Safeguarding Our Customers against E-Mail and Internet-Related Fraudulent Schemes
Avoiding Money Wiring Scams
by Alvaro Puig
Consumer Education Specialist, FTC
Imposters. Impersonators. Fakes. Frauds. Phonies. You might call them by different names but these scam artists have one thing in common: they pretend to be someone they aren’t and tell you a bogus story to con you into wiring them money.
See video below:
Click here to watch a Security Awareness Training Video
Click here to learn more about protecting yourself on the web
What is Enhanced Online Security?
Enhanced Online Security is our Log In authentication system for Online Banking. It utilizes multiple layers of security to ensure that your accounts and information remain secure. Enhanced Online Security protects you from fraud and identity theft by preventing unauthorized access to your accounts.
How do I enroll?
Enhanced Online Security is very easy to use and there is no software to install. Just follow the instructions to enroll and learn about Enhanced Online Security log-in procedures.
How does Enhanced Online Security work?
The system uses multiple layers of security ensuring unauthorized users cannot gain access to your accounts. We do this by verifying three important criteria:
- Your Log In Credentials - Access ID and Password must match with our system records or access is refused.
- Your Device - We check the device you are using – whether it’s your computer, mobile phone or tablet. If we don’t recognize the device, we may ask you to answer a Security Challenge question to ensure your identity.
- Your Location - If access is being requested from an unusual geographic location, we may ask you to answer one of your Challenge questions before giving you access.
When you are logging in, our Extended Validation Certificate will display as a "green bar" in your browser address bar. You can always enter your credentials with the assurance that if your browser address bar is green, your connection is safe. It is a known and trusted way to verify the authenticity of a website.
Email and fraudulent websites
Sometimes criminals may send you email that looks like it has come from Greater Hudson Bank. These phony emails ask you to go to a website that also looks like Greater Hudson Bank and provide your personal account information. Some of these phony emails even caution that if you don't do this, your account may be suspended. But the website is also a fake, and this is a fraud attempt.
This is the most common type of online fraud, and is called "phishing and spoofing". Criminals send these phony email messages or direct someone to a fraudulent website for one goal, to steal personal and financial information.
If you should ever receive an email that appears to be suspicious, do not reply to it or click on the link it provides. Simply delete it. To report a suspicious email that uses Greater Hudson Bank's name, you can forward it to firstname.lastname@example.org*. (If you have general questions about the bank or your accounts, please go to Contact Us.)
Spyware and viruses
Spyware and viruses are both malicious programs that are loaded onto your computer without your knowledge. Whether the goal of these programs is to capture or destroy information, to ruin the performance of your computer, or to bombard you with advertising, you don't want them.
Viruses spread by infecting computers and then replicating. Spyware disguises itself as a legitimate application and embeds itself into your computer, to monitor your activity and collect information.
Spyware and viruses are both serious threats to the security of your computer.
Pop-ups are the advertisements that "pop up" in a separate browser window. When you click on some of these pop-ups, it's possible that you're also downloading "spyware" or "adware."
Sometimes, criminals create pop-up ads that look like they come from a respected financial institution and ask you to enter personal financial information, but Greater Hudson Bank and most other financial institutions will never ask you to verify personal financial information in pop-ups.
Fraudulent Phone Calls and Numbers
Vishing is the criminal practice of using social engineering and Voice over IP (VoIP) to gain access to private personal and financial information from the public for the purpose of financial reward. The term is a combination of "voice" and phishing.
When the victim answers the call, an automated recording, often generated with a text to speech synthesizer, is played to alert the consumer that their credit card has had fraudulent activity or that their bank account has had unusual activity. The message instructs the consumer to call the following phone number immediately. The same phone number is often shown in the spoofed caller ID and given the same name as the financial company they are pretending to represent.
Consumers are advised to be highly suspicious when receiving messages directing them to call and provide credit card or bank numbers. Rather than provide any information, the consumer is advised to contact their bank or credit card company directly to verify the validity of the message.
Mobile Phone Security
Smishing is a form of criminal activity using social engineering techniques similar to phishing. Smishing victims receive SMS messages. Known as "smishing," these text messages might ask a recipient to register for an online service -- then try to sneak a virus onto the users' device.
Some messages warn that the consumer will be charged unless he cancels his supposed order by going to a Web site that then extracts such credit card numbers and other private data.
Greater Hudson Bank will never ask you to reply to an email with any personal information or data, such as your Social Security number, ATM or Check Card PIN, or any other sensitive information. In addition, when you sign in to Online Banking always make sure to look for the logo at the bottom of the page.
How to Protect Yourself
- Be cautious of any offer that sounds to good to be true.
- Verify any calls or emails that you receive about a security or fraud investigation with your bank or financial institution.
- Be wary of any offer that requires you to wire money, withdraw cash from your account, or provide account information.
- Review The Alliance For Consumer Fraud Awareness website
Other Check Fraud Security Tips
- Store your checks, deposit slips, bank statements, and cancelled checks in a secure and locked location. Never leave your checkbook in your vehicle or in the open.
- Unless needed for tax purposes, destroy old cancelled checks, account statements, deposited checks, ATM receipts, etc.
Reconcile your bank statements within 30 days to detect any irregularities.
- Never give your account number to people you do not know, especially over the telephone to unsolicited phone sales calls. Please note that Greater Hudson Bank will NOT send out email asking you to verify personal data.
- When you receive a new or replacement check order, make sure all the checks are there and that none are missing.
- Mail your bills from the Post Office or sign up for On Line Bill Pay. Limit the amount of personal information on your check. For example, do not include your Social Security Number or Driver’s License Number on your check.
Fraudulent Utility Bill E-mail
The IC3 has received over 40 complaints since May 2011 reporting the receipt of an unsolicited e-mail purportedly from a specified utility company. The e-mail stated the recipient had a new bill which needed to be paid, and the bill was attached to the e-mail. The recipient was instructed to click on the attachment to view their bill. The attachment contained a zip file with a computer virus.
The e-mail concluded by stating the recipient received the e-mail message, because he/she receives e-bills from this utility company. Many of the recipients are located in areas of the United States that do not use this utility company as their electric provider.
Mobile Banking Security Tips
Your smartphone and other mobile devices provide convenient access to your email, bank and social media accounts. Unfortunately, it can potentially provide the same convenient access for criminals. Greater Hudson Bank recommends following these tips to keep your information – and your money – safe.
- Use the passcode lock on your smartphone and other mobile devices. This will make it more difficult for thieves to access your information if your device is lost or stolen.
- Enabling screen-lock features after inactivity on your smartphone and other mobile devices.
- Log out completely when you finish a mobile banking session.
- Never leave your smartphone / mobile device unattended.
- Protect your phone from viruses and malicious software, or malware, just like you do for your computer by installing mobile security software.
- Use caution when downloading apps. Apps can contain malicious software, worms, and viruses. Beware of apps that ask for unnecessary “permissions.” Before downloading any app, read reviews about the app developer or company publishing the app and understand user app permissions that will be allowed once the app is downloaded.
- Download the updates for your smartphone, mobile device, and mobile apps. Keep smartphones and other mobile devices software patches and upgrades up to date to ensure the highest level of protection. Download updates directly from the company’s website to ensure it is legitimate.
- Avoid storing sensitive information like passwords or a social security number on your mobile device.
- Avoid connecting to unknown wireless devices. Be careful when using public hotspots, even at a trusted retailer, as fraudsters can spoof the name of reputable hotspots.
- Be aware of shoulder surfers. The most basic form of information theft is observation. Be aware of your surroundings especially when you’re punching in sensitive information.
- Wipe your mobile device before you donate, sell or trade it using specialized software or using the manufacturer’s recommended technique. Some software allows you to wipe your device remotely if it is lost or stolen.
- Contact Greater Hudson Bank if you change your phone number or lose your mobile device.
When you use your smartphone and other mobile devices to access the Mobile Banking through Greater Hudson Bank for transactions and inquiries, keep the following tips in mind.
- Only trust text messages that come from the Greater Hudson Bank short code 96924.
- Frequently delete text messages from Greater Hudson Bank, especially before loaning out your smartphone or other mobile device.
- Never disclosure via text message or e-mail your account number, user name, password, social security number, date of birth, or any other personal data. Please note that Greater Hudson Bank will NOT send out text messages or emails asking you to verify personal data.
- Turn off Bluetooth technology when conducting Mobile Banking transactions and inquiries. Fraudsters can steal information from wireless devices through Bluetooth connection.
- Reconcile your bank statements within 30 days of the statement date to detect any irregularities.
- Contact your local branch immediately to report any suspected fraud to Greater Hudson Bank.