Is your device running a bit slower than usual? Maybe random screens are popping up? Does your bank account have unknown charges on it?
These are some signs that your device might be infected with malware — malicious software designed to harm your device or network.
Here are simple ways to help protect yourself:
Keep your browser and operating system up to date.
Most operating systems and software will notify you when it’s time to upgrade — don’t ignore these messages and update as soon as you can. Old versions of software can sometimes have security problems that criminals can use to more easily get to your data.
Always keep an eye on what you click and download, including music, movies, files, browser plug-ins or add-ons.
Be wary of pop-up windows that ask you to download software or that offer to fix your computer. Often these pop-ups will claim that your computer has been infected and that their download can fix it — don’t believe them. Close the window and make sure you don’t click inside the pop-up window. Do not open files of unknown types, or if you see unfamiliar browser prompts or warnings asking you to open a file.
When in doubt, use trusted bookmarks for important sites, use your search engine to navigate to the site or type the site address directly into your browser. You should also check to see if the web address begins with https:// — which signals that your connection to the website is encrypted and more resistant to snooping or tampering.
When you do install software, make sure you’re getting the software from a trusted source.
Some programs bundle malware as part of their installation process. Before you start a download, there are a few simple steps you can take to help reduce your risk of downloading malware along with the software you want.
Check the reputation of the store — is it an authoritative source, like your phone or browser’s built-in app store, or the developer’s website, as opposed to an unfamiliar third-party download site? You can also check the reputation of the developer by looking at what others have said about them in the past. Check for online review or comments about that particular download. If you see that many people didn’t like it or had a bad experience, you might not want to download it yourself.
If you notice something suspicious after your download — such as significant computer slowness, unexpected pop-ups or messages, or unfamiliar billing charges — uninstall the software immediately and make sure your anti-virus is running and up-to-date.
Many browsers will warn you if you try to go to a website that is suspected of hosting malware. If you get a warning that a site you want to visit may not be safe, look at the URL and think carefully about whether you want to visit the site or not. Even if you have visited the site before, criminals may have compromised the site since the last time you visited, so it may not be safe to go to until the site’s owners have cleaned up their site.
If your computer is infected with malware, remove it as soon as you can.
One way to clean your computer is to scan it with at least one, and ideally a few, high-quality antivirus products. We can’t vouch for their programs’ effectiveness but trying the latest versions of any of them often makes a difference. The fact is that many sophisticated viruses can go undetected by many anti-virus programs and can only be properly removed by IT professionals. In cases where your online banking credentials have been compromised, you may be required to have proof of your computer being professionally cleaned before being re-granted access to online banking services.
Fake Check Scams
Fraud and scams are plans to make money by deceit. They’re illegal — even an unsuccessful attempt is illegal. Tri City National Bank works hard to protect you from fraud and scams, but it's important that you keep an eye out for anything that doesn’t quite seem right. Trust your instincts — if something seems too good to be true, chances are it is.
Fake check scams are clever ploys designed to steal your money. You can avoid becoming a victim by recognizing how the scam works and understanding your responsibility for the checks that you deposit in your account. If someone you don’t know wants to pay you by check but wants you to wire some of the money back, beware! It’s a scam that could cost you thousands of dollars.
There are many variations of the fake check scam. It could start with someone offering to buy something you advertised, pay you to do work at home, give you an “advance” on a sweepstakes you’ve supposedly won, or pay the first installment on the millions that you’ll receive for agreeing to have money in a foreign country transferred to your bank account for safekeeping. Whatever the pitch, the person may sound quite believable.
Fake check scammers hunt for victims. They scan newspaper and online advertisements for people listing items for sale, and check postings on online job sites from people seeking employment. They place their own ads with phone numbers or email addresses for people to contact them. And they call or send emails or faxes to people randomly, knowing that some will take the bait. They often claim to be in another country. The scammers say it’s too difficult and complicated to send you the money directly from their country, so they’ll arrange for someone in the U.S. to send you a check.
They tell you to wire money to them after you’ve deposited the check. If you’re selling something, they say they’ll pay you by having someone in the U.S. who owes them money send you a check. It will be for more than the sale price; you deposit the check, keep what you’re owed, and wire the rest to them. If it’s part of a work-at-home scheme, they may claim that you’ll be processing checks from their “clients.” You deposit the checks and then wire them the money minus your “pay.” Or they may send you a check for more than your pay “by mistake” and ask you to wire them the excess. In the sweepstakes and foreign money offer variations of the scam, they tell you to wire them money for taxes, customs, bonding, processing, legal fees, or other expenses that must be paid before you can get the rest of the money.
The checks are fake but they look real... In fact, they look so real that even bank tellers may be fooled. Some are phony cashier’s checks, others look like they’re from legitimate business accounts. The companies whose names appear may be real, but someone has dummied up the checks without their knowledge.
You don’t have to wait long to use the money, but that doesn’t mean the check is good. Under federal law, banks have to make the funds you deposit available quickly–usually within one to two business days, depending on the type of check. But just because you can withdraw the money doesn’t mean the check is good, even if it’s a cashier’s check. It can take weeks for the forgery to be discovered and the check to bounce.
You are responsible for the checks you deposit. That’s because you’re in the best position to determine the risk–you’re the one dealing directly with the person who is arranging for the check to be sent to you. When a check bounces, the bank deducts the amount that was originally credited to your account. If there isn’t enough to cover it, the bank may be able to take money from other accounts you have at that institution, or sue you to recover the funds. In some cases, law enforcement authorities could bring charges against the victims because it may look like they were involved in the scam and knew the check was counterfeit.
There is no legitimate reason for someone who is giving you money to ask you to wire money back. If a stranger wants to pay you for something, insist on a cashier’s check for the exact amount, preferably from a local bank or a bank that has a branch in your area. Meet your buyer at the bank and cash the check before transferring your property.
Credit and Debit Card Fraud
Vishing (via VoIP) & Smishing (via SMS)
The typical vishing scam makes use of Voice over Internet protocol (VoIP), which allows people to talk over their computer lines, and can allow for dialing multiple numbers at the same time. Scammers may work from a list of regional phone numbers or even from a phone book, but what they mainly do is call everyone they can and leave an automated message saying the person’s credit card or bank account has been compromised, depleted or closed. When this process is done by email it’s called phishing, instead of vishing.
People who are left a message are given instructions to call a number to get more information about this alleged compromise. Scammers often use toll free numbers for this purpose and may even have, for people with caller ID, the legitimate name of the company that is supposedly calling. When people call the number, they’re instructed to dial in their credit card number or bank account number, and even sometimes information like personal identification numbers (PINs), or their social security number. Once this information is obtained, callers may speak to a person posing as a “representative” or they may never get to a representative, and are placed on hold. Meanwhile, the damage is done and the scammers may then use information to steal money or credit card numbers.
Essentially, it’s pretty easy to avoid a vishing scam or one conducted by email (phishing), and now commonly through text messaging (smishing) on cell phones. Instead of calling the number listed, hunt up your bank account telephone number or your credit card phone number and call that number instead. If you’re being vished, phished or smished, a bank or credit card company can tell you this immediately by letting you know that there has been no illegal activity on your account or any security compromise of your account. These scams can seem very real though, because they often contain warnings about not divulging your personal information, which may make a potential target feel the company calling, texting or emailing is protecting his/her interests.
The main thing to remember is to never call the number listed on any potential vishing scam calls. This will not take you to your bank or credit card company, and if you give out your information you’re likely to have it stolen. People are naturally worried if they hear the security of one of their accounts may have been compromised, but it will only take a few minutes to find the legitimate number of the “supposed” business that is calling you. You can also do your part by making sure that the bank or company is aware you’ve been vished, and you should consider reporting any of these scam attempts in the US to the Internet Crime Complaint Center, run jointly by the FBI and the National White Collar Crime Center.
Skimming is when an electronic device is used to record your card information when your card is swiped through it. Skimming devices can be placed anywhere you swipe your card, including ATMs, gas stations and store credit card machines, to name a few. A skimming device may be attached to the slot you swipe through or may be kept nearby to be used by the fraudster when you hand your card over to be processed.
The fraudster will also try to capture your PIN, usually by standing nearby and watching you enter it, or by using a hidden camera. The recorded information is used to create a duplicate card with your bank details, giving the fraudster access to your accounts. Always be aware of your surroundings when using your debit or credit card. Cover the keypad with your hand to prevent cameras or other people from getting your PIN number. Look for unusual signs or devices on ATM’s and report them immediately to the bank.
Criminals, and sometimes even family members, have been known to steal credit or debit cards and use them for their own personal gain. It is important to treat your debit and credit cards as cash, and keep them protected from those looking to steal them.
Remember your bank will NEVER ask for your PIN, and you should never give your PIN to anyone, for any reason.
How We Protect You
Our service provider monitors activity on Tri City National Bank debit cards — 24 hours a day. If they notice any unusual spending on your card, they will try to contact you to make sure it's you spending your money. If they can't get in touch with you and believe there's a high chance of fraud, they may temporarily block your card to stop any more transactions until they can speak to you.
How You Can Protect Yourself
- Keep your contact details up to date so we can let you know if we notice any suspicious transactions on your card
- Where possible, swipe your card yourself
- Don’t let your card out of your sight – if a retailer needs to swipe your card, make sure they do it in front of you and give it back to you straight away. In restaurants, consider going with staff members to watch them swipe your card.
- Notify Tri City National Bank immediately if you’ve lost your card, think it may have been stolen or think someone may have discovered your PIN
- Check your statements for any transactions that you don’t recognize
- Never give your card details to someone over the phone unless you initiated the call and you know the company is reputable
- If you have any doubts about the security of an ATM or retailer (especially on the internet) — don’t use it!
Card Safety When Traveling
- Call us at 888-874-2489 if you're traveling out of the area, domestically or internationally, where you'll be traveling, how long for and how we can contact you while you're away. Our fraud monitoring software may block purchases out of the area.
- Try to only use ATMs that are attached to banks
- Memorize your PIN number — don’t write it down anywhere
- Don’t disclose your PIN to anyone — that includes family members, police or bank staff
- Take extra care when keying in your PIN to make sure no one else can see it
- Use different PINs for different cards
Secure your passwords.
Passwords are the first line of defense against cyber criminals. It’s crucial to pick strong passwords that are different for each of your important accounts and it is good practice to update your passwords regularly. Social media is increasingly popular, but it is a good idea to keep certain personal information private. Avoid sharing personal details that are used by financial institutions to identify you, such as your birth date, home address, mother’s maiden name, schools attended/mascots, and pet’s name. Fraudsters may use this type of information to help gain access to an account. Follow these tips to create strong passwords and keep them secure.
Use a unique password for each of your important accounts like email and online banking.
Choosing the same password for each of your online accounts is like using the same key to lock your home, car and office — if a criminal gains access to one, all of them are compromised. So don’t use the same password for an online newsletter as you do for your email or bank account. It may be less convenient, but picking multiple passwords keeps you safer.
TIP: Keep your passwords in a secret place that isn’t easily visible. Writing down your passwords isn’t necessarily a bad idea. But if you do this, don’t leave notes with your passwords in plain sight, on your computer or desk.
Use a long password made up of numbers, letters and symbols.
The longer your password is, the harder it is to guess. So make your password long to help keep your information safe. Adding numbers, symbols and mixed-case letters makes it harder for would-be snoops or others to guess or crack your password. Please don’t use ‘123456’ or ‘password,’ and avoid using publicly available information like your phone number in your passwords. It’s not very original, and it isn’t very safe!
TIP: Try using a phrase that only you know. One idea is to think of a phrase that only you know, and make it be related to a particular website to help you remember it. For your email you could start with “My friends Tom and Jasmine send me a funny email once a day” and then use numbers and letters to recreate it. “MfT&Jsmafe1ad” is a password with lots of variations. Then repeat this process for other sites.
Set up your password recovery options and keep them up-to-date.
If you forget your password or get locked out, you need a way to get back into your account. Many services will send an email to you at a recovery email address if you need to reset your password, so make sure your recovery email address is up-to-date and an account you can still access.
Sometimes you can also add a phone number to your profile to receive a code to reset your password via text message. Having a mobile phone number on your account is one of the easiest and most reliable ways to help keep your account safe.
For example, service providers can use the phone number to challenge those who try to break into your account and can send you a verification code so you can get into your account if you ever lose access. Giving a recovery phone number to Google won’t result in you being signed up for marketing lists or getting more calls from telemarketers.
Your mobile phone is a more secure identification method than your recovery email address or a security question because, unlike the other two, you have physical possession of your mobile phone.
However, if you can’t or don’t want to add a phone number to your account, many websites may ask you to choose a question to verify your identity in case you forget your password. If the service you’re using allows you to create your own question, try to come up with a question that has an answer only you would know and isn’t something that you’ve posted about publicly or shared on social media.
Try to find a way to make your answer unique but memorable — you can do this by using the tip above – so that even if someone guesses the answer, they won’t know how to enter it properly. This answer is very important for you to remember — if you forget it you may never be able to get back into your account.
Checking Account Fraud
Checking Account Security Tips
- Report lost or stolen cards and checks immediately.
- Review account statements carefully. Regular account review helps to quickly detect and stop fraudulent activity. Ask about suspicious charges.
- With Consumer and Business Online Banking, you can monitor your account online any time and as frequently as you like.
- Limit the amount of information on checks. Don’t print your driver license number or Social Security number on your checks.
- Store new and cancelled checks in a safe and secure location.
- Carry your checkbook with you only when necessary.
- Use tamper-resistant checks. Tri City National Bank checks include many safety features such as tamper-resistant packaging and chemically sensitive paper to deter alterations.
Identity Theft Prevention
Just like burglars and thieves, cyber criminals have many different ways to steal personal information and money. Just as you wouldn’t give a burglar the key to your house, make sure to protect yourself from fraud and online identity theft. Know the common tricks that criminals employ to help you protect yourself from online fraud and identity theft. Here are a few simple tips.
Don’t reply if you see a suspicious email, instant message or webpage asking for your personal or financial information.
Always be wary of any messages or sites that ask for your personal information, or messages that refer you to an unfamiliar web page asking for any of the following details:
- Social Security numbers
- Bank account numbers
- PINs (Personal Identification Numbers)
- Full credit card numbers
- Your mother’s maiden name
- Your birthday
Don’t fill out any forms or sign-in screens that might be linked to from those messages. If someone suspicious asks you to fill out a form with your personal information don’t be tempted to start filling it out. Even if you don’t hit the “submit” button, you might still be sending your information to identity thieves if you start putting your data into their forms.
If you see a message from someone you know that doesn’t seem like them, their account may have been compromised by a cyber-criminal who is trying to get money or information from you – so be careful how you respond. Common tactics include asking you to urgently send them money, claiming to be stranded in another country or saying that their phone has been stolen so they cannot be called. The message may also tell you to click on a link to see a picture, article or video, which actually leads you to a site that might steal your information – so think before you click!
Never enter your password if you’ve arrived at a site by following a link in an email or chat that you don’t trust.
Even if you think it’s a site that you trust, like your bank, it’s better to go directly to the site by using a bookmark or typing in the site’s address directly into the browser.
Don’t send your password via email, and don’t share it with others.
Your passwords are the key to your accounts and services online, and just like in your offline life, you should be careful who you give your keys to. Legitimate sites and services won’t ask you to send them your passwords via email, so don’t respond if you get requests for your passwords to online sites.
Because your passwords are so important, you should think carefully before deciding to share them with others — even friends and family. When you share your passwords, there is a greater risk that someone may misuse your accounts by accessing information you don’t want them to or using the account in ways you don’t approve. For example, if you share your email password with someone, that person might read your personal emails, try to use your email account to access other online services you might use, like banking or social sites, or use your account to impersonate you. Finally, when you share your password with someone, you will have to rely on them to keep it secure; they may share it with others on purpose or by accident.
Pay close attention when asked to sign in online.
Check for signals about your connection with the website.
First, look at the address bar in your browser to see if the URL looks real. You should also check to see if the web address begins with https:// — which signals that your connection to the website is encrypted and more resistant to snooping or tampering. Some browsers also include a padlock icon in the address bar beside https:// to indicate more clearly that your connection is encrypted and you are more securely connected.
Report suspicious emails and scams to your email provider.
Most email providers allow you to do this. Reporting a suspicious message will help block that user from sending you more emails and help stop similar attacks.
Tri City National Bank offers mobile banking apps for your mobile devices.
When using a mobile device, keep these tips in mind:
- Use the keypad lock or phone lock function on your mobile device when it is not use. These functions password-protect your device to make it more difficult for someone else to view your information.
- Frequently delete text message from your financial institutions, especially before loaning out, discarding or selling your mobile device.
- Never disclose via text message, instant messaging, online chat, phone or email your personal or financial information, including account numbers, passwords, social security number or birth date.
- Avoid storing your banking password or other sensitive information on your smartphone where it could be discovered if your phone is stolen.
- Be cautious when using public hotspots. Carefully consider your Wi-Fi and Bluetooth connection settings, even at a trusted retailer, as fraudsters can spoof the name of reputable hotspots.
- Download banking applications from reputable sources only to ensure the safety of your account information.