Consumer Alert:  Don't Fall Victim to On-Line Scams

Your security is important to us.  At Phelps County Bank we want to provide tools and resources to help prevent identity theft and educate you on security.  Phelps County Bank will NEVER send you an e-mail asking for account information, passwords, ATM number or PIN , etc.   If you receive an e-mail asking for any type of personal information please contact us immediately, 573.364.5202, 573.265.3222, or 800.667.5202.

Along with the information below our ATM provider has a wonderful website that provides additional security information.  Please visit them at

http://www.diebold.com/playingitsafe/.

What is Phishing?

Phishing is a high-tech tactic that uses fake e-mail, fraudulent Internet addresses, imposter Web sites, and "pop-ups" to impersonate a financial institution and/or credit card company. Identity thieves send mass emails supposedly from reputable businesses directing you to a site where you are asked to divulge information such as passwords or account numbers. While fraudulent e-mails vary in content, they generally carry a common theme essential to their success: you must take action immediately or risk losing access to your account. This site will look exactly like your bank or credit card Company's site.

A new type of Phishing attack is called Spear Phishing.  This is a type of individual Phishing attack because part of your personal information has been compromised.  The attackers may have your account number, social security number, birth date, etc.  Then they will proceed to ask you to provide other specific information.  Again, never give this type of information out. 

Do not respond to such emails. You bank or Credit Card Company will not request information such as your account number or password through an email. They know that avenue is not secure. Besides, they already have all that information on file.

There were 2625 active phishing sites reported in February and the average monthly growth rate in phishing sites July through February was 26% (Anti-Phishing Working Group). According to the Anti-Phishing Working Group, in one month alone there are between 10,000 and 20,000 unique phishing attacks. Please be careful and do not give personal information through an e-mail that you did not initiate.

How to Report Phishing Activity

How to Report Phishing Activity 

1.  Forward the e-mail to reportphishing@antiphishing.org
2.  Forward the e-mail to spam@uce.gov
3. Forward the e-mail to the "abuse" e-mail address at the company that is being spoofed
4. Notify the Internet Crime Complaint Center of the FBI by filing a complaint on their Web site: www.ic3.gov

For More Information on Phishing please visit:

http://www.aba.com/About+ABA/phishing

Press Release from Shazam, Your ATM/Debit Card Provider, about Phishing.

Click here to view the press release from Shazam

What is Pharming?

Pharming is a scam that often relies on infected, hacked, or otherwise compromised computers. Once the computer has been compromised, when you are attempting to navigate to a legitimate bank's Web site it will re-direct you to a spoofed Web site. This can be accomplished in a number of ways. A virus on a PC can re-route you to a spoofed Web site even when you directly entered the address on your browser. Domain Name System ("DNS") cache poisoning (altering DNS re-routing) by Pharming causes you to be re-directed by the Domain Name System. DNS addresses are text, such as www.google.com but these are translated into numeric IP addresses. Pharmers attack the translation process and redirect your computer to the scamming IP addresses and Web site. These sites will look similar and the information you enter will be sent to the scammer, not to your trusted company. To make sure you are at the correct Web site please verify the address line to be sure you have not been redirected. It should be the same address as you typed to go to your intended site.

What is Spoofing?

Spoofing is something pretending to be something it is not, on the Internet, usually an e-mail or Web site. Typically, it is a technique used to gain unauthorized access to computers, whereby the intruder hijacks a target's root Internet address (known as Internet Protocol or IP address) to make it appear fraudulent e-mails are from a trusted source. To engage in IP spoofing, a hacker must first use a variety of techniques to find an IP address of a trusted host and then modify its identifying information on the Internet. Once criminals have your password, they can use your bank's on-line banking site to withdraw or transfer funds. Spoofers can be anyone. Please, never give passwords, user id, etc. that is initiated by an e-mail. Trusted sources will NEVER ask you for this information in an e-mail.

What is Spyware?

Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. There are many companies that offer Spyware protection software. The software runs very similar to an anti-virus program. Some of this software is even FREE.

Counterfeit Checks, Could it Happen to You?

Click here to read more information

20 Tips - Protecting Your Identity

20 Tips -Protecting Your Identity

1. Pay attention to your billing cycles. If you don't receive a bill on time, call the creditor. Also, review the activity to ensure you initiated all the transactions.
2. Sign up to receive electronic bills and statements and turn off the paper option.
3. Review bank and credit card statements weekly and use online account access.
4. Consider using electronic bill payment service.
5. Sign up for direct deposit from any income sources.
6. If you are asked to reveal personal information ask how it will be used, how it will be secured and if it will be shared with others.
7. Take your mail to the post office or drop it in one of those collection boxes. Don't leave it in the mailbox with the flag up.
8. Promptly remove mail from your mailbox. If you're leaving town for a long weekend, have a neighbor pick it up or have it held at the post office.
9. Put passwords on credit card and bank accounts. Don't use easily guessable passwords. Acronyms are always good and using them with symbols or numbers is even better. Ex. My Favorite Dog's Name Is Bingo! and the year you got him = MFDNIB!1963
10. When responding to emails, ignore any Internet links provided and type the full address as on your bill, bank statement, etc.
11. Keep the number of credit cards you carry and any other identifying information to a minimum.
12. Don't give out personal information over the phone, through the mail or over the Internet unless you initiated the contact.
13. Shred your charge slips, credit card bills, doctors' statement, pre-approved credit applications, etc.
14. Put a stop to most of the pre-approved credit applications by calling 1-888-5-OPTOUT.
15. Don't use your social security number as your driver's license number and don't put your social security number on your checks.
16. Order a copy of your credit report every year and make sure it is accurate and only includes activity you've authorized.
17. Be careful when disposing of an old computer.
18. Be alert in the checkout line for people with cell phones. New camera cell phones can take a picture of your credit card with your name, number and expiration date.
19. Use and regularly update firewall and anti-virus software on your computer.
20. Remember this website - www.ftc.gov if you become a victim of identity theft. Also gives you the phone numbers and addresses of the three major credit reporting agencies to opt out of receiving direct marketing, telemarketing or email solicitations.

Informational Brochure - Procedures If Your Identitiy Is Stolen

Click here for the brochure

Receive a Free Credit Report

Consumers in 12 Midwestern states are eligible to obtain a free annual credit report under the Fair and Accurate Credit Transactions Act.  For more information visit the Federal Trade Commission website at http://www.ftc.gov/bcp/edu/pubs/consumer/credit/cre34.shtm.

Beware of Caller ID

Caller ID - RIP:  Organized crime has learned how to compromise caller ID. A Phelps County Bank employee was recently at a regional meeting where the following demonstration occurred.  The presenter asked a banker in the audience for his cell phone number.  He then asked another banker for his bank's main switchboard number.  He made an international call using a cheat sheet, called the banker's cell phone from his own (Vonder Heide's) cell phone and the display showed that it was coming from the other banker's bank.  Obviously if a criminal did this to a Phelps County Bank customer and they checked their caller ID to verify they weren't being scammed, they would assume the call was coming from our bank.  Please do not assume if the caller ID states Phelps County Bank that it is truly coming from us.

How to Protect Yourself Against Internet Fraud

Click here to be connected to a website created by the federal government on tips for protecting yourself against internet fraud, securing your computer, and protecting your personal information.

FDIC Consumer Alert

FDIC consumer call centers in Kansas City, Mo., and Washington, D.C., have received complaints that a fraudulent e-mail appearing to be from the FDIC is telling consumers that Department of Homeland Security Director Tom Ridge has advised that the deposit insurance on their bank accounts should be suspended due to suspected USA Patriot Act violations, the agency said in an alert this week. FDIC is advising consumers not to access the link within the e-mail or to provide any personal information. Read more.