as your PIN, social security number, or account number to unknown parties.  No reputable company will ever call you requesting this type of information.

 

Protect Yourself

First and foremost is education and awareness-be alert for the latest scams and how to prevent becoming a victim

Do not reply to an e-mail or pop-up message asking for personal or financial information. Legitimate companies will never ask for personal or financial information via an e-mail or pop-up message.

Don't e-mail personal or financial information. If you initiate a transaction, look for indicators that the message is secured, which can be validated by a lock icon. Most e-mail programs do not provide confidentiality via encryption.

Use bookmarks to access known sites to avoid being lured to imposter sites.

Use updated anti-virus software. Some phishing emails contain viruses and software that can harm your computer.

Do not just throw documents containing personal information in the trash (such as statements, canceled checks, credit card bills, etc.) Shred unwanted documents that contain personal information.

Pay close attention to new charges on your credit card bill.  Review credit card and bank statements immediately for unauthorized charges and contact the company if statements are more than a few days late.

Don't leave mail in your mailbox.

Memorize your Social Security number instead of carrying it with you.

Don't write down your passwords, and don't use birth dates or names of family members as passwords.  Never write down PIN numbers.

Take your receipts from ATMs, gas pumps, etc.

Report lost or stolen credit and debit cards immediately!

Protect the sensitive information contained in your wallet, checkbook, and other items at all times.

Take outgoing mail to the Post Office, or put it in a USPS drop box.

Check your credit report often (1-2 times a year)-a small fee can save you a huge problem down the road.

Always sign a debit card or credit card immediately.

Balance your statements.

If you receive a questionable call, tell the caller you are busy and ask what number you can reach them back on.
Read More

Your Security, Password

  • 31 May 2012
  • Posted by Admin

You are responsible for maintaining one of the most important security measures: your password. Please be sure to keep your password a secret. We recommend you memorize your password. It is not recommended you write it down or carry your password in your purse, wallet, or computer bag. Make sure no one watches you enter your password and always close your browser when leaving a computer. Make sure you regularly scan your computer for viruses that could

be used to capture password keystrokes. You ultimately hold the key to your password security.

Below are some suggestions on Password Dos and Don'ts:

Password DOs

  • Change passwords regularly and whenever they may have become compromised
  • Use the first (or last) letter of each word in an easily remembered phrase. For added security, substitute symbols for letters. For example using the phrase "If money doesn't grow on trees then why do banks have branches?" would be IMDGOTTWDBHB? or 1md9077wD6Hb?

Password DON'Ts

  • Don't give your passwords to ANYONE for ANY reason
  • Don't write your passwords down;
    • Anywhere near your PC
    • In your purse, wallet or computer bag
    • In user manuals
    • Electronically in word documents
    • Sent in e-mails
  • Don't use personal information such as; your name, your friends name, pets, address, social security number, phone number, license plate number, important dates such as birthdays and anniversaries
  • Don't use words that can be found in any language's dictionary. Or these words spelled backwards or with numbers or symbols added to the beginning or end
  • Do not use the same password for multiple sign-ins when possible
  • Do not use easy to spot passwords such as "qwerty", "123456", or "aaaAAA"
Read More

Password Security

  • 02 Mar 2011
  • Posted by dlong

It seems you need a username and password for just about everything you do online today. It can become very tedious and annoying to keep up with all those different passwords. Worst of all, just when you manage to memorize one, you are forced to change it.  As troublesome as it may seem, the reality is that we sometimes take

passwords for granted. After all, they are often the first and sometimes only line of defense for information we don’t want anyone and everyone accessing. They keep unauthorized users from accessing financial information, health data, private and company documents. They are also what identify you on the particular system you are logging into. Meaning if someone logs in using your credentials you can often be held liable. It can be hard to come up with effective passwords that can also be remembered so here are some things you can do and some things you should never do to achieve strong passwords that don’t require you having a photographic memory.

Password DOs

  • Use different kinds of characters. Use upper case, lowercase, numbers, and symbols, and spaces when allowed
  • Use long passwords (8 or more characters)
  • Change passwords regularly and whenever they may have become compromised
  • Use the first (or last) letter of each word in an easily remembered phrase. For added security, substitute symbols for letters. For example using the phrase “If money doesn't grow on trees then why do banks have branches?” would be IMDGOTTWDBHB? or 1md9077wD6Hb?

 

Password DON’Ts

  • Don’t give your passwords to ANYONE for ANY reason
  • Don’t write your passwords down;
    • Anywhere near your PC
    • In your laptop bag
    • In user manuals
    • Electronically in word documents
    • Sent in e-mails
  • Don’t use personal information such as; your name, your friends name, pets, address, social security number, phone number, license plate number, important dates such as birthdays and anniversaries
  • Don’t use words that can be found in any language’s dictionary. Or these words spelled backwards or with numbers or symbols added to the beginning or end.
  • Do not use the same password for multiple sign-ins when possible
  • Do not use easy to spot passwords such as “qwerty”, “123456”, or “aaaAAA”
Read More
Locate brances/ATMs

Locate Branches/ATMS

Schedule Appointments

Request An Appointment

What do you want to talk about?

Contact Us

Contact Us

Call us at 410-750-0020 OR Email us