|
Identity theft is a growing problem and consumers need to take measures
to protect themselves at all times. Awareness is one of the best
deterrents against fraud. Criminals can steal your identity in many ways,
and are inventing new avenues every day. Chesapeake Bank takes real
interest and responsibility in protecting our customers against fraud, and
while we have many checks in place to detect deceitful activity, we both can
only benefit from customers who are educated on the risks.
Chesapeake Bank and Trust Contacting You
Chesapeake Bank and Trust will NOT, under any circumstances, contact you
and ask for passwords, pin numbers, or any electronic banking credentials.
Secure Communications
Our system ensures that data-exchanged between your PC and our computers
are encrypted with 128-bit encryption. Encryption is accomplished through
Secure Sockets Layers (SSL), which utilizes mathematical formulas to
‘encrypt’ or hide information from prying eyes on the Internet.
Additionally, if SSL detects that data was added or deleted after you sent
it to the bank, the connection will be severed in order to guard against any
tampering. The most popular browsers have the SSL security feature included.
Secure Environment
Our computer system does not connect directly to the Internet. It is
isolated from the network via a number of ‘firewalls'. A firewall is a combination of
software and hardware products that designate parameters, and control and
limit the access that outside computers have to the banks’ internal networks
and databases.
Secure Login
User IDs and passwords are isolated from the Internet. This way, the passwords and IDs can not
be accessed or downloaded by anyone on the Internet. The system also checks
for invalid logins and automatically disallows a user after three invalid
attempts. This prohibits the ‘hacker’ from gaining access to our system.
Your Protection Under “Reg E”
Chesapeake Bank and Trust follows specific rules for electronic
transactions issued by the Federal Reserve Board. Known as Regulation
E, the rules cover all kinds of situations revolving around transfers made
electronically. Under the consumer protections provided under Reg E,
you can recover internet banking losses according to how soon you detect and
report them.
For a copy of Chesapeake Banks most recent “Regulation E” documents, please
visit a conveniently located branch or call 410-778-1600.
Avoid Identity Theft and Online Fraud
Scams such as Spoofing and Phishing to commit identity theft are becoming
more prevalent. Identity theft involves the use of your personal information
- your name, Social Security number, credit card, bank account numbers, or
other identifying information - by someone else, to commit fraud or other
crimes.
E-mail Phishing - Involves you receiving an e-mail, with
something similar to “Official Information” or “Online Banking Problem” in
the subject line, that appears to be from a legitimate company. It may even
include the company's logo and a link to an Internet address that looks
appropriate. This e-mail directs you to link to a website where you are to
supply account or personal information. This is not normal operating
procedure for a reputable company and should be questioned. Chesapeake
will never send an e-mail that asks for information such as social security
number, account number, or PIN. Simply clicking the link could
secretly install software on your computer. The software may infect your
computer with a virus or record and transmit everything you type, including
passwords. Additionally, the website you link to may be spoofing the correct
Internet site.
Website Spoofing - Involves you trying to visit a
website but accidentally keying-in or linking-to a different address. This
may lead you to a website that mimics the legitimate site that you were
trying to visit. The spoof Internet site may route whatever information you
provide to criminals. This can include your account numbers, Social Security
Numbers, credit card information, passwords and personal identification
numbers. To make spoof sites seem legitimate, criminals may use the logos,
graphics, names and code of the real company's site. They also may attempt
to fake the URL that appears in the address field at the top of your browser
window and the padlock that appears in the lower right corner.
Skimming - Another method is called “skimming”. This
method uses a small electronic device placed over or sometimes even inside a
card slot at an ATM, gas pump, etc. The device will capture
information from a customer’s card, such as account numbers and PIN.
This recorded information is then used to create fraudulent cards. If
you notice anything out of ordinary, notify the machine’s owners
immediately.
Sometimes, the scheme can be as simple as a phone call or letter asking you
to update your information. You should never give out personal
information such as your PIN, social security number, or account number to
unknown parties. No reputable company will ever call you requesting
this type of information.
Protect Yourself
• First and foremost is education and awareness-be alert for the latest
scams and how to prevent becoming a victim
• Do not reply to an e-mail or pop-up message asking for personal or
financial information. Legitimate companies will never ask for personal or
financial information via an e-mail or pop-up message.
• Don't e-mail personal or financial information. If you initiate a
transaction, look for indicators that the message is secured, which can be
validated by a lock icon. Most e-mail programs do not provide
confidentiality via encryption.
• Use bookmarks to access known sites to avoid being lured to imposter
sites.
• Use updated anti-virus software. Some phishing emails contain viruses and
software that can harm your computer.
• Do not just throw documents containing personal information in the trash
• Shred
unwanted documents that contain personal information.
• Pay close attention to new charges on your credit card bill. Review
credit card and bank statements immediately for unauthorized charges and
contact the company if statements are more than a few days late.
• Don't leave mail in your mailbox.
• Memorize your Social Security number instead of carrying it with you.
• Don't write down your passwords, and don't use birth dates or names of
family members as passwords.
• Never write down PIN numbers.
• Take your receipts from ATMs, gas pumps, etc.
• Report lost or stolen credit and debit cards immediately!
• Protect the sensitive information contained in your wallet, checkbook, and
other items at all times.
• Take outgoing mail to the Post Office, or put it in a USPS drop box.
• Check your credit report often (1-2 times a year)-a small fee can save you
a huge problem down the road.
• Always sign a debit card or credit card immediately.
• Balance your statements.
• If you receive a questionable call, tell the caller you are busy and ask
what number you can reach them back on.
Your Password
You will be responsible for maintaining one of the most important
security measures: your password. Please be sure to keep your password a
secret. We recommend you memorize your password. It is not recommended you
write it down or carry your password in your purse, wallet, or computer bag.
Make sure no one watches you enter your password and always close your
browser when leaving the computer. Make sure you regularly scan your
computer for viruses that could be used to capture password keystrokes. You
ultimately hold the key to your password security Below are some suggestions
on Password Dos and Don'ts:
Password DOs
• Change passwords regularly and whenever they may have become compromised
• Use the first (or last) letter of each word in an easily remembered
phrase. For added security, substitute symbols for letters. For example
using the phrase "If money doesn't grow on trees then why do banks have
branches?" would be IMDGOTTWDBHB? or 1md9077wD6Hb?
Password DON'Ts
• Don't give your passwords to ANYONE for ANY reason
• Don't write your passwords down; anywhere near your PC, in your purse,
wallet or computer bag, in user manuals, electronically in word documents,
or sent in e-mails
• Don't use personal information such as; your name, your friends name,
pets, address, social security number, phone number, license plate number,
important dates such as birthdays and anniversaries
• Don't use words that can be found in any language's dictionary. Or these
words spelled backwards or with numbers or symbols added to the beginning or
end
• Do not use the same password for multiple sign-ins when possible
• Do not use easy to spot passwords such as "qwerty", "123456", or "aaaAAA"
Consumers Across the Country Eligible for Free Annual Credit
Reports
On September 1, 2005, consumers in 14 East Coast states, including Maryland,
joined the rest of the country in qualifying for a free annual credit report
from each of the three nationwide consumer reporting companies – Equifax,
Experian, and TransUnion. The free reports were mandated by Congress in The
Fair and Accurate Credit Transactions Act of 2003 (FACTA), which requires
the nationwide credit bureaus to provide consumers with a free copy of their
credit report, at their request, once every 12 months. Consumers who want to
access their credit report online can go to www.annualcreditreport.com.
http://www.ftc.gov/opa/2005/08/freecredreports.htm
Consumers can also obtain a copy of their credit report from the
following companies:
Equifax Credit Information Services
P. O. Box 740241
Atlanta, GA 30374-0241
Phone: To request a credit report: 800-685-1111 Option 4
To report fraud: 800-525-6285
Web site:
www.equifax.com
Experian
P. O. Box 2104
Allen, TX 75013
Phone: (888) 397-3742
Web site:
www.experian.com
TransUnion Corporation
P. O. Box 1000
Chester, PA 19022
Phone: To request a credit report: 800-916-8800
To report fraud: 800-680-7289
Web site:
www.transunion.com
If you feel you are a victim of identity theft, contact anyone that you
have a financial relationship with, including banks and credit card
companies, and the police. Keep a written record of everything related
to the incident and all people/companies you contact.
You can also contact the following agencies:
• Federal Trade Commission
Identity Theft Clearing House
Hotline: 877-438-4338
IDD: 202-326-2502
Website:
http://www.consumer.gov/idtheft/
• Social Security Administration
Fraud Hotline: 800-269-0271
The Federal Trade Commission has an identity theft hotline 877-438-4338 and
a website
www.ftc.gov that is a very useful tool for
consumers.
Business Account Takeover
Business Account Takeover is the business equivalent of personal identity
theft. Businesses not only need to protect themselves from identity theft
but also ensure they have protections in place so that they do not have a
business account takeover.
Hackers, backed by professional criminal organizations are targeting small
and medium businesses to obtain access to their web banking credentials or
remote control of their computers. These hackers will then drain the deposit
and credit lines of the compromised bank accounts, funneling the funds
through mules that quickly redirect the monies overseas into other accounts.
Controls Evaluation
Chesapeake Bank recommends that an online banking assessment and control
evaluation be completed periodically by all of our business customers who
use online banking.
Protect Yourself
• Use a dedicated computer for financial transactional activity. DO NOT use
that computer for general web browsing and email.
• Never open attachments or click on links from unsolicited emails.
• Apply operation system and application updates (patches) regularly.
• Use the latest versions of Internet browsers, such as Internet Explorer,
Firefox or Google Chrome with "pop-up" blockers and ensure that updates
(patches) are most recent versions.
• Use and maintain updated spam filters and anti-virus software.
• Have host-based firewall software installed on computers.
• Turn off your computer when not in use.
• Review your banking transactions daily.
Potential Signs Your Computer System May Be
Compromised
• Inability to log into online banking.
• Dramatic loss of computer speed.
• Changes in the way things appear on the screen.
• Computer locks up so the user is unable to perform any functions.
• Unexpected rebooting or restarting of the computer.
• Unexpected request for a one time password (or token) in the middle of an
online session.
• Unusual pop-up messages, especially a message in the middle of a session
that says the connection to the bank system is not working.
• New or unexpected toolbars and/or icons.
• Inability to shut down or restart the computer.
|
