When someone poses as a legitimate company to obtain personal data and fraudulently conducts transactions on your existing accounts is ONLINE FRAUD. This is often called "phishing" or "pharming" -- the most common methods of online fraud are fraudulent emails, websites, and pop-up windows, or any combination of these.
Suspicious emails. Be cautious of suspicious emails and review any email requesting your account information and/or password, particularly if the email states that the information is needed to "award a prize" or "verify a statement." Avoid opening any suspicious emails. If you have opened any suspicious email, do not open any attachments or links it may contain, and delete it. Never respond to emails, open attachments, or click on links from suspicious or unknown senders.
Symptoms of Fraudulent emails
- Ask you for personal information. Fraudulent emails often claim that your information or account has been compromised and ask you to confirm the authenticity of your transactions.
- Appear to come from a legitimate source. While some emails are easily identified as fraudulent, others may appear to come from a legitimate address and a trusted web site. Never rely on the name or address in the "From" field, as this is easily altered.
- Prizes. Some fraudulent emails promise a prize or gift certificate if you complete a survey that may ask for your personal information. It is best to not give your personal information. If you decide to provide any information, always confirm that the prize or gift certificate is being issued from a well-known company.
- Link to fraudulent websites. Fraudulent emails may direct you to counterfeit websites carefully designed to look legitimate, but which actually collect personal information for fraudulent use.
- Contain computer viruses. Fraudulent emails may include attachments that contain computer viruses.
- Contain fraudulent phone numbers. Fraudulent emails often contain telephone numbers that are tied to the fraudsters. You should never call a number featured on an email you suspect is fraudulent.
- Be aware of telephone scams. Unless you initiated the contact, do not give out personal information over the telephone. If the call is not initiated by you, always ask for a call-back number. Although EverTrust Bank may legitimately need to contact you by telephone, ask for a call back number if you're suspicious of the call.
- Do not place outgoing mail in your mailbox. Deposit mail in a U.S. Postal Service mail box or at the post office to reduce the chance of mail theft.
- Promptly retrieve incoming mail. Collect your mail as soon as possible every day to limit the opportunity for theft.
- Know your billing and statement cycles. Contact the billing company if you stop receiving your regular bill or statement.
- EverTrust Bank will never send email containing attachments without permission, or require customers to send personal information to us via email or pop-up windows. If you encounter a suspicious email, website, or unsolicited pop-up window that claims affiliation with EverTrust Bank, please report it to us immediately.
Back to Top
Fraudulent Copycat Websites - Pharming
Fraudulent copycat websites are a type of Internet fraud where the fraudsters imitate the websites of reputable or well-known financial institutions when in fact the websites are not authorized or related to the relevant financial institutions in any way.
The websites may claim to be providing financial services. Those who are taken in will be tempted to part with their money and/or disclose personal information which the fraudsters can use to perpetuate fraudulent transactions.
There is no easy way to determine if you are on a fraudulent website because the URL will contain the name of the institution it is spoofing. Never click on a link in an email or pop-up window to go to a site. Type, or cut and paste, the URL into a new web browser window. If it does not take you to a legitimate website, or you get an error message, the link was probably a cover for a fraudulent website.
Back to Top
Fraudsters may use pop-up windows, the small windows or ads that appear suddenly over or under the window you are currently viewing, to obtain personal information. These windows may be generated by "Adware" or "spyware" programs possibly hidden in free downloads such as screen savers or music-sharing software and installed on your computer. While many of these programs enable harmless advertisements, some contain potentially harmful Trojan horse programs or may monitor your web viewing activity.
How Do I Report Internet Fraud or Unsolicited Email?
If you wish to file a complaint about Internet fraud, please see www.econsumer.gov website, hosted by the Federal Trade Commission, which is a joint effort of consumer protection agencies from 17 nations or go to the Federal Bureau of Investigation (FBI). To file a complaint about unsolicited email, contact the Department of Justice.
Back to Top
- Carry only necessary information with you. Leave items such as your Social Security card at home. Keep photocopies of vital information and store them in a secure place, such as a home safe or a safety deposit box.
- Never provide your Social Security Number (SSN) unless you determine it is necessary. If you asked to provide your SSN for any service, confirm that it is really needed or ask if you can provide another piece of identifying information.
- Discontinue paper statements. Receiving online statements will help prevent identity theft. The less personal information you receive through the mail, the less chance there is for identity theft or fraudulent activity against you.
- Shred documents containing personal or financial information before discarding. Most fraud and identity theft incidences happen as a result of mail and garbage theft also known as "dumpster diving".
- Review your credit report. At least yearly request a copy of your credit report and review it for erroneous and/or fraudulent information or inaccuracies. You can request free credit report once a year from each of the three major credit bureaus at www.annualcreditreport.com. You may also obtain a copy from the credit bureaus directly. Note that there may be a small fee associated:
Limit the credit offers you receive. Contact the National Consumer Credit Reporting Agencies at 1-888-5-OPTOUT (1-888-567-8688) to limit the credit offers you receive; this will also limit the information companies share about you.
Remove your name from marketing lists. When you remove your name from marketing lists, the Direct Marketing Association (DMA) notifies its members that they must remove your name from the lists they sell. Your name and address remain in the DMA’s consumer exclusion files for five years.
Back to Top
Online and Computer Security Tips
- Protect and memorize your passwords. Never write your password down or share them with anyone. Change passwords regularly and use combinations of letters, numbers, and "special characters" such as the #, @,), ? signs. Do not use your Social Security Number or birthday as a username or password. Never use your username as a password.
- Keep your computer operating system up to date. If your computer is older than five years, its operating system may not offer the same level of protection as newer systems. System manufacturers provide frequent updates to help make your system more secure - check their websites.
- Use a current web browser. EverTrust Bank continually upgrades our online services to provide you with the most secure online services. We do not allow access to EverTrust Bank Online Banking using browsers that do not meet our security criteria. If you have problems accessing our online banking services, you may need to upgrade your browser.
- Install a personal firewall. Firewalls provide additional protection for your home computer. Many operating systems come with firewall protection. Before purchasing a firewall, check your operating system.
- Antivirus Software. Virus protection software helps reduce the risk of contracting computer viruses that can compromise your computer and personal security while online.
- Use secure websites for transactions and shopping. Make sure the web page you are viewing offers encryption of your data. If you see a lock symbol in your browser window, or if the web address of the page you are viewing begins with https://, this indicates that web page is secure and uses encryption. EverTrust Bank provides 128-bit encryption, the highest level available today.
- Do not download programs from unknown sources. Sometimes hidden programs or viruses are contained on downloaded programs which can compromise your computer. Use caution when downloading from an unfamiliar site.
- Terminate the Internet when not in use. Take an additional precaution by terminating your internet session when not in use. This will help to avoid unwanted access to your computer and its data.
Back to Top
ATM Card Security Tips
- Before you approach the ATM, have your ATM card out and ready to use.
- Use care when inputting your Personal Identification Number (PIN) to prevent someone from looking over your shoulder.
- Know your surroundings. If anything looks suspicious when you are the ATM, come back later or use another ATM.
- Some ATMs are in enclosed areas. Before entering an enclosed ATM vestibule, look around before entering and never hold the door for someone else.
- Whenever possible, have someone accompany you when you use at an ATM at night.
- Keep your car doors locked if using a drive-up ATM.
- Do not count your cash at the ATM. Count it later when in a secure place.
- Take your receipts with you.
- Never allow a stranger to assist you with using an ATM.
- Do not use your name, your birth date, phone number, or address, etc when selecting a PIN.
- Don't write your PIN down anywhere and never share it with anyone.
- Review your account statements on a regular basis. You may also sign on to EverTrust Bank Online Banking to verify transactions. Notify EverTrust Bank immediately if you determine there are discrepancies.
- Never provide your card information over the phone unless you initiated the call.
- When you receive a replacement card, destroy your old card.
- If you forget your PIN or would like to select a new one, please visit your nearest EverTrust Bank Branch.
- Always keep your card in a safe place, as you would cash, checks, or credit cards.
Contact EverTrust Bank immediately:
- Call your home branch to "hot card" your lost or stolen card, i.e. to immediately cancel the card.
Back to Top
Credit/Debit Card and Bank Account Precautions
- Report lost or stolen cards and checks immediately.
- Review account statements carefully. By regularly checking your balances and other account activity you can more quickly detect and stop fraudulent activity. With EverTrust Bank Online Banking you can monitor your account activity online any time and as often as you like.
- Never use your Social Security number as your username to sign on to your online accounts. EverTrust Bank online banking requires that you select your own, unique, personal username to sign. This helps reduce the possibility of identity theft and/or fraudulent activity.
- Ask about suspicious activity. Contact EverTrust Bank or your credit card provider if you have questionable activity on your account.
- Cancel and cut up unused or expired credit, ATM, debit cards, etc. If you have an open account that you no longer use, call the creditor to cancel it and cut up the card before throwing it out. Follow the same procedure for unused or expired cards of all types.
- Keep your ATM password secure. Do not use obvious or easily obtainable information (such as your birth date) for your password. Never share your password and avoid writing it down.
- Be aware of your surroundings and exercise caution when using an ATM. Refer to EverTrust Bank’s ATM Security Tips for more information.
- Limit personal information on checks. Do not have your driver’s license number or Social Security number printed on your checks.
- Do not use your full name on checks. Use the initial for your first and middle name.
- Store new and cancelled checks and statement securely. Store new and cancelled checks and statement in a secure location such as a home safe.
- Use tamper-resistant checks. EverTrust Bank checks include many safety features to deter alterations.
Back to Top
Despite your best efforts to manage the flow of your personal information or to keep it to yourself, skilled identity thieves may use a variety of methods to gain access to your data.
They get information from businesses or other institutions by:
- Stealing records or information while they're on the job
- Bribing an employee who has access to these records
- Hacking these records
- Conning information out of employees
- They may steal your mail, including bank and credit card statements, credit card offers, new checks, and tax information.
- They may rummage through your trash, the trash of businesses, or public trash dumps in a practice known as "dumpster diving".
- They may get your credit reports by abusing their employer's authorized access to them, or by posing as a landlord, employer, or someone else who may have a legal right to access your report.
- They may steal your credit or debit card numbers by capturing the information in a data storage device in a practice known as "skimming". They may swipe your card for an actual purchase, or attach the device to an ATM machine where you may enter or swipe your card.
- They may steal your wallet or purse.
- They may complete a "change of address form" to divert your mail to another location.
- They may steal personal information they find in your home.
- They may steal personal information from you through email or phone by posing as legitimate companies and claiming that you have a problem with your account. This practice is known as "phishing" online, or "pretext calling" by phone.
Back to Top
What are the effects of identity theft?
Once identity thieves have your personal information, they use it in a variety of ways.
- They may call your credit card issuer to change the billing address on your credit card account. The imposter then runs up charges on your account. Because your bills are being sent to a different address, it may be some time before you realize there's a problem.
- They may open new credit card accounts in your name. When they use the credit cards and don't pay the bills, the delinquent accounts are reported on your credit report.
- They may establish phone or wireless service in your name.
- They may open a bank account in your name and write bad checks on that account.
- They may counterfeit checks or credit or debit cards, or authorize electronic transfers in your name, and drain your bank account.
- They may file for bankruptcy under your name to avoid paying debts they've incurred under your name, or to avoid eviction.
- They may buy a car by taking out an auto loan in your name.
- They may get identification such as a driver's license issued with their picture, in your name.
- They may get a job or file fraudulent tax returns in your name.
- They may give your name to the police during an arrest. If they don't show up for their court date, a warrant for arrest is issued in your name.
Back to Top
How can I tell if I'm a victim of identity theft?
If an identity thief is opening credit accounts in your name, these accounts are likely to show up on your credit report. To find out, order a copy of your credit reports. Once you get your reports, review them carefully. Look for inquiries from companies you haven't contacted, accounts you didn't open, and debts on your accounts that you can't explain. Check that information, like your Social Security number, address(es), name or initials, and employers are correct. If you find fraudulent or inaccurate information, get it removed. Continue to check your credit reports periodically, especially for the first year after you discover the identity theft, to make sure no new fraudulent activity has occurred.
Stay alert for other signs of identity theft, like:
- Failing to receive bills or other mail. Follow up with creditors if your bills don't arrive on time. A missing bill could mean an identity thief has taken over your account and changed your billing address to cover his tracks.
- Receiving credit cards that you didn't apply for.
- Being denied credit, or being offered less favorable credit terms, like a high interest rate, for no apparent reason.
- Getting calls or letters from debt collectors or businesses about merchandise or services you didn't buy.
Back to Top
What is "pretext calling" and what does it have to do with identity theft?
Pretext calling is the practice of getting your personal information under false pretenses. Pretexters sell your information to people who may use it to get credit in your name, steal your assets, or to investigate or sue you. Pretext calling is against the law.
Pretexters use a variety of tactics to get your personal information. For example, a pretexter may call, claim he's from a survey firm, and ask you a few questions. When the pretexter has the information he wants, he uses it to call your financial institution. He pretends to be you or someone with authorized access to your account. He might claim that he's forgotten his checkbook and needs information about his account. In this way, the pretexter may be able to obtain personal information about you such as your Social Security number, bank and credit card account numbers, information in your credit report, and the existence and size of your savings and investment portfolios.
Keep in mind that some information about you may be a matter of public record, such as whether you own a home, pay your real estate taxes, or have ever filed for bankruptcy. It is not pretext calling for another person to collect this kind of information.
By law, it's illegal for anyone to:
- Use false, fictitious or fraudulent statements or documents to get customer information from a financial institution or directly from a customer of a financial institution.
- Use forged, counterfeit, lost, or stolen documents to get customer information from a financial institution or directly from a customer of a financial institution.
- Ask another person to get someone else's customer information using false, fictitious or fraudulent statements or using false, fictitious or fraudulent documents or forged, counterfeit, lost, or stolen documents.
How long can the effects of identity theft last?
It's difficult to predict how long the effects of identity theft may linger. That's because it depends on many factors including the type of theft, whether the thief sold or passed your information on to other thieves, whether the thief is caught, and problems related to correcting your credit report.
Victims of identity theft should monitor their credit reports and other financial records for several months after they discover the crime. Victims should review their credit reports once every three months in the first year of the theft, and once a year thereafter. Stay alert for other signs of identity theft. Don’t delay in correcting your records and contacting all companies that opened fraudulent accounts. The longer the inaccurate information goes uncorrected, the longer it will take to resolve the problem.
Back to Top
Should I use a credit monitoring service?
There are a variety of commercial services that, for a fee, will monitor your credit reports for activity and alert you to changes to your accounts. Prices and services vary widely. Many of the services only monitor one of the three major consumer reporting companies. If you’re considering signing up for a service, make sure you understand what you're getting before you buy. Also check out the company with your local Better Business Bureau, consumer protection agency and state Attorney General to see if they have any complaints on file.
Contact other creditors – card, phone companies, banks, and other lenders. Follow up phone conversations with a letter. Close any accounts that have been breached and re-open them with new account numbers and passwords.
File a report with local police.
There is currently widespread use of an Email scam known as "phishing," in which identify thieves send emails to bank customers asking them to "verify" information or otherwise divulge personal data.
Note: WE NEVER SEND EMAILS REQUESTING PERSONAL INFORMATION. We will never ask you to "verify" information. We will never ask you to click on a special site link to do so. While emails of this nature may look like they are from us, and even use our logo, they are most likely a "phishing" scam. Do not answer them. If you received an email purporting to be from us, do not hesitate to call us to confirm it.
Back to Top