COMMON WAYS IDENTITY THEFT CAN HAPPEN:

DUMPSTER DIVING

Thieves typically steal wallets and purses, but they also steal mail such as credit card and bank statements, pre-approved credit card offers, check orders and other financial mail.  They also dig through trash looking for bills, financial or other personal information.

How to avoid it:

Shred all personal documents and credit card offers before throwing them away, and erase/destroy hard drives before you get rid of computers or smartphones.

CHANGE OF ADDRESS SCAM

Change of address fraud is a growing scam that takes advantage of the Postal Service’s mail forwarding system.  Often, all a thief will have to do is fill out a change of address form and drop it off at the nearest post office.

How to avoid it:

If you pay attention you may be able to catch change of address fraud before it goes on for too long.  You may suddenly stop getting important pieces of mail that you were expecting or receive a notice informing you of your change of address.  If anything seems amiss, contact your local post office immediately.  You should also keep a closer eye on your accounts, in case thieves successfully used your stolen mail to open financial accounts under your name.
 
 

PHISHING

Thieves may send unsolicited emails, pretending to be a financial institution or a company asking you to click on a link to update or confirm your personal or login information.  The link is directed as a “spoof” website designed to look like a legitimate site.  Fake emails (phishing) will often…

• Ask for personal information. They claim that your information has been compromised and ask you to confirm the authenticity of your transactions.
• Appear to be from a legitimate source. While some emails are easy to identity as fraudulent, others may appear to be from a legitimate address and trusted source.  The name or address in the “from” field can easily be altered.
• Contain fraudulent job offer, such as work-at-home positions.
• Contain prizes or gift certificate offers. In exchange for completing a survey or answering questions, some fake emails promise a prize or gift certificate. They require you to give personal information in order to obtain a prize.

• Links to counterfeit websites. Fake emails may direct you to counterfeit websites that closely resemble a legitimate site while they collect personal information for illegal use.
• Links to real websites. Some fake emails link to legitimate websites. This is done in an attempt to make fake email appear real.
• Contain fraudulent phone numbers. Never call a number featured on an email you suspect is fraudulent; it can be tied to the fraudsters.
• Contain real phone numbers. Similar to linking to real websites, real phone numbers may be featured in a fake email in an effort to make the email appear legitimate.

How to avoid it:

If you receive an email that looks like it is from First Southern Bank or another well-known company requesting financial information or any other personal or sensitive date, please take the following actions:

• Treat the email with suspicion
• Do not reply to the email or respond by clicking on a link within the email
• Do not download anything or open attachments
• Report the suspicious email to the FTC and forward the email to uce@ftc.gov.

If you have already provided personal financial information via email and feel your First Southern Bank accounts are in jeopardy, contact us as soon as possible to report the suspicious activity.

SKIMMING

Thieves may use a card reader device to copy the card’s magnetic strip to duplicate without the card owner’s knowledge.

How to avoid it:

• Check for tampering
  When you approach an ATM, check for obvious signs of tampering at the top of the machine, near the speakers, the side of the screen, the card reader itself, and the keyboard.  If something looks different, such as a different color or material, graphics that aren’t aligned correctly or anything else that doesn’t look right, don’t use that ATM. This also applies for credit card readers (such as a gas pumps, etc.)
• Wiggle everything
  Even if you can’t see any visual differences, push at everything.  ATMs are solidly constructed and generally don’t have any jiggling or loose parts.  Credit card readers have more variation, but still pull at protruding parts like the card reader.  See if the keyboard is securely attached and just one piece. Does anything move when you push at it?

SPOOFING (COUNTERFEIT WEBSITES)

Online thieves can often direct you to fraudulent websites via email and pop-up windows in an attempt to collect your personal information.  In many cases there is no easy way to determine that you are on a phony website because the URL will contain the name of the institution – this is spoofing.  If you type or copy/paste the URL into a new browser window and it does not take you to a legitimate website, or you get an error message, it was probably just a cover for the fake site.

How to avoid it:

When logging into your account, look closely at your browser.  The address in the location bar should start with “https” – for example “https://www.firstsouthern.com”.  You should also see a lock icon at the bottom of the browser.  If you double-click on the icon, it should display security information about First Southern Bank.

• Secure your passwords
  A good password should:
• Not be based on personal information that can be easily guessed
• Not be a word that can be found in any dictionary of any language
• Contain 8 characters, at least 1 number, at least 1 uppercase letter, and at least 1 lowercase letter
• Not be the same as any password you use for anything else
• Always memorize your password and do not write it down

• Secure your computer
  There are certain precautions you should take to keep your computer safe from viruses and hackers:
• Keep your operating system and browser up to date
• Use up-to-date anti-virus and anti-spyware software – and set them to update automatically
• Use a personal firewall
• Activate a pop-up blocker

First Southern Bank will not ask for your online banking ID or password by phone/email

Keep in mind:

Security software that comes pre-installed on your computer typically works for just a few months unless you pay to extend its usage.  Avoid buying software in response to unexpected pop-up messages or ads that claim to have scanned your computer and detected malware.  That can be a scare tactic scammers use to spread malware.