Millions of people become victims of cybercrimes each day. Cybercriminals use various techniques to attempt to steal your personal information or access your computer systems for their illegal activities. Here are some common methods thieves use and what you can do to protect yourself.  

Social Engineering

Social engineering is the art of manipulating or deceiving you in order to again control over your computer system. The hacker may use phone, email, mail or direct contact to gain illegal access. Phishing, Spear Phishing and CEO Fraud are all examples.

Email/Website Spoofing

These are used to make people believe they are receiving an email from a legitimate company, but they aren’t. Or that the user is visiting and interacting with a trusted website but is indeed a forged site.  The best way to handle spoofed emails and spoofed websites is by always exercising caution. If something seems “off” about an email, do not open attached files or click on included links. Type in a site’s URL manually to avoid landing on a spoofed version of it. By taking your time and being careful, you should be able to avoid most problems. 

Phishing

Phishing is a cybercrime that targets victims by email, telephone, or text messaging.  The fraudster poses as a legitimate company to lure the victim into providing sensitive data such as social security numbers, banking and card details and passwords.  The information is then used to access important accounts or obtaining new accounts, resulting in identity theft and financial loss.

Common Phishing Techniques:

Email/Spam

This technique target victims via email/spam by asking them to fill in personal details. Most of the messages have a sense of urgency requiring victim to enter credentials, update account information or verify accounts.

Vishing

In phone phishing, the phisher makes phone calls to the user and asks the user to dial a number. The purpose is to get personal information of the bank account through the phone. Phone phishing is mostly done using fake caller ID.

Smishing

This form of phishing is conducted via text messaging.  A smishing text, for example, attempts to entice a victim into revealing personal information via a link that leads to a phishing website.

Link Manipulation

Link manipulation is the technique in which the phisher sends the victim a link to a malicious website. When the user clicks on the deceptive link, it opens the phisher’s website instead of the website mentioned in the link.

Safety TIP! Hovering the mouse over the link to view the actual address stops users from falling for link manipulation.

Malware

Phishing scams involving malware are usually attached to the email sent to the user by the phishers. Once you click on the link, the malware will start functioning. Sometimes, the malware may also be attached to downloadable files.

Ransomware

Ransomware denies access to a device or files until a ransom has been paid. Ransomware is malware that gets installed on a user’s workstation using a social engineering attack where the user gets tricked in clicking on a link, opening an attachment, or clicking on malvertising.

Learn More Resources:

Social Engineering|KnowBe4

Phishing|Common Phishing Scams

Phishing|Phishing Examples

Protect Sensitive Information

Information such as your social security number, date of birth, routing or account numbers, usernames/passwords, and PIN numbers all should be highly protected.

• NEVER share sensitive information with others.
• Know that the bank will never call you directly and ask you to provide sensitive information listed above.
• Do Not write your PIN number on the back of or keep it with your debit card.
• Use a shredder to destroy mail that contains sensitive information.

Beware of Scams, and Scammers Techniques

Scammers target their victims.  Don’t fall prey to them.  Here are a things to watch for.

Scammers often create a sense of urgency to get their victim to roped into their scheme.  SLOW DOWN.  Ask yourself a few questions. Is this caller asking me to hurry and pay for something to avoid jail or penalties or collect prize money, secure a job?

Never send cashiers checks, checks or cash to people you meet online or to a person from whom you have received an unsolicited call.  

Unsure about the deal? Talk to a close friend, family member or reach out one of our bankers to discuss.

Don’t trust caller ID.  Scammers can spoof caller ID to make the incoming call look from a legitimate business.  What is the caller asking? Are you expecting a call from this company or individual? Are they asking you to provide sensitive information? STOP!  End the call.  Look the company phone number up from a trusted source and call them back. Do NOT call them back from the number showing on your phone.

Visit our Common Types of Fraud Methods page to learn more.

Protect Your Systems

• Install Anti-Virus Software
• Keep your computer and mobile operating systems up to date.
• Use Firewalls
• Back Up Your Data
• Scan external devices such as flash drives before accessing them to avoid viruses.
• Think Before You Click! Hover over links you are unsure of before clicking. Does it lead where it is supposed to?
• Be Wary of Pop-Ups.
• Use Trusted Browsers
• Look at website URLs to make sure they are “SECURE”
• Be selective of websites, don’t go to promo sites or unknown sites
• Set Strong Passwords and update them regularly. Don’t use reuse a single password for multiple sites, i.e., entertainment sites and online banking
• Don’t trust public Wi-Fi. Create a Virtual Private Network to encrypt your connection.
• Disconnect from the internet when computer is not in use.

• Set alert preferences on your account via our mobile application. Alerts can be set for balance and or transaction monitoring.
• Sign up to receive your bank statements electronically.
• Lastly consider signing up with the U.S. Postal Services’ Informed Delivery  service so you can preview your incoming mail before it arrives.  This service can be beneficial in assisting you in monitoring your mailbox for mail theft.

Learn More Resources:

Phishing|10 Ways to Avoid Phishing Scams