Wawa Data Security Breach

  • 06 Feb 2020
  • Posted by estarr

On December 19, 2019, Wawa convenience stores announced that they found malware on their payment processing servers on December 10, 2019, and contained it by December 12, 2019. This breach may have exposed debit and credit card information used by customers in its stores and at its gas pumps at all Wawa locations at different points in time after March 4, 2019, through December 12, 2019.

What information may have been exposed?
At this time, Wawa suspects this malware affected payment card information, including credit and debit card numbers, expiration dates, and cardholder names on payment cards used at potentially all Wawa in-store payment terminals and fuel dispensers during the aforementioned dates.

Debit card PIN numbers, credit card CVV2 numbers (the three or four-digit security code printed on the card), other PIN numbers, and driver’s license information used to verify age-restricted purchases, or other personal information were not affected by this malware. ATMs were not affected as well during the malware event. 

January 2020 Update
On January 28, 2020, Wawa announced that they have become aware of reports of criminal attempts to sell some customer payment card information potentially involved in the previous Data Security breached that was announced on December 19, 2019.

Wawa’s CEO Chris Gheysens has written an Open Letter about the incident that can be viewed here

What precautions should customers take?
We encourage our customers to always be vigilant and review your account for any suspicious activity and notify us immediately if you identify any questionable transactions.

Wawa has arranged for Experian to provide potentially impacted customers with one year of identity theft protection and credit monitoring at no charge.  To take advantage of this service, visit the Experian IdentityWorks website to enroll at www.experianidworks.com/credit or contact Experian’s customer care team at 1-844-386-9559. Provide this activation code: 4H2H3T9H6.

In order to protect our customers, we have issued new Visa® debit cards for our customers who may have used their cards at Wawa stores during the impacted time period.  Those customers should have received letters informing them of all of the precautions that the bank is taking to protect them.

We highly encourage all Howard Bank customers to utilize the following tools and services that are available to you as customers to protect you against potential fraud:

  • Sign up for Real-Time Account Alerts within Online Banking allowing you to set up customized alerts to receive via email, text, or through online banking when a transaction is processed on your debit card.
  • Utilize Manage My Cards with Mobile Banking providing you the ability to turn your debit card “on and off” and establish transaction controls and limits.
Read More

Online Shopping Safety Tips for the Holidays

  • 25 Nov 2019
  • Posted by dgriffitts

Year after year, it seems like more shoppers are opting to do their holiday gift buying online. And it makes sense—why fight the crowds when you can shop from the comfort of your own couch? Technology has made online shopping a breeze, but it doesn’t come without risks. Here are a few simple tips and tricks to protect yourself and shop safely this season.

  • Use strong passwords
    • You know that one password you’ve been using for years and just changing the last few numbers? Yeah, it’s time to create a new one. We know you’ve heard this advice before, but trust us, using strong and unique passwords is a simple way to add a layer of protection to all of your accounts.  
  • Do not give out sensitive personal information
    • Legit retailers will never ask for your social security number. Trust your gut with this one; if you’re being asked to provide personal details that you’re not comfortable giving—don’t.
  • Avoid making purchases while using free/public Wi-Fi
    • Remember what we said earlier about shopping from the comfort of your own home? Try to stick to that. Or, at least shop on a secure network. The risk of data interception is much higher when you’re on public Wi-Fi, such as at an airport, coffee shop, or library.
  • Pay for purchases with a credit card when possible
    • Plain and simple: you have better liability protection when paying with a credit card.
    • Bonus Tip: It’s best to avoid saving your payment information within online accounts. Sure, storing it is super convenient for the next time you log in to make a purchase, but it also makes your personal data vulnerable to identity thieves and hackers.
    • Bonus Tip: Howard Bank understands the importance of security. That’s why we offer the same liability protection as a credit card for our debit cards. Simply put, it means you’re covered if there are any disputed, fraudulent transactions.
  • Ship merchandise to a secure location
    • Beware of porch pirates! If you won’t be home during delivery, try finding an alternative location that’s safe and secure. Depending on the retailer, you may be able to get your package delivered directly to the store for pick-up, or at one of their shipping lockers.
  • After purchasing, monitor your accounts closely
    • Online and mobile banking are great tools that can be used to monitor your account activity in a safe and convenient way. You may also be able to set-up customized alerts. So, if your account falls below a certain balance or an external transfer is made, you’ll be notified right away.
Read More

Fraud Tips for the Holidays

  • 06 Dec 2018
  • Posted by dgriffitts

The holiday season is in full swing. The decorations are out, the lights are being hung and gift shopping has begun. While it’s always a good idea to take precautions to protect yourself from fraud, it’s especially important during the busy holiday season. Add these simple tips to your list to help avoid becoming a victim of fraud and stay safe.

Monitor your accounts often: it’s the first line of defense in stopping fraud. At a minimum, you should review transaction activity weekly to make sure everything is accurate. Online Banking and Mobile Banking are great tools to monitor your finances. They provide 24/7 secure access to your accounts so you can check your activity anywhere, anytime.

Consider notification tools: most banks offer some type of alerts for things such as low balances or large transactions. These tools can provide additional monitoring for an extra layer of protection. At Howard, we offer Real-Time Account Alerts, which allows you to set up customized alerts to receive via email, text, or through online banking, and Manage My Cards, providing you the ability to turn your debit card “on and off” and establish transaction controls and limits.

Be cautious at ATMs: stay alert and be aware of your surroundings when making an ATM transaction. Distracted customers make easier targets for criminals. ATM tampering can be hard to detect, but if the card reader appears altered or even if something “doesn’t feel right” you should cancel your transaction and alert branch personnel or store owner. 

Share travel plans with the bank: If you’re traveling during the holidays make sure your bank knows. This will help your financial institution more accurately detect unusual activity. You can submit travel notifications online at HowardBank.com.  

If fraud should happen: report any unauthorized transactions immediately to avoid additional losses. Keep a record of all fraudulent activity in case you need to provide documentation to your financial institution.  

To stay up to date on recent scams and how to recognize warning signs, visit the FTC website and browse by date or topic: www.consumer.ftc.gov/features/scam-alerts.

Shop safely this holiday season, and most importantly enjoy the time spent with family and friends. Happy holidays to all!

Diane Griffitts is the Vice President, Fraud and Product Support Manager at Howard Bank.

Read More

Defending Yourself Against Identity Theft

  • 03 Jul 2017
  • Posted by Amarasco
As technology advances, you can be sure that identity thieves are not far behind. Here are some common methods cyberthieves use to steal your personal information and how you can increase your security while shopping or banking.

Phishing/vishing

Your email messages may not be quite what they appear to be if you’re targeted by a phishing scam. Phishing is the act of sending fraudulent emails that seem to come from familiar businesses. These messages contain links to phony websites designed to steal personal information either directly or through malware and keyloggers. Often you’ll see a problem referenced with a request to click on the link provided to correct it. Once you’ve entered your information, ID thieves can access your accounts. Vishing is the telephone version of phishing. Callers are sometimes bold enough to suggest the victim call back to verify authenticity. But the vishers don’t actually hang up; instead they play a recorded dial tone to make the victim believe he’s making a call.

Debit and credit card fraud

Most shoppers love the convenience of plastic, and identity thieves use this to their advantage whether it involves skimming, phishing, vishing, malware, mail theft or just looking over a victim’s shoulder to steal account numbers. When debit cards are compromised, it’s particularly alarming because fraudulent purchases drain your checking account instantly.

BEC scams

Business email compromise, or BEC, scams have cost companies more than $1.2 billion. A phony email from a CEO requesting that funds be transferred per attached instructions is sent to an employee. Because the email appears to come from the employee’s superiors, and because the message so closely resembles requests this employee receives regularly, the transfer is often made without question. The money then ends up in overseas accounts that are almost impossible to trace.

Tips to protect yourself

To even further reduce fraud risk:
  • Install the latest editions of antispyware, antivirus, firewalls and browsers to all devices, and password-protect them.
  • Use strong passwords for all accounts and change them frequently.
  • Monitor accounts and credit reports to detect fraud early
  • Don’t use public Wi-Fi networks for financial transactions.
  • Keep cards away from public view, and shred personal documents before discarding.
  • Opt in for two-factor authentication on accounts.
  • Turn off bluetooth and near field communication when not in use.
  • Don’t click on email links. Type full web addresses to access business websites.
  • Never share sensitive information with unsolicited callers or email senders.
  • To verify calls, hang up for at least one minute to insure the first call is disconnected.
  • To protect your business from BEC scams, use a two-step verification process for all money transfers. Verbal confirmation is also wise.
Staying informed and adopting smart fraud prevention practices will go a long way toward protecting your identity. Between your efforts and your bank’s security, you should be able to stay a step ahead of identity thieves. © Copyright 2016 NerdWallet, Inc. All Rights Reserved

 

Read More

Defending Yourself Against Identity Theft

  • 22 May 2017
  • Posted by Amarasco
As technology advances, you can be sure that identity thieves are not far behind. Here are some common methods cyberthieves use to steal your personal information and how you can increase your security while shopping or banking.

Phishing/vishing

Your email messages may not be quite what they appear to be if you’re targeted by a phishing scam. Phishing is the act of sending fraudulent emails that seem to come from familiar businesses. These messages contain links to phony websites designed to steal personal information either directly or through malware and keyloggers. Often you’ll see a problem referenced with a request to click on the link provided to correct it. Once you’ve entered your information, ID thieves can access your accounts. Vishing is the telephone version of phishing. Callers are sometimes bold enough to suggest the victim call back to verify authenticity. But the vishers don’t actually hang up; instead they play a recorded dial tone to make the victim believe he’s making a call.

Debit and credit card fraud

Most shoppers love the convenience of plastic, and identity thieves use this to their advantage whether it involves skimming, phishing, vishing, malware, mail theft or just looking over a victim’s shoulder to steal account numbers. When debit cards are compromised, it’s particularly alarming because fraudulent purchases drain your checking account instantly.

BEC scams

Business email compromise, or BEC, scams have cost companies more than $1.2 billion. A phony email from a CEO requesting that funds be transferred per attached instructions is sent to an employee. Because the email appears to come from the employee’s superiors, and because the message so closely resembles requests this employee receives regularly, the transfer is often made without question. The money then ends up in overseas accounts that are almost impossible to trace.

Tips to protect yourself

To even further reduce fraud risk:

  • Install the latest editions of antispyware, antivirus, firewalls and browsers to all devices, and password-protect them.
  • Use strong passwords for all accounts and change them frequently.
  • Monitor accounts and credit reports to detect fraud early
  • Don’t use public Wi-Fi networks for financial transactions.
  • Keep cards away from public view, and shred personal documents before discarding.
  • Opt in for two-factor authentication on accounts.
  • Turn off bluetooth and near field communication when not in use.
  • Don’t click on email links. Type full web addresses to access business websites.
  • Never share sensitive information with unsolicited callers or email senders.
  • To verify calls, hang up for at least one minute to insure the first call is disconnected.
  • To protect your business from BEC scams, use a two-step verification process for all money transfers. Verbal confirmation is also wise.

Staying informed and adopting smart fraud prevention practices will go a long way toward protecting your identity. Between your efforts and your bank’s security, you should be able to stay a step ahead of identity thieves. © Copyright 2016 NerdWallet, Inc. All Rights Reserved        

Read More

Do You Know How to Void a Check?

  • 15 Mar 2016
  • Posted by Admin

When you set up automatic payments or deposits, you often need to provide a voided check. Your bank information is printed on each check, and whoever asked for the voided check will copy that information and set up an electronic link with your account. There’s only one hitch: you need to know how to void a check, and you may not have ever done it before. How to Void a Check Voiding a check is really pretty easy. Write the word “V O I D” across the front of the check in large letters. Make the word tall enough and wide enough to cover most of the check. However, don’t cover up the numbers at the bottom of your check -- those are needed to set up the link with your bank account. Use a pen or a fine tipped marker so that nobody can erase the word “VOID.”   how-to-void-a-checkImportant: don't just email that check, do something to hide your account information from thieves. Once you’ve done all this, make a note of it in your check register so that you know where the check in question went; you don’t want to wonder whether or not you wrote a large check to somebody and worry about it hitting your account. Just write “VOID” next to the check number and date, and note who you gave the check to. Writing “VOID” across the front of the check prevents anybody from using the check to make a payment (by filling in a payee and an amount). Nobody will have access to a blank check, which could be used to steal your money. If you don’t have Checks: How can you void a check if you don’t have any checks? You’ll have to find another way. If you’re setting up direct deposit, ask your employer if there are any alternatives to providing a voided check (or ask your biller if you’re setting up automatic payments). A few ideas are listed below. One solution is to go to the bank and ask for a “counter check.” The teller will print a check with your account information on it, and you can void that check as if it came out of your checkbook. You may also be able to set up deposit or withdrawal instructions without using a voided check. Ask if you can provide a deposit slip instead of a voided check (a pre-printed deposit slip is usually required -- you can’t just fill it in by hand). You probably have a few of these left in the back of your checkbook.See if you can set up your bank account link online. Instead of using forms (which require that you void a check), try to use an online system. In most cases, you just enter your bank account information in an online form. Another approach is to get documentation from the bank instead of voiding a check. Ask for a letter, printed on bank letterhead, that lists your account number, routing number, and account type (checking or savings). Alternatively, some banks provide a form letter used for setting up direct deposit -- just print it while you’re logged in to the online banking system and it will have everything you need. Once you have your hands on a voided check, consider scanning or photocopying it. You may need to provide voided checks numerous times. If an original check is not required (for example, if you’re going to fax in the instructions), you can use the same copy over and over. Be sure to keep this copy somewhere safe -- in a locked filing cabinet or in an encrypted folder on your computer.

Read More

Travel and Holiday Financial Security Tips

  • 23 Dec 2015
  • Posted by Amarasco

The holidays are a popular time for traveling. We want to help you keep your banking safe and secure, easy, and hassle-free. Here are some helpful tips you can use to look after your finances while you’re traveling. Security You should make sure your cards are kept safe while you’re on holidays, just as you would when you’re at home.

  • Keep your card, PIN, and online banking secure code safe and secure at all times, remember your pin and do not write it down
  • Register for eStatements so future statements don’t come in envelopes which means your account details can’t being intercepted at the mailbox. With eStatements, you can retrieve your current and previous statements online via Online Banking, at a time that suits you.
  • Never hand over your card where it is taken out of your sight. • Carefully check ATMs for suspicious devices and select another ATM if you’re unsure.
  • Pay attention when making purchases - normally your card should only be swiped once, and if a transaction is canceled or unsuccessful, ask for a copy of the cancellation.
  • Use Online Banking to keep track of the transactions you’ve made, so you can quickly spot and notify anything out of the ordinary. also, it’s a good idea to have your mail redirected or collected while you’re away.
  • Let your bank know if you’re traveling overseas. If you’re lucky enough to be traveling overseas, just let your bank know so they can look out for unusual transactions. You can easily report with Howard Bank by calling, emailing, or submitting our travel notification form.
  • Have travel insurance organized prior to going and take the details of how to contact the insurer in case you need to report an incident/make a claim.
  • Make sure your cards won’t expire while away and contact your bank beforehand if they will.
  • Look at taking a ‘mixed wallet’ overseas – a combination of a number of ways to get foreign cash/pay for purchases. For example, it may be worthwhile taking a small amount of currency and currency of the country you’re going to, plus a debit and credit card. Don’t make it easy for pickpockets With a bit of planning you can ensure that pickpockets and travel scams that are common overseas don’t happen to you.
  • Most people usually keep their wallets in their back pockets, they’re easy to pick, so use an inside pocket or hard to reach place instead. 
  • Even consider limiting the amount of cash you require to carry on you at any one time.
  • Only take or carry the items you really need rather than all your cards and ID.
  • Keep handbags and backpacks in front of you, locked if possible, and never let them out of your sight.
  • Keep your cards and cash in different places so you have a back-up if your pocket is picked or bags are lost or stolen With a bit of planning, you will have your finances all safely organized.

Now you can get on with riding the waves, skiing the slopes, tasting the exotic foods, and taking all those wonderful photos. Enjoy your traveling holidays.  

Read More

Protecting Your Identity

  • 02 Sep 2015
  • Posted by Kathy Armstrong

We all go to tremendous measures to protect what is ours. We install sirens in our homes to frighten intruders and alarm systems in our cars to scare off robbers. But what steps do we take to protect our identities? The new burglary: a personal intrusion. Identity theft is becoming more common today as we exchange personal information in the mail, over the phone and via the Internet. Maintaining control and ownership over your identity is as much a part of your financial well-being as staying debt-free and purchasing appropriate life and disability insurance policies. Just like positioning motion detectors and panic buttons for your home and car, there are easy ways to minimize the risk of someone stealing your identity. Protect your most prized possession: your identity. • Order a credit report from each of the three major credit bureaus: Equifax (800-685-1111 or equifax.com), Experian (888-397-3742 or experian.com) and Trans Union (800-916-8800 or transunion.com). • Shred materials that contain your personal information (account numbers, passwords, birth dates, social security numbers). • When sharing sensitive information over the Internet, check for “https” at the beginning of the URL – the “s” indicates a secure site. • Do not provide your Social Security number to companies that do not need it. When supplying personal information, find out how it is being used first. • Avoid using easily guessed passwords such as your mother’s maiden name or your birth date. Change passwords often. • Stay alert of billing cycles and inquire about bills that do not arrive on time. • Retrieve your mail when it arrives to prevent theft of correspondence containing private records. Use public mailboxes to send mail with personal data. Following these guidelines will certainly deter a thief, but there is no surefire way to prevent an identity break-in. If you do have an ID crisis, report the crime to one of the major credit bureaus, which will notify the other two agencies. Ask the bureau to place a “fraud alert” on your file and request a notification if new accounts are opened. Identity theft may not be as obvious a home invasion, but it can be even more tumultuous to completely rectify. Protect your name, guard your credit. Put an alarm on your identity.   Kathy Armstrong is a CERTIFIED FINANCIAL PLANNER TM professional and works with Heritage Financial Consultants in Hunt Valley. She is an investment advisor representative through Lincoln Financial Advisors Corp, a broker/dealer (member SIPC) and registered investment advisor 307 International Circle, Suite 390, Hunt Valley, MD 21030, 410-771-5655. Neither Heritage Financial Consultants nor Lincoln Financial Advisors is affiliated with Howard Bank. Heritage Financial Consultants, LLC is not an affiliate of Lincoln Financial Advisors Corp. CRN-1264285-080315

Read More

Protect Yourself from ID Theft

  • 15 Jul 2015
  • Posted by Amarasco

Protect Yourself from ID Theft   Identity theft is everywhere. Turn on your TV, and you'll see "special reports" on how to prevent it. Turn on the radio, and hear ads for services pledging to protect you from it. Search for it on Google, and you get 140 million results. In fact, according to a 2013 report by Javelin Research, there is one incident of identity fraud every three seconds. The Javelin report also shows that the number of identity fraud incidents increased by 1 million consumers in the past year and the dollar amount stolen increased to $21 billion. Fortunately, there are some easy ways to lower your risk of becoming another ID theft victim. Don't over-share on social networking websites Thanks to social networking sites such as Facebook and LinkedIn, people are now putting unprecedented levels of personal information online, and many aren't doing enough to keep it away from would-be criminals. A 2011 Javelin report found longtime social networking users were almost twice as likely as those newer to social networking to become victims of ID theft. "The Internet has turned into this place where the less-educated consumer will willingly give up information in places where they just shouldn't," says Sean Brady, director in the identity management protection group for RSA, an information security firm based in Bedford, Mass. The good news is you can protect yourself, Brady says. He recommends setting your privacy settings at the highest level and not sharing facts like your exact birth date, including the year, or information that could be used to answer your security questions such as your mother's maiden name. Ultimately, Brady says social media users will have to decide how much information they're willing to disclose and weigh it against the benefits of social networking. Maintain anti-virus and anti-malware software Increasingly, identity thieves are using viruses and harmful programs known as malware to steal Americans' financial information, says Michael McKeown, supervisory special agent, FBI Cyber Division. These programs can enter your personal computer in several different ways, the most common being email with links or attachments that when clicked on, install malware on your machine. From there, they can record keystrokes to mine passwords, hijack online banking sessions and probe your PC for financial information. Beside keeping anti-virus and anti-malware software up to date, another way to prevent yourself from being hurt by malware is to keep the financial information on your PC limited, Brady says. He advises consumers to decline every time you're asked to save your password when you're logging on to a financial site. "Malware these days, that's one of the first areas that it goes to, the location where all that's kept," Brady says. Handle financial documents with care Physical documents aren't as much of a threat as they once were, simply because stealing them from a mailbox or the trash can be dangerous work for thieves, Brady says. Still, the key to minimizing the risk is storing needed documents carefully and destroying the ones you don't need. "A shredder is your friend," says Steven Toporoff, attorney with the Federal Trade Commission's Division of Privacy and Identity Protection. Certain documents need to be retained for tax and other purposes. "Short of that, you should be shredding documents regularly that you no longer need, especially those that have any kind of account number or identifying information," Toporoff says. Also, shred any kind of financial solicitations you get in the mail, especially those credit card offers containing blank checks. Create strong passwords In a world where online banking is increasingly ubiquitous and access to large chunks of your net worth is just a username and password away, having a strong password is important. That's because once thieves have zeroed in on your email address or account username, they'll often try to guess your password, either manually or using a computer program to try thousands of passwords until they find the correct one. To keep from becoming a victim of ID theft, stay away from obvious passwords. "'12345' is just not a good password," Brady says. "Everybody has passwords that he can remember -- mnemonics or very personal things that are better passwords that aren't publicly known." Incorporate spaces, special characters, and lowercase and uppercase letters. "Whatever your password is, (it) should not be a word that's found in the dictionary," he says. McKeown says using multiple passwords also can limit the damage a thief can do, especially for your online banking accounts. Be careful with unsecured Wi-Fi It may be convenient to do online banking at a cafe or to keep your home Wi-Fi network unsecured to avoid typing a password, but criminals have become increasingly adept at intercepting unsecured Wi-Fi communications, Toporoff says. "You don't want to do banking or to look up your financial accounts in a Wi-Fi situation where it's not secure," he says. "Others who are sitting there with you on the same network conceivably can get access to your information." To protect yourself, Toporoff recommends putting a password on your home Wi-Fi network and waiting until you get home or to another secured network to make financial transactions. Don't be reeled in by phishing scams Phishing, or the practice of sending out fraudulent emails soliciting financial information or getting users to click on virus-laden links or attachments, is a growing identity theft threat, RSA's Brady says. That's because phishing emails have grown increasingly convincing, thanks to growing information available to thieves about you to make the emails more persuasive. Brady says consumers are seeing emails, referring to them by name and containing their address, friends and family names or their job stolen from social networking sites and data breaches, known as "spear phishing." Brady cites one example of spear phishing as the 2011 data breach at Dallas-based marketing firm Epsilon, where thieves accessed millions of Americans' email addresses and names. "That gave the ability ... to send personalized emails that have a greater chance of success," he says. To avoid becoming a victim, read emails carefully before clicking on links or attachments, especially if an email comes from out of the blue or asks for personal or financial information, Toporoff says. Instead of clicking on such links, Toporoff recommends contacting the company directly, using contact information you know to be accurate. Monitor credit and bank accounts closely Checking your credit card and debit card statements online on a daily basis is a good way to limit the damage that fraudsters can do to your accounts, McKeown says. That's especially true now. You may remember those ID theft commercials with a male actor talking in a dubbed female voice about the fraudulent purchase of a pricey $1,500 bustier, but many thieves are actually smarter than that these days, McKeown says. Instead of making a big, obvious purchase likely to trigger a fraud alert, thieves will charge small amounts under $20, hoping to remain undetected and keep the card number active as long as possible. To be sure, ID thieves don't limit themselves to existing accounts. Javelin's 2011 study found that although it's less common, when thieves are able to establish new accounts in a victim's name, the average loss per incident is a whopping $7,350 compared to just $4,197 for fraud committed using existing accounts. The report says new-account fraud is harder to detect. To avoid being a victim of new-account fraud, get regular, free credit reports. Using this strategy will help you identify any new, unauthorized accounts that have been opened in your name.  

Read More

Pages

Locate brances/ATMs

Locate Branches/ATMS

Schedule Appointments

Request An Appointment

What do you want to talk about?

Contact Us

Contact Us

Call us at 410-750-0020 OR Email us