Classic Bank will never ask customers to send personal information to us via email or pop-up windows. Any unsolicited request for personal identifying information or Classic Bank account information that you receive through emails, websites, or pop-up windows should be consider as fraudulent and reported to us immediately.
What is a fraudulent email?
Fraudulent email occurs when someone poses as a legitimate company, trusted site, or friend in an attempt to obtain sensitive personal information. If obtained, a person may fraudulently conduct transactions on your existing accounts.
Fraudulent e-mails will often…
Appear to come from a legitimate source. Some emails are easily identified as fraudulent, but others may appear to come from a legitimate address and trusted source. Do not rely on the name or address in the "From" field, as this is easily altered.
Contain fraudulent job offers. Some fraudulent emails appear to come from companies offering job opportunities.
Contain prizes or gift certificate offers. Some fraudulent emails promise a prize or gift in exchange for completing a survey or answering questions. They may instruct you to provide your personal information to collect the alleged prize or certificate. (Remember, if it sounds too good to be true, it probably is.)
Describe a reason why you must "verify" or "re-submit" confidential information — such as bank account and credit card numbers, Social Security numbers, passwords and personal identification numbers (PINs) — using a return e-mail, a form on a linked web site, or a pop-up message with the name and sometimes even the logo of the bank, company or government agency. Perhaps you're told that your bank account information has been lost or stolen or that limits may be imposed on your account unless you provide additional details.
What is phishing and spoofing?
Phishing is a type of on-line fraud that can result in identity theft. Phishing is a scheme whereby scammers use fake websites and emails to fish for valuable personal information from consumers. Phishing involves the use of email messages or other forms of contact appearing to come from your bank or other trusted source but are actually from scam artists.
Email spoofing is email activity in which the sender address and other parts of the email header are altered to appear as though the email originated from a different source. Because SMTP doesn't provide any authentication, it is easy to impersonate and forge emails.
Although there may be legitimate reasons to spoof an address, these techniques are commonly used in spam and phishing emails to hide the origin of the email message.
How do I detect a phishing and email spoofing scam?
- The message you receive has an "urgent" tone, it may advise you to act quickly.
- It may suggest that your account has been threatened.
- The message requests personal information such as your account numbers, credit and check card numbers, social security numbers, online banking IDs and passwords, mother's maiden name, date of birth, or other confidential information.
- The email, fax, or letter may advise you not to tell anyone about the message.
How do I avoid a phishing and spoofing scam?
- Never provide your personal information in response to an unsolicited call, fax, letter, e-mail or Internet advertisement.
- Do not download software directly from email messages, or from companies or web sites you do not recognize and trust.
- Watch out for non-secure web pages that ask for sensitive information (secure sites will typically display a lock in the tool bar at the bottom of your browser window or they will display https:// at the beginning of the web address).
- Be suspicious of any email that urgently requests personal information and/or indicates a problem with your bank account(s).
- Only provide personal information if you initiate the sign on process.
- Do not use links in an email to access a web page if you suspect the message may not be authentic.
- Be cautious when opening attachments or downloading files from emails.
- Do not open emails from an unknown source.
- Always use a secure website when submitting credit card or other sensitive information via a web browser; to verify the web site is secure, check the beginning of the web address in your browsers address bar — it should be https:// rather than http:// and also look for the closed lock in the tool bar on the bottom of the page.
What is pharming?
Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent web sites without their knowledge or consent. Pharming has been called "phishing without a lure." Pharming, like phishing, seeks to obtain personal information. But in pharming, larger numbers of computer users can be victimized because it is not necessary to target individuals one by one and no conscious action is required on the part of the victim.
In one form of pharming attack, code sent in an e-mail modifies local host files on a personal computer. A computer with a compromised host file will go to the fake website even if a user types in the correct Internet address or clicks on an affected bookmark entry. Your browser will show you that you are at the correct site. This makes pharming much more difficult to detect.
Some spyware removal programs can correct the corruption, but it frequently recurs unless the user changes browsing habits.
What Is Identity Theft?
Identity theft occurs when someone uses your personal information (such as your name, Social Security number, credit card number or other identifying information) without your permission with the intent to commit fraud. Often identity thieves will use another individual's personal information to fraudulently open new credit card accounts, open bank accounts or obtain new loans. They may obtain personal identifying information by many means, including:
- Stealing wallets that contain personal identifying information
- Stealing bank statements from the mail
- Rummaging through trash
- Intercepting or otherwise obtaining information transmitted or stored electronically
How do I detect identity theft?
Monitor Your Accounts
Keep track of transactions on your Classic Bank accounts by logging into NetTeller Internet Banking, where you can view transaction activity as it occurs throughout the day.
Check Your Credit
The Fair and Accurate Credit Transactions Act (FACT Act) requires each of the nationwide consumer reporting companies to provide you with a free copy of your credit report, at your request, once every 12 months. You may obtain your free credit report from www.annualcreditreport.com or by calling the Central Source at 1-877-322-8228.
If you have already received your free credit report within the last 12 months, you can contact one of the three nationwide credit bureaus and order a copy for a fee.
- Equifax: 1-800-685-1111 or equifax.com
- Experian: 1-888-397-3742 or experian.com
- Transunion: 1-800-888-4213 or transunion.com
Your credit report contains information on where you live and work, accounts opened in your name, how you pay your bills, whether a judgment has been filed against you, and whether you have filed for bankruptcy.
How do I avoid identity theft?
- Protect your Personal Information
- Do not carry your Social Security card in your wallet.
- Do not have personal identifying information such as your Social Security number and driver's license number printed on your checks.
- Keep your unused and cancelled checks in a safe place.
- Do not leave your purse, wallet, checkbook, or any other forms of identification in your car.
- Never use your Social Security number as a username or password.
- Shred any documents containing banking or credit information, or any personal identifying information, especially pre-approved credit offers, before you throw them away.
- Keep your PINs and passwords a secret. Do not write them down or share them with anyone.
- Do not place your bill payments in your residential mail box; take them to the U.S. Post Office or place them in a blue U.S. Postal Service collection box; or use our free on-line Bill Pay to pay your bills electronically.
What if I am a victim of identity theft?
Report Identity Theft
If you know or suspect that you are a victim of fraud, you should…
Contact the three main credit bureaus listed above and have them place a "fraud alert" on your credit file. This alert requires creditors to verify your identity before opening any new accounts in your name or changing any existing accounts.
Request a copy of your credit report. Credit bureaus must provide victims of identity theft a free copy of their credit report. Review them carefully to see if any fraudulent accounts have been opened. If so, contact the credit bureau and companies immediately to notify them of the fraud. Once a dispute has been resolved, the credit bureaus that you notified will send you another copy of your report to review. Review your credit report carefully to make sure that all fraudulent activity has stopped, and your file has been corrected.
Contact other creditors (banks, credit card companies, utility companies) to notify them of potential fraud. Always follow up telephone conversations with a letter.
Close any account that has been breached and open a new account.
Contact your local police department or sheriff's office. A police report will assist you when dealing with creditors, who may require proof of criminal activity.
Contact the Federal Trade Commission: consumer.gov/idtheft or 1-877-ID THEFT
Other agencies that you may contact if you are a victim of identity theft are: