Security Center is your source for the latest information about online attacks, what we are doing to protect you, and what you can do to protect yourself and your family from identity theft and online fraud.
If you suspect your account(s) or personal information has been compromised, it is important you contact us and report it immediately.
We will make every effort to protect you and to thoroughly investigate any reported incident.
The best detector of fraud and identity theft is you. Through proactive monitoring, you can look for suspicious activities and act fast before there’s unauthorized/fraudulent activity on your account.
Monitor your account regularly – We at FIGFCU (Farmers Insurance Group Federal Credit Union) recommend frequently reviewing your account activity online through Online Banking because:
- The sooner fraud is detected, the lower the financial impact can be.
- Studies show over 50% of all identity fraud is first discovered by the victim.
- Members who monitor their account using online banking methods (such as Online Banking) detect fraud and unusual activity earlier than those who rely on monthly mailed statements.
- Members who enroll in eStatements instead of mailed statements reduce their risk of mail fraud.
How to Recognize Fraud and Identity Theft – We at FIGFCU believe it is important to learn how to recognize suspicious activities that can signify possible fraud or identity theft.
Fraud is an act that occurs when someone unlawfully uses your account to make unauthorized transactions, usually when the account number or card information has been stolen or obtained without proper authorization. The following can be indications of fraudulent activity:
- If unexpected charges appear on your account statement.
- If you did not receive an expected bill or statement by mail.
- If security questions or information on your account have been changed.
- If posted checks that are out of range appear on your account.
- If charges from unrecognized vendors appear on your account.
While anyone can fall prey to fraud and identity theft, there are many things you can do to minimize your risk. FIGFCU provides these security tips so you can guard against fraud and identity thief.
Safeguard your Personal Information
Never provide your Social Security Number or private information, unless you have initiated the contact and have confirmed the business or person’s identity.
- If you must provide your Social Security Number in an e-mail or on a website, ensure that it is encrypted, and you know how the recipient will protect it.
- Do not carry your Social Security card in your wallet and be cautious of your surroundings when disclosing your Social Security Number.
- Never use your birth date or Social Security Number as a PIN (Personal Identification Number) or a password.
- Understand the risks associated with accessing your accounts from a publicly accessible computer or internet connection. A public computer or public internet connection may be infected with a virus and/or malware and any information accessed from that system will be at risk.
- Opt-In to FIGFCU CARDNAV, FICO Quarterly Monitoring
- Reduce the amount of mail and paper that you keep that has your personal information printed on it. This can reduce the chances of criminals being able to steal and gain unauthorized access to your accounts.
- Stop receiving paper account statements by enrolling in eStatements. View and download them online as needed.
- Sign up for direct deposit to have your funds put directly in your account rather than having a paper check mailed to you.
- Promptly collect incoming mail, and use a locking mailbox if possible.
- If you stop receiving bills, statements or other monthly mailings, or if a bill is not received when expected, contact the issuing company immediately.
- Send outgoing mail from a secured mailbox or post office. Try to avoid leaving outgoing mail in an unsecure location.
- Shred all unwanted pre-approved offers for credit cards, convenience checks, checks, or loans.
- Shred all old bank statements, credit card statements, and billing information.
Secure Your Computer
- Understand the risks associated with accessing your accounts from a public computer or internet connection (a public computer or public internet connection may be infected with a virus and/or malware and any information accessed from that system may be at risk).
- Do not download or purchase pirated/bootlegged copies of software, movies, music, or security software. These downloads or purchases may contain a virus, malware, worms, spyware, Trojans, and/or other unwanted invaders that can put your computer at risk. “If something seems too good to be true, it probably is”.
- Update your system and software regularly. This includes anti-virus software, spyware programs, anti-malware programs, firewalls on your computer, and/or operating system patches and updates.
Secure Your Passwords and User IDs
- For each computer or on-line service you use, you should have a user ID and password. Try to create the most unique and original password, and make sure you protect it.
- Use strong passwords and change them on a regular basis (at least quarterly). Do not use the same password for multiple usernames or accounts. Thieves will often target less secure usernames and passwords, such as access for an online forum or social networking site and try to use the same passwords (or minor variations) to gain access to highly secure systems such as online banking.
- Make a strong password by using at least one number, a mix of lowercase and capital letters as well as punctuation characters. A password that is at least eight (8) characters long and not found in the dictionary is exponentially harder to crack than a five-character password using all lowercase letters and no additional characters.
- The following easily identifiable items should be avoided when creating passwords:
- Your birth date or a family member’s birth date
- Social Security Number
- Names of family members or pets
- Phone numbers
- Dates of important events, such as anniversaries
- Never give out your password or personal identifying information to anyone contacting you on an incoming call or incoming correspondence or text message. FIGFCU will NEVER call you and request your password or private identifying information.
- Never write down sensitive personal information such as your password or Social Security Number.
Install and Use Anti-Virus Programs
We recommend that you use programs that can detect and remove viruses and spyware, which can steal vital information. Virus and malware can infect a home computer in many ways. Examples include through floppy disks, CDs, DVDs, e-mail, websites and downloaded files. Anti-virus programs help protect your computer against most viruses, worms, spyware, Trojans, malware, and other unwanted invaders that can put your computer at risk. Virus malware, worms, etc. often perform malicious acts, such as deleting files, freezing your computer, accessing personal data or even denial of access to personal information on your computer. If a file is found to be infected with a virus, most anti-virus programs provide you with options of how to respond, such as removing the harmful item or deleting the file. Installing an anti-virus program and keeping it up-to-date is the best defense for your home computer.
Firewalls: What They Are and How to Use Them
A firewall prevents unauthorized users from gaining access to a computer, or monitoring transfers of information to and from the computer. Before connecting your personal computer to the internet, you should install a firewall. A firewall can be generally described as a security guard for your home computer. The guard is a piece of software or hardware that helps protect your PC against hackers and many computer viruses and worms. With a firewall, you define which connections between your computer and other computers on the internet are allowed and which are denied. There are firewall programs, both free and available for purchase, which provide the capabilities you need to help make your home computer more secure.
Phishing and spoofing
Phishing (pronounced “fishing”) involves the use of e-mailing messages that appear to come from FIGFCU or another trusted business, but are actually from imposters. These phony e-mails direct the recipient to access a website that appears to be legitimate and to provide account information, passwords, user IDs, Social Security Numbers, and/or other personal information.
FIGFCU will never contact you by e-mail to request your personal and confidential information.
Types of warning signs for Phishing:
- Asking for personal information such as:
- Account Numbers
- Credit and Check Card Numbers
- ATM or Debit Card PIN
- Personal Information
- Social Security Number
- Date of Birth
- Member Number and Passwords
- Other Confidential Information
- Offers that sound too good to be true often are.
- Example: You may be asked to fill out a short customer service survey in exchange for money being credited to your account, and/or you must provide your account information for your account to be credited.
- E-mail instructions to download software.
- Example: All your online banking should be done through our secure website, and we will NOT send you e-mail instructions to download any banking software to your computer. Do not install software downloaded directly from e-mail messages or from websites that you do not recognize. When in doubt, contact the company directly or call FIGFCU at 800.877.2345.
E-mail attachments – E-mail viruses and worms are fairly common. Here are steps you can use to help you decide what to do with every e-mail message attachment you receive.
Conduct the following test before proceeding:
- The know test – is the e-mail from someone you know?
- The received test – have you received e-mail from this person before?
- The expect test –were you expecting e-mail with an attachment from this sender?
- The sense test –does the subject in this e-mail make sense based on who is sending it?
- The virus test – does this e-mail contain a virus? To determine this, you should install and use an anti-virus program to scan this e-mail and attachment before downloading it.
Skimming techniques allow fraudsters to gather account information and PIN numbers. The criminal swipes and stores card information using a small electronic skimming device. Fraudsters often attach the skimming devices at legitimate ATMs, gas pumps, or restaurants.
- Skimming often involves the use of a hidden camera to record customers’ PINs or phony keypads placed over real keypads to record keystrokes.
Steps you can do to protect yourself from being a victim of skimming
- Be aware of people and your surroundings.
- Put away your card and cash after completing your transactions, secure your card and cash immediately, before exiting the ATM area.
- If the ATM is not well lit or is obstructed from view, go to another ATM.
- Never enter your PIN in any terminal that does not look genuine, has been modified, has a suspicious device attached, or is operating in a suspicious manner.
- Shield the ATM keypad with your hand or body while entering your PIN.
- Take your ATM receipts with you and check them against your statement as soon as you get a chance.
- Report any unusual activity to us and/or law enforcement agencies.
What to do if you think your identity has been stolen:
- Contact FIGFCU immediately to close any accounts that have been tampered with or were established fraudulently.
- Contact one of the three major credit bureaus listed below to place a fraud alert on your credit file.
You also can order a credit report to identify any unauthorized activity.
- Equifax 1.800.525.6285
- Experian 1.888.397.3742
- Trans Union 1.800.680.7289
The fraud alert requires creditors to contact you before the opening of any new accounts. As soon as one credit bureau confirms your fraud alert, the other two credit bureaus will automatically be notified, and all three credit reports will be sent to you free of charge.
- Close other accounts that you know or believe have been tampered with or opened fraudulently.
- File a police report. Get a copy of the report to submit to your creditors and others that may require proof of the crime.
- File your complaint with the Federal Trade Commission (FTC). The FTC maintains a database of identity theft cases that can be used by law enforcement agencies for investigation purposes. Filing a complaint also helps the FTC gather more information about identity theft and the problems victims are having.
For more information about fighting identity theft and reporting fraud, visit the Federal Trade Commission at www.FTC.gov