PROTECT YOURSELF
How to Recognize a Phishing, Mishing or Vishing Scam
Genuine banks and organizations will NOT contact you by e-mail to request confidential and personal information. If a bank or organization sends you a genuine request for some information, they should address you by name and not refer to you as “account holder” or “customer”.
A genuine bank or organization should take good care to ensure that any e-mail or message they send to you does not contain typing errors and grammatical mistakes—many scammers make silly mistakes.
How to Respond to a Phishing, Mishing or Vishing Scam
There are things you can do if you receive a suspicious message. If you receive an e-mail, phone call or other message supposedly from your bank or another organization requesting your personal details, delete the message or hang up your phone. Even if the e-mail or message urges you to act quickly, do not panic—this is just a trick to make you respond immediately without giving you a chance to talk to others or to check if it is a scam.
If you receive a suspicious call or message that you think might be genuine, do not divulge your details until you have made some extra checks to satisfy yourself that it is not a scam.
Ring your bank or the company yourself to find out if it is a genuine message but never use the number provided in the e-mail or message—a scammer will not give you the correct number!
How to Reduce the Damage if You Have Fallen For a Scam
Report the scam – You should telephone your bank or financial institution if you are suspicious of an e-mail, letter or phone call that claims to be from them, or if you think someone may have access to your accounts. They can advise you on what to do next. Make sure the telephone number you use is from the phone book or your account statement, ATM card or credit card. Protect your computer – If you were using your computer when you got scammed, it is possible that a virus of other malicious software may have infected your computer. Run a full system check using reliable security software. If you do not have security software (such as virus scanners and a firewall) installed on your computer, a computer professional can help you choose what you need. Change your passwords – Scammers may have also gained access to your online passwords. Change your passwords using a secure computer.
At the ATM...
- If possible, avoid using ATMs during hours of darkness. If you must do so, try to have another person accompany you.
- If an ATM facility must be used at night, try to select one in an area that is well lit.
- When possible, try to choose an ATM that is highly visible.
- Thoroughly observe the area around the ATM.
- Be cautious of anyone who engages you in conversation as you approach the ATM, while you are using it or immediately thereafter.
- Be suspicious of anyone who closely observes you while you are using the ATM: Protect your PIN from view.
- Spend as little time at the ATM as possible.
- Don’t count or needlessly expose cash at the ATM.
- Don’t leave your receipt at the ATM.
- Don’t reveal your PIN to anyone in person or over the telephone for any reason, even if the individual represents him or herself as a bank employee.
When Online...
- Create secure passwords. Keep them private. Change them regularly.
- The strongest passwords look like a random string of characters to attackers. Use a combination of letters, numbers and symbols.
- Update your firewall, virus protection, and browser software regularly.
- Use e-mail software with built-in spam filtering. Keep filters current. Don’t open e-mails or attachments if you don’t know the sender. Limit sharing e-mail or instant message addresses.
- When doing your online banking and shopping only deal with known, reputable vendors. Before doing business, look for and verify the company’s physical address, not a Post Office box. Request a catalog by mail. Speak with a company representative over the phone.
- Don’t fall for phishing, mishing, vishing, or other social engineering schemes.
- Back up all your valuable data and keep the backups under lock and key.
- Back up anything you cannot replace easily. The following are some storage devices and locations to consider. External hard drive, CD, DVD, USB flash drive, Online backup and storage service.
- Eradicate personal data from your computer before donating or disposing of it. Remember, manually deleted computer files, may still be recovered by an identity thief. To remove files, search for “file shredder” or “secure file deletion” to find a program that is compatible with your version of Windows and other software. Call the computer manufacturer’s technical services department and ask how to delete personal files. A third option is to have reputable computer engineer safely overwrite your files from your hard drive.
When Writing Checks...
- Guard your checkbook and checks.
- Never give your account and routing numbers to people you do not know, especially to anyone over the telephone even if the individual represents him or herself as a bank employee.
- Guard your deposit slips. Never use your deposit slip for “scrap” paper and then give it to someone.
- Properly store or dispose of canceled checks.
- If your checkbook is lost or stolen, immediately inform us.
- When traveling for a period of time, it is wise to leave your checkbook at home, locked away, and purchase a travel card or use your ATM/CheckCard.
- Write your checks using ink pens…never pencil.
- Write the payee name and the dollar amount in both numbers and letters, as far to the left in the allotted space and draw a line thru the unused space to the right of the letters and numbers to prevent additions.
- When writing the payee name on the “Pay to the Order of” line, make sure the name is spelled out so it cannot be altered.
- Promptly balance or reconcile your checkbook register with your monthly bank statements.