Security and Fraud Prevention Archives - River City Bank

Blog Category: Security and Fraud Prevention

Shop Safe for the Holidays!

gift shopping

Friday, December 2, 2022

Cheers to Safe Holiday Shopping

‘Tis the season of gift giving. Before you start making lists and checking them twice, give yourself the gift of cyber safety! According to the National Retail Federation, 73% of consumers plan to use their smartphone or tablet to research or make a purchase this holiday season. Don’t let cyber grinches turn merriment into mayhem. Following simple cybersecurity tips and practices before and while you shop online will help ensure peace of mind during the holidays and year-round.

Online Shopping Tips

  • Think before you click: Beware of ads encouraging users to click on links. If you receive an enticing offer, do not click on the link. Instead, go directly to the company’s website to verify the offer is legitimate.
  • Do your homework: Fraudsters are fond of setting up fake e-commerce sites. Prior to making a purchase, read reviews to hear what others say about the merchant. In addition, look for a physical location and any customer service information. It’s also a good idea to call the merchant to confirm that they are legitimate.
  • Consider your payment options: Using a credit card is much better than using a debit card; there are more consumer protections for credit cards if something goes awry. Or, you can use a third party payment service instead of your credit card. There are many services you can use to pay for purchases – like Google Pay — without giving the merchant your credit card information directly.
  • Watch what you give away: Be alert to the kinds of information being collected to complete your transaction. If the merchant is requesting more data than you feel comfortable sharing, cancel the transaction. You only need to fill out required fields at checkout and you should not save your payment information in your profile. If the account autosaves it, after the purchase go in and delete the stored payment details.
  • Keep tabs on your bank and credit card statements: Be sure to continuously check your accounts for any unauthorized activity. Good record keeping goes hand-in-hand with managing your cybersecurity. Another tip for monitoring activity is to set up alerts so that if your credit card is used, you will receive an email or text message with the transaction details.

Basic Safety and Security Tips

  • Keep a clean machine: Keep a clean machine. Be sure that all internet-connected devices ‒ including PCs, smartphones and tablets ‒ are free from malware and infections by running only the most current versions of software and apps.
  • Lock Down Your Login: Create long and unique pass phrases for all accounts and use multi-factor authentication (MFA) wherever possible. MFA will fortify your online accounts by enabling the strongest authentication tools available, such as biometrics or a unique one-time code sent to your phone or mobile device.
  • Use a secure Wi-Fi: Using public Wi-Fi to shop online while at your favorite coffee shop is tremendously convenient, but it is not cyber safe. Don’t make purchases via public Wi-Fi; instead use a Virtual Private Network (VPN) or your phone as a hotspot.

Resource: National Cybersecurity Alliance

5 Ways to be Cyber Secure at Work

Secure Password
user typing login and password, cyber security concept, data protection and secured internet access, cybersecurity

Friday, October 1, 2021

Businesses face significant financial loss when a cyber attack occurs. In 2019, the U.S. business sector had 17% increase in data breaches: 1,473 breaches.* Cybercriminals often rely on human error—employees failing to install software patches or clicking on malicious links—to gain access to systems. From the top leadership to the newest employee, cybersecurity requires the vigilance of everyone to keep data, customers, and capital safe and secure. #BeCyberSmart to connect with confidence and support a culture of cybersecurity at your organization.

Simple Tips:

  1. Treat business information as personal information. Business information typically includes a mix of personal and proprietary data. While you may think of trade secrets and company credit accounts, it also includes employee personally identifiable information (PII) through tax forms and payroll accounts. Do not share PII with unknown parties or over unsecured networks.
  2. Don’t make passwords easy to guess. As “smart” or data-driven technology evolves, it is important to remember that security measures only work if used correctly by employees. Smart technology runs on data, meaning devices such as smartphones, laptop computers, wireless printers, and other devices are constantly exchanging data to complete tasks. Take proper security precautions and ensure correct configuration to wireless devices in order to prevent data breaches. For more information about smart technology see the Internet of Things Tip Card. Read the Internet of Things Tip Sheet for more information.
  3. Be up to date. Keep your software updated to the latest version available. Maintain your security settings to keeping your information safe by turning on automatic updates so you don’t have to think about it and set your security software to run regular scans.
  4. Social media is part of the fraud toolset. By searching Google and scanning your organization’s social media sites, cybercriminals can gather information about your partners and vendors, as well as human resources and financial departments. Employees should avoid oversharing on social media and should not conduct official business, exchange payment, or share PII on social media platforms. Read the Social Media Cybersecurity Tip Sheet for more information.
  5. It only takes one time. Data breaches do not typically happen when a cybercriminal has hacked into an organization’s infrastructure. Many data breaches can be traced back to a single security vulnerability, phishing attempt, or instance of accidental exposure. Be wary of unusual sources, do not click on unknown links, and delete suspicious messages immediately. For more information about email and phishing scams see the Phishing Tip Sheet.

For more information on how you can Do Your Part. #BeCyberSmart, visit www.cisa.gov/ncsam.

* Identity Theft Resource Center, “2019 End of the Year Data Breach Report”, 2019

Tips to Protect Against a Cyberattack

[field date date_format='l, F j, Y']

As more consumers move to online banking in the wake of the pandemic, criminals are looking for ways to take advantage of unsuspecting individuals, particularly older Americans who are often targeted by fraudsters. In fact, older Americans were particularly hard hit with total losses for those 50 and older exceeding $1.8 billion, according to FBI data for 2020.

As financial stewards of our community, we take great care to protect customers’ sensitive data.

We encourage consumers to take the following proactive measures to reduce the likelihood of becoming a victim of identity theft and fraud:

  • Use strong passwords, install anti-virus, anti-malware, and anti-ransomware software to prevent and detect fraudulent activity. Apply software patches.
  • Be careful with sensitive information. Do not send bank account passwords or other sensitive information over unencrypted email and try not to use public wi-fi when conducting personal business.
  • Resist opening email attachments or clicking on links in unsolicited or suspicious looking email. Remember our bank will never email or call you and request login credentials.

To protect your account consumers are advised to:

  • Monitor account activity regularly for transaction irregularities and report discrepancies to the bank.
  • Back up personal information and store it safely so that in the unfortunate event of ransomware or other cyber threats you can retrieve your data.
  • Look for special indicators such as web addresses with https:// that denote extra measures taken to help secure your information. URLS that end in .BANK are assigned for exclusive use by financial institutions.

Together, we can work together to prevent fraud!

Can You Spot a Phishing Scam?

Concept of hacking or phishing a login and password with malware program

[field date date_format='l, F j, Y']

Every day, thousands of people fall victim to fraudulent emails, texts and calls from scammers pretending to be their bank. And in this time of expanded use of online banking, the problem is only growing worse. In fact, the Federal Trade Commission’s report on fraud estimates that American consumers lost a staggering $1.9 billion to these phishing schemes and other fraud in 2019.

It’s time to put scammers in their place.

Online scams aren’t so scary when you know what to look for. River City Bank is committed to helping you spot them as an extra layer of protection for your account. We’ve joined with the American Bankers Association and banks across the country in a nationwide effort to fight phishing—one scam at a time.

We want every bank customer to become a pro at spotting a phishing scam—and stop bank impostors in their tracks. It starts with these four words: Banks Never Ask That. Because when you know what sounds suspicious, you’ll be less likely to be fooled.

These top 3 phishing scams are full of red flags:

  • Text Message: If you receive a text message from someone claiming to be your bank asking you to sign in, or offer up your personal information, it’s a scam. Banks never ask that.
  • Email: Watch out for emails that ask you to click a suspicious link or provide personal information. The sender may claim to be someone from you bank, but it’s a scam. Banks never ask that.
  • Phone Call: Would your bank ever call you to verify your account number. No! Banks never ask that. If you’re ever in doubt that the caller is legitimate, just hang up and call the bank directly at a number you trust.

You’ve probably seen some of these scams before. But that doesn’t stop a scammer from trying. For more tips on how to keep phishing criminals at bay, including videos, an interactive quiz and more, visit www.BanksNeverAskThat.com. And be sure to share the webpage with your friends and family.

What’s Your Scam Score? Take five minutes to become a scamspotter pro by taking the #BanksNeverAskThat quiz at BanksNeverAskThat.com. Share your score on Twitter to encourage your friends and family to test their scam savviness, too. The more scamspotters out there, the harder it is for phishing criminals to catch their next victim!

Tips to Protect Against Fraud

[field date date_format='l, F j, Y']

Tips for Consumers to Protect Against Fraud

Banks use a variety of safeguards to protect your information and prevent fraud, such as special fraud detection software, sophisticated computer security systems, employee training and strict privacy policies. As an account holder, you play a role in protecting your money and information, too. Here are some important tips for consumers.

How to Protect Your Identity and Accounts…

  • Watch your account(s). Monitor your account transactions online frequently. Set up electronic transaction notifications and balance alerts through your bank’s online banking service to monitor activity. Check your statement every month.
  • Be alert for phishing scams trying to trick you out of giving up account numbers and other information. They often arrive as email, phone or text messages asking for your account number or other details. Banks and credit card companies already have that information and won’t ask you for it in such unsolicited requests. Call your bank directly or navigate to their official website from a separate browser page if you’re suspicious.
  • Change your password regularly and avoid using a similar password for your bank accounts as you do for other websites or apps. Don’t keep a list of passwords, PINS or usernames in your wallet or in an unsecure computer file.
  • Be aware of your surroundings and equipment being used at ATMs and merchant swipe terminals to avoid skimming devices or other methods crooks use to steal your information.
  • Don’t give your Social Security number or other personal credit information about yourself to anyone who contacts you.
  • Order copies of your credit report once a year to ensure accuracy.
  • When using social networking sites, never include personal contact information including telephone numbers, Social Security number, birth date, email addresses, physical address, mother’s maiden name or other information that could provide sensitive information to fraudsters or hints to passwords.
  • Don’t open email from unknown sources and use virus detection software.

What to Do if You’re a Victim of Fraud…

  • Contact your bank immediately if you know or suspect your account has been compromised or you identity has been stolen. Use the tools it has to help you.
  • File a police report and contact the three major credit reporting companies. The fraud unit numbers are:
    • TransUnion – 800.680.7289
    • Experian – 888.397.3742
    • Equifax – 800.525.6285
  • Keep records of your communication with authorities, including names and contact numbers.

  • Report online crime or fraud to your local United States Secret Service (USSS) Electronic Crimes Task Force Atlanta office at 404.331.6111 or the Internet Crime Complaint Center.

  • Report ID theft and Consumer Fraud to the FTC’s ID Theft Consumer Response Center at 1.877.ID.THEFT (1.877.438.4338) or www.ftc.gov/idtheft.

Background: Banks Act Swiftly to Protect Customers when Fraud is Detected or Suspected.

  • Many banks have special fraud detection software that constantly monitors accounts to help flag ID theft.
  • If a bank detects possible fraud or if it is contacted about potential fraud, it immediately takes action by closing accounts when appropriate and beginning an investigation. Depending on the data that is compromised, the bank may take a variety steps such as:
  • Enhanced account monitoring and customer notification
  • Blocking account access and re-issuing cards
  • Reimburse customers for confirmed fraudulent transactions.
  • Due to the zero-liability fraud protection offered by most banks and credit card companies, most victims do not experience any out-of-pocket costs from fraudulent transactions.
  • Banks bear the cost of account fraud, not consumers or merchants. Reimbursing customers and re-issuing cards can cost millions of dollars. For example, the Target data breach in late 2013 cost banks and credit unions $200 million just to re-issue cards, according to data collected by the Consumer Bankers Association and Credit Union National Association. Many Georgia banks re-issued debit cards out of an abundance of caution. The cost estimate does not include reimbursement for actual fraudulent charges.
  • Beyond the monetary cost, banks bear significant reputational risk if their account protection efforts, customer service and communication efforts about fraud are not excellent. Banks have become proactive and effective at dealing with these issues.
  • Most banks have special toll free numbers and websites devoted to helping victims of identity theft.
  • Many banks offer special worksheets, phone numbers and standardized affidavits to send to other businesses that may need to be contacted. A special affidavit is available from the Federal Trade Commission at ftc.gov/idtheft

 

Resource: Georgia Bankers Association

Protect Your Computer From Malware

Secure Password
user typing login and password, cyber security concept, data protection and secured internet access, cybersecurity

Tuesday, April 9, 2019

Keep your firewall turned on. A firewall puts a protective barrier between your computer and the Internet. Turning it off for even a minute increases the risk that your PC will be infected with malware.

Install or update anti-virus & anti-malware software from a trusted source. You need both to prevent malicious software programs from embedding themselves on your computer. Set them to update automatically.

Install or update your antispyware technology. Some spyware collects information about you without your consent; others produce unwanted pop-up ads on your web browser.

Keep your operating system up to date. Updates are needed to fix security holes.

Be careful what you download. Careless downloading can beat even the most vigilant anti-virus/ anti-malware software. Investigate any free software before downloading.

Use flash drives cautiously. Putting your flash drive (thumb drive) in a computer that is infected could corrupt the drive, and ultimately your computer.

Close your browser when you’re done working. Delete the cache, history and passwords each time. Also, turn off your computer. Being “always on” leaves you connected to the crooks. Turning your computer off effectively severs an attacker’s connection.

Ignore scareware. Scareware pop-ups may look like actual warnings from your system, but they are not. Made to appear authentic, they often deliver malicious payloads. Close them with the “X” button.

Review your bank and credit card statements. It’s one of the easiest ways to get the tip-off that something is wrong. Also, monitor your credit reports. For even more protection, you might consider a credit monitoring service that will alert you when there’s an entry in your credit file.

Choose strong passwords. Create at least an eight-digit complex password to protect activities like online financial transactions and don’t use that password anywhere else. Change your most critical passwords every 90 days.

5 Ways to Protect Your Small Business from Account Fraud

padlock

Tuesday, July 5, 2022

Corporate account takeover is a type of fraud where thieves gain access to a business’ finances to make unauthorized transactions, including transferring funds from the company, creating and adding new fake employees to payroll, and stealing sensitive customer information that may not be recoverable. The Georgia Bankers Association and American Bankers Association recommend following these tips to keep your small business safe.

  1. Educate your employees. You and your employees are the first line of defense against corporate account takeover. A strong security program paired with employee education about the warning signs, safe practices, and responses to a suspected takeover are essential to protecting your company and customers.
  2. Protect your online environment. It is important to protect your cyber environment just as you would your cash and physical location. Do not use unprotected internet connections. Encrypt sensitive data and keep updated virus protections on your computer. Use complex passwords and change them periodically.
  3. Partner with your bank to prevent unauthorized transactions. Talk to your banker about programs that safeguard you from unauthorized transactions. Positive Pay and other services offer call backs, device authentication, multi-person approval processes and batch limits help protect you from fraud.
  4. Pay attention to suspicious activity and react quickly. Look out for unexplained account or network activity, pop ups, and suspicious emails. If detected, immediately contact your financial institution, stop all online activity and remove any systems that may have been compromised. Keep records of what happened.
  5. Understand your responsibilities and liabilities. The account agreement with your bank will detail what commercially reasonable security measures are required in your business. It is critical that you understand and implement the security safeguards in the agreement. If you don’t, you could be liable for losses resulting from a takeover. Talk to your banker if you have any questions about your responsibilities.

For additional information, you can also visit the following websites to learn more about how to protect your small business:

ABA Foundation Shares Tips for Avoiding Scholarship and Student Loan Scams

Wednesday, September 7, 2022

As part of its annual Get Smart About Credit campaign, the American Bankers Association (ABA) Foundation is providing consumers with information on common scholarship and student loan scams and tips on how to avoid falling victim.

With college costs on the rise, many students are in search of scholarships and federal student loans to help them pay for their education. The ABA reports that 84% of first-year students receive financial aid and 66% apply using Free Application for Student Aid (FAFSA).

Unfortunately, the high volume of scholarship and student loan applications also creates an opportunity for scam artists. More than $100 million is lost in scholarship scams every year and more than half of all students who applied for a private loan reported receiving a fraudulent loan, according to the FTC.

“We think it’s critically important to help spread the word on the prevalence of these scams and what students and parents can do to protect themselves during the application process,” said Lindsay Torrico, executive director of the ABA Foundation. “With the Biden administration’s recent decision to offer student debt relief to millions of borrowers, we want consumers to be particularly vigilant and informed as they navigate the new forgiveness program. Paying for college is challenging enough without losing money to these bad actors.”

The ABA Foundation offers three quick tips for how to stay safe while applying for scholarships and student loans:

  1. Never share FAFSA information.
  2. Only solicit loans from companies identified by the Department of Education.
  3. Never pay to apply for college scholarships.

If you or your family encounter suspected scholarship scams, report them immediately to the following government agencies:

 

About the American Bankers Association

The American Bankers Association is the voice of the nation’s $24 trillion banking industry, which is composed of small, regional and large banks that together employ more than 2 million people, safeguard $19.9 trillion in deposits and extend $11.4 trillion in loans.

About the ABA Foundation

Through its leadership, partnerships, and national programs, ABA’s Community Engagement Foundation (dba ABA Foundation), a 501(c)3, helps bankers provide financial education to individuals at every age, elevate issues around affordable housing and community development, and achieve corporate social responsibility objectives to improve the well-being of their customers and their communities.

Can You Spot a Phishing Scam?

Thursday, October 6, 2022

Every day, thousands of people fall victim to fraudulent emails, texts and calls from scammers pretending to be their bank. And in this time of expanded use of online and mobile banking, the problem is only growing worse. In fact, the Federal Trade Commission’s report on fraud estimates that American consumers lost a staggering $5.8 billion to phishing scams and other fraud in 2021—an increase of more than 70 percent over 2020.

It’s time to put scammers in their place.

Online scams aren’t so scary when you know what to look for. And at River City Bank, we’re committed to helping you spot them as an extra layer of protection for your account. We’ve joined with the American Bankers Association and banks across the country in a nationwide effort to fight phishing—one scam at a time.

We want every bank customer to become a pro at spotting a phishing scam—and stop bank impostors in their tracks. It starts with these four words: Banks Never Ask That. Because when you know something sounds suspicious, you’ll be less likely to be fooled.


These four phishing scams are full of red flags:

  • Text Message: If you receive a text message from someone claiming to be your bank asking you to sign in, or offer up your personal information, it’s a scam. Banks Never Ask That.
  • Email: Watch out for emails that ask you to click a suspicious link or provide personal information. The sender may claim to be someone from your bank, but it’s a scam. Banks Never Ask That.
  • Phone Call: Would your bank ever call you to verify your account number. No! Banks Never Ask That. If you’re ever in doubt that the caller is legitimate, just hang up and call the bank directly at a number you trust.
  • Payment Apps: Beware of text messages from someone claiming to be your bank saying your account has been hacked. The scammer may ask you to send money to a new account they’ve created for you, but that’s a scam! Banks Never Ask That.

You’ve probably seen some of these scams before. But that doesn’t stop a scammer from trying. For tips, videos and an interactive game to help you keep phishing criminals at bay, visit www.BanksNeverAskThat.com. And be sure to share the webpage with your friends and family.

Elder Financial Exploitation Awareness

Wednesday, August 30, 2023

What is Elder Financial Exploitation?

Elder financial exploitation (EFE) is the illegal or improper use of an older person’s funds, property, or assets. It is the fastest-growing form of elder abuse, as perpetrators may be family members, friends, neighbors, caregivers, health care providers, business associates, or strangers. EFE Crimes generally fall into two categories:

 

 

Elder Theft: Trusted Individuals steal money or belongings from seniors. Elder theft compromises two-thirds of EFE cases. Examples:

  • Forging Checks
  • Stealing retirement or Social Security benefits
  • Using credit cards or bank accounts without permission
  • Changing names on wills, bank accounts, life insurance policies, or real estate titles without permission

Elder Scams: Strangers deceive older adults into transferring money to them for promised goods, services, or financial benefits which do not exist or were misrepresented. Examples:

  • Tech support scams – Scammers pose as tech repair agents to access victims’ computers and finances
  • Investment scams – Perpetrators induce investors to make purchases based on false information and promises of large returns with minimal risk
  • Romance scams – criminals seek money from victims on dating apps and social media
  • Government or family imposter scams – Fraudsters impersonate government officials or family members to demand money
  • Lottery scams – Criminals claim victims must pay taxes or fees to access winnings from a lottery or raffle
The Impact on Seniors and the Economy

The average loss per older adult was $35,101 in 2022, according to the FBI Internet Crime Complaint Center. The FBI reported total losses increased by 84% between 2021 and 2022. Victims may lose their life savings or their homes. Victims may also experience fear, shame, anxiety, and depression. Some may lose their independence or even their lives. EFE costs seniors billions of dollars annually. It also hurts businesses, families, and government programs. EFE may force older adults to become reliant on government-sponsored assistance programs.

Why Older Adults Are Targeted

Seniors generally have more accumulated wealth, thanks to a lifetime of working, investing, and saving. Older adults who are most vulnerable to exploitation may:

  • Have previously been a victim of fraud or scams
  • Suffer from mild cognitive impairment or dementia
  • Be dependent on others to meet daily needs
  • Experience social isolation
  • Lack information about scams and fraud
  • Be unfamiliar with technology, online services, and safe online behavior

It is important to note that any age demographic can be victimized, not just older adults.

For More Information, Visit:

 

*This article was published by the American Bankers Association Foundation in collaboration with the FBI in June 2023.