Customer ProtectionSafeguarding Our Customers

Safeguarding Our Customers against E-Mail and Internet-Related Fraudulent Schemes

Click here to watch a Security Awareness Training Video

Click here to learn more about protecting yourself on the web

 

Heartbleed Bug Information

Greater Hudson Bank is aware of the recently disclosed Heartbleed vulnerability. Heartbleed is a flaw uncovered in OpenSSL software, one of the key technologies used to encrypt data transactions on many websites. Since learning of this flaw, we have been examining all our systems to make sure they are updated and patched for the Heartbleed vulnerability.  Please be advised that our Greater Hudson Bank website including our online, remote and mobile banking systems are not directly vulnerable to this bug and no issues have been found.    As a general best practice, customers are advised to use a unique password on all websites, including online banking, and should change it frequently. The reason for this is if you use the same password for online banking as you do for other websites that are vulnerable to the Heartbleed vulnerability and your password is compromised on another site, it could then potentially be used to access your accounts on Greaterhudsonbank.com.  We advise customers to review their accounts on a regular basis and not to use publicly-accessed computer kiosks that can be found at libraries, hotels, etc. We also urge caution when using other ecommerce vendors until they have made public statements regarding their risk to Heartbleed. We will keep our customers updated with further notifications regarding the Heartbleed vulnerability as we learn more. 

Target Data Breach 

In the recent months, there have been data breaches at major retailers on some credit and debit cards used. In addition to debit and credit card information stolen, Target has reported that personal information – including names, phone numbers, email and mailing addresses – were also taken during the data breach. Target is offering free credit monitoring and identity theft protection to all of its customers for one year with an opportunity to enroll by April 30, 2014. Click here to sign up.

Email and fraudulent websites

Sometimes criminals may send you email that looks like it has come from Greater Hudson Bank. These phony emails ask you to go to a website that also looks like Greater Hudson Bank and provide your personal account information. Some of these phony emails even caution that if you don't do this, your account may be suspended. But the website is also a fake, and this is a fraud attempt.

This is the most common type of online fraud, and is called "phishing and spoofing". Criminals send these phony email messages or direct someone to a fraudulent website for one goal, to steal personal and financial information.

If you should ever receive an email that appears to be suspicious, do not reply to it or click on the link it provides. Simply delete it. To report a suspicious email that uses Greater Hudson Bank's name, you can forward it to abuse@greaterhudsonbank.com*. (If you have general questions about the bank or your accounts, please go to Contact Us.)

Spyware and viruses

Spyware and viruses are both malicious programs that are loaded onto your computer without your knowledge. Whether the goal of these programs is to capture or destroy information, to ruin the performance of your computer, or to bombard you with advertising, you don't want them.

Viruses spread by infecting computers and then replicating. Spyware disguises itself as a legitimate application and embeds itself into your computer, to monitor your activity and collect information.

Spyware and viruses are both serious threats to the security of your computer.

Pop-up advertisements

Pop-ups are the advertisements that "pop up" in a separate browser window. When you click on some of these pop-ups, it's possible that you're also downloading "spyware" or "adware."

Sometimes, criminals create pop-up ads that look like they come from a respected financial institution and ask you to enter personal financial information, but Greater Hudson Bank and most other financial institutions will never ask you to verify personal financial information in pop-ups.

Fraudulent Phone Calls and Numbers

Vishing is the criminal practice of using social engineering and Voice over IP (VoIP) to gain access to private personal and financial information from the public for the purpose of financial reward. The term is a combination of "voice" and phishing.

When the victim answers the call, an automated recording, often generated with a text to speech synthesizer, is played to alert the consumer that their credit card has had fraudulent activity or that their bank account has had unusual activity. The message instructs the consumer to call the following phone number immediately. The same phone number is often shown in the spoofed caller ID and given the same name as the financial company they are pretending to represent.

Consumers are advised to be highly suspicious when receiving messages directing them to call and provide credit card or bank numbers. Rather than provide any information, the consumer is advised to contact their bank or credit card company directly to verify the validity of the message.

Mobile Phone Security

Smishing is a form of criminal activity using social engineering techniques similar to phishing. Smishing victims receive SMS messages. Known as "smishing," these text messages might ask a recipient to register for an online service -- then try to sneak a virus onto the users' device.

Some messages warn that the consumer will be charged unless he cancels his supposed order by going to a Web site that then extracts such credit card numbers and other private data.

Greater Hudson Bank will never ask you to reply to an email with any personal information or data, such as your Social Security number, ATM or Check Card PIN, or any other sensitive information. In addition, when you sign in to Online Banking always make sure to look for the logo at the bottom of the page.

 How to Protect Yourself

  • Be cautious of any offer that sounds to good to be true.
  • Verify any calls or emails that you receive about a security or fraud investigation with your bank or financial institution.
  • Be wary of any offer that requires you to wire money, withdraw cash from your account, or provide account information.
  • Review the FBI Fraud Alert signs of a scam
  • Review The Alliance For Consumer Fraud Awareness website

Other Check Fraud Security Tips

  • Store your checks, deposit slips, bank statements, and cancelled checks in a secure and locked location. Never leave your checkbook in your vehicle or in the open.
  • Unless needed for tax purposes, destroy old cancelled checks, account statements, deposited checks, ATM receipts, etc.
  • Reconcile your bank statements within 30 days to detect any irregularities.
  • Never give your account number to people you do not know, especially over the telephone to unsolicited phone sales calls. Please note that Greater Hudson Bank will NOT send out email asking you to verify personal data.
  • When you receive a new or replacement check order, make sure all the checks are there and that none are missing.
  • Mail your bills from the Post Office or sign up for On Line Bill Pay. Limit the amount of personal information on your check. For example, do not include your Social Security Number or Driver’s License Number on your check.

Fraudulent Utility Bill E-mail

The IC3 has received over 40 complaints since May 2011 reporting the receipt of an unsolicited e-mail purportedly from a specified utility company. The e-mail stated the recipient had a new bill which needed to be paid, and the bill was attached to the e-mail. The recipient was instructed to click on the attachment to view their bill. The attachment contained a zip file with a computer virus.

The e-mail concluded by stating the recipient received the e-mail message, because he/she receives e-bills from this utility company. Many of the recipients are located in areas of the United States that do not use this utility company as their electric provider.

Mobile Banking Security Tips

Your smartphone and other mobile devices provide convenient access to your email, bank and social media accounts. Unfortunately, it can potentially provide the same convenient access for criminals. Greater Hudson Bank recommends following these tips to keep your information – and your money – safe. 

  • Use the passcode lock on your smartphone and other mobile devices. This will make it more difficult for thieves to access your information if your device is lost or stolen.
  •  Enabling screen-lock features after inactivity on your smartphone and other mobile devices. 
  • Log out completely when you finish a mobile banking session. 
  • Never leave your smartphone / mobile device unattended. 
  • Protect your phone from viruses and malicious software, or malware, just like you do for your computer by installing mobile security software. 
  • Use caution when downloading apps. Apps can contain malicious software, worms, and viruses. Beware of apps that ask for unnecessary “permissions.” Before downloading any app, read reviews about the app developer or company publishing the app and understand user app permissions that will be allowed once the app is downloaded. 
  • Download the updates for your smartphone, mobile device, and mobile apps. Keep smartphones and other mobile devices software patches and upgrades up to date to ensure the highest level of protection. Download updates directly from the company’s website to ensure it is legitimate.
  • Avoid storing sensitive information like passwords or a social security number on your mobile device. 
  • Avoid connecting to unknown wireless devices. Be careful when using public hotspots, even at a trusted retailer, as fraudsters can spoof the name of reputable hotspots. 
  • Be aware of shoulder surfers. The most basic form of information theft is observation. Be aware of your surroundings especially when you’re punching in sensitive information. 
  • Wipe your mobile device before you donate, sell or trade it using specialized software or using the manufacturer’s recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen. 
  • Contact Greater Hudson Bank if you change your phone number or lose your mobile device. 

When you use your smartphone and other mobile devices to access the Mobile Banking through Greater Hudson Bank for transactions and inquiries, keep the following tips in mind. 

  • Only trust text messages that come from the Greater Hudson Bank short code 96924. 
  • Frequently delete text messages from Greater Hudson Bank, especially before loaning out your smartphone or other mobile device. 
  • Never disclosure via text message or e-mail your account number, user name, password, social security number, date of birth, or any other personal data. Please note that Greater Hudson Bank will NOT send out text messages or emails asking you to verify personal data. 
  • Turn off Bluetooth technology when conducting Mobile Banking transactions and inquiries. Fraudsters can steal information from wireless devices through Bluetooth connection. 
  • Reconcile your bank statements within 30 days of the statement date to detect any irregularities. 
  • Contact your local branch immediately to report any suspected fraud to Greater Hudson Bank.

 

Click here to learn more about money basic and personal financial planning

 


Greater Hudson Bank is committed to educating our customers on check and deposit fraud schemes and protecting them through our Privacy and Security content.

 

*Regular non-encrypted email over the internet is not a secure means of communication. In instances where we provide internet email addresses, they are for inquiries of a non-sensitive and non-confidential nature. We recommend that you do not send confidential information by email unless it is secured.