Online and Mobile Banking Security

Stay Safe When Going Online

Eaton Federal takes the security and safety of our customer’s personal and confidential information very seriously. Your trust in us is extremely important. We want to help you guard against the disclosure of your personal or financial information that could lead to the unauthorized use of that information or to your identity theft.

If you find yourself a victim of fraud via your mobile device, your computer or through identity theft or if you think your personal or banking information has been compromised, call us immediately at 517-543-3880 so that we can secure your accounts with us.

Education is your best defense. Know what to look for and know what to do.

Remember, no financial institution, including Eaton Federal, will call, text or email you and ask you to provide personal information such as your user identification, password, social security number, card or account number, or any security codes. If you get such a request, even if it appears to be coming from us on your caller ID and regardless of any threats or how desperate the caller makes it sound, do not respond with your information. It is not Eaton Federal calling you!

When these criminals instruct you to call them back and give you what they say is the “bank” phone number-advise them you will look the number up yourself and call them back-they will likely hang up on you because you have out-smarted them.

Install firewalls, antivirus and anti-spyware on your devices and keep them up to date. If you think your device is running abnormally have it analyzed by a qualified technician. Select unique passwords and avoid using a password that is an actual word. Never have your device “remember” a password-it defeats the purpose of a password.

Never open unsolicited emails and be cautious about opening attachments in emails and clicking on links-even if you know the sender. The sender may not know his/her device was infected before sending the email to you. Only download apps from trusted and approved App stores endorsed by your technology provider/service carrier

Don’t believe everything you are told. Your relative is not in a foreign prison-you should not send money; you have not won a lottery you did not enter from a state or country you’ve never been to and you should not send money to collect it; you should not have to pay anything for the settlement of an estate of a relative-particularly a relative you didn’t know; there is no good reason someone would send you an extra $2000 for processing something you sold online; that online job that pays so well for you to “shop” is a hoax; and the person you have been corresponding with, that you have never met, is not the love of your life-do not send money when he or she asks! These are just a few of the ways criminals prey on innocent people to steal their money or their identity. They prey on you having a weak moment, a financial need or being lonely. Every day there is a new gimmick.

Don’t be embarrassed or hesitate to call us immediately if you think your personal or account information has fallen into the hands of others, even if you are the one that accidently gave it out. We know how convincing and conniving these criminals can be-we see it every day! We would rather assist you in preventing a loss than console you because you had one.

To assist you, we have included links to various resources available to assist you in protecting your information. Information in these links are great resources for mobile and internet security as well as identity theft and what to do should you become a victim. It would be to your benefit to become familiar with not only these resources and the information available through them but also in understanding some of today’s terminology regarding fraud, detailed below.

Terminology:

Antivirus software-This is software that detects and removes or quarantines internet code identified as malicious or harmful. Many providers of antivirus software provide frequent updates to help prevent the spread of new threats that can infect computers and other devices that access the internet. It is important to keep antivirus software updated on all your devices

Bluesnarfing-is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs (personal digital assistant.). This allows access to a calendar, contact list, emails and text messages, and on some phones, users can copy pictures and private videos

Botnet-This utilizes a network of computers to forward spam and viruses on the internet. The term is a combination of shortened versions of two words, robot and network. The use of a proper firewall on your home computer is one of the best methods to help prevent becoming part of a botnet

Browser hijack-This is a form of malware that alters the settings of your browser so that you are redirected to websites you have no intention of visiting. Browser hijackers may be installed as the result of a variety of actions such as installing certain types of software, clicking on a link in an infected email or as the result of a drive-by download

Check scam-Eaton Federal sees regular instances of this type of fraud. It consists of an unsuspecting victim depositing a check into his/her bank account. The check typically comes to the victim because of online auctions, sweepstakes, work-at-home schemes, foreign currency transfers or is sent to victim by that “close” friend they have recently met on the internet. Our victim customer is then asked to wire a portion of the money/the deposited check to another person-a criminal. By the time the deposited check is confirmed as counterfeit and returned to the bank, the money has already been wired from the account as directed by the criminal, leaving the victim customer without recourse for retrieving the funds they wired but still responsible to the bank for the full amount of the returned check.

Data compromise-This is an organized theft of ATM, debit or credit card information primarily through merchant data breaches, merchant third-party processors, computer theft, stolen storage tapes or company insiders working for a merchant or merchant’s contractor. In other words, it typically occurs when your card information is compromised through the retailer where you have used your card.

Drive-by download-This is a method by which malware such as a browser hijacker is added to your computer without your knowledge. A drive-by download can happen when you visit a malicious web page or view a malicious html email, and may go undetected if your computer's security settings are not strict enough

Encryption-This is a method of making information unreadable to everyone except the recipient of that information who holds the key (a secret code) that unlocks the encryption method.

Firewall-This hardware or software is designed to allow or deny access to an individual computer or a computer system. Most security experts agree that a firewall is necessary when using a computer that is connected to the internet.

Hacker-This is the criminal who tries to get access to your computer system without your authorization.

Identity theft-This criminal activity occurs when someone (a criminal) obtains key pieces of your personal information such as a Social Security number or driver's license number in order to be able to impersonate you. Identity theft activity can generally be divided into 2 categories: using someone else's identity to access their existing accounts and using someone else's identity to open new accounts.

Jailbreaking-This term refers to breaking your device out of its “jail” controlled by your service provider or device provider so that you can download apps of another service provider. Doing so may expose you to additional security risks and voiding your device warranty.

Keystroke logger-This is a hardware device or software program that monitors and records each keystroke made on a specific computer user's keyboard. Malicious keystroke loggers that are downloaded unknowingly by computer users operate in a secret manner so that the person using the keyboard is unaware their actions are being monitored. The keystroke logger then records the keystrokes, which can include user names and passwords to every site you visit (including your bank accounts) and periodically uploads the information over the internet to the person doing the monitoring. Also known as keyloggers or system monitors, keystroke loggers have been marketed as a way for parents to monitor their children's computer activities. Unfortunately, criminals have also found ways to attach these to your computers.

Malware-Malware is malicious software designed to secretly break in to or damage a computer or computer system. Types of malware include viruses, worms, Trojan horses and spyware. Malware can be distributed in a variety of ways including email attachments; links in email or on social networking sites and downloads from file sharing sites. “Clicking” on links in fictitious emails is a common way malware breaks in to your computer.

Phishing (aka Spoofing)-This type of online fraud occurs when a criminal sends an email that appears to be from a legitimate source, but in fact is designed to entice the recipient into clicking a link to a website where the unsuspecting victim is asked to provide sensitive personal information. That information can subsequently be used for identity theft purposes. A typical phishing scam involves an email that looks like it is coming from a bank or a popular online company telling the recipient that there is an account problem that needs to be addressed.

Skimming-Stealing credit card information during an otherwise legitimate transaction is a common occurrence. Skimming occurs when the information thief photocopies credit card receipts or uses a small electronic device added to a credit card scanner to capture card numbers and security codes. These types of devices can be attached rather easily to ATM machines and to gas pumps. The thief attaches the erroneous machine to a legitimate machine, the user uses the machine, entering his/her card and PIN number, the thief captures the information, removes the erroneous machine and moves on to the next site while retaining all your information he/she just captured.

SMShing (aka Smishing)-The mobile phone version of phishing includes an erroneous text message that appears to be sent from a legitimate source, such as a bank or credit card company, that urgently requests the recipient to call a phone number or follow a link in the message. The phone number or website will then ask for sensitive account or personal information. In some instances when you link to the site, the erroneous message will download a virus or keylogger to your phone. Banks will never ask you to confirm or provide information to them in this manner . . . we already have this information on you and your accounts.

Spam-Unsolicited email or text messages sent to large numbers of people to promote products or services. Federal legislation known as CAN-SPAM Act sets the rules for commercial email, establishes requirements for commercial messages, gives customers the right to stop receiving email and spells out tough penalties for violations.

Spyware-This is a type of malware that gathers information from your computer activities and sends it to an unknown source without your knowledge. Spyware programs can be particularly damaging when they are designed to capture personal and financial information that can be used to commit fraud.

Trojan horse-This typically comes to you via a seemingly legitimate piece of software that carries an unwanted bit of programming code that can be used by hackers to gain unauthorized access to your computer.

Virus-A virus, also a malicious program or programming code, can be transmitted in a variety of ways, including being copied from one device to another through an infected thumb drive or being transmitted through an infected email attachment. Viruses can be as harmless as delivering a birthday message or as destructive as causing your hard drive to be reformatted.

Vishing-Vishing is a form of phishing that occurs over VOIP (Voice Over Internet Protocol) connections. In a vishing scam, a person receives a phone call that appears to be coming from a legitimate source such as a bank or credit card company. The caller identification on the victim’s phone will show a legitimate business name and number, when in fact a criminal is really making the call. The criminal will pose as a representative of the company and ask the victim to confirm account details and other sensitive information, thereby illegally obtaining sensitive financial and personal information that can be fraudulently used. Again, remember, any bank will already have your personal and bank information. Do not provide this type of information over the phone . . . to anyone!

Worm-A worm is a form of malware that reproduces itself in order to spread to other computers on a network. A malicious worm will typically use up computer resources with the intention of shutting down the entire system. Remember when a worm was something you put on the end of your fishing line?

Zombie-Zombies used to be fictitious characters in horror movies. Now days they live in computers that have been maliciously accessed by criminals and set up as part of a botnet to spread spam and viruses on the internet.

Mobile Phones and Internet Technology are great tools. We have access to more information than ever before in history. Banking is more convenient than ever. But as you can see, with zombies, phishing, vishing, smishing, spoofing and skimming lurking around every corner, it is imperative that you stay alert, stay diligent in your awareness and knowledgeable about today’s latest scam. The following websites can help you do that.

Identity Theft Tips:

http://www.idtheftcenter.org

http://www.consumer.gov/section/scams-and-identity-theft

http://www.identitytheftassistance.org

Cyber Security Tips:

http://www.us-cert.gov/cas/tips

http://www.fbi.gov/about-us/investigate/cyber/cyber

Internet Security Tips:

http://www.staysafeonline.org

http://www.onguardonline.gov

Internet Crime Complaints:
http://www.ic3.gov
Free Credit Report:
https://www.ftc.gov/faq/consumer-protection/get-my-free-credit-report
Do Not Call Registry:
https://www.donotcall.gov
Get to Know Eaton Federal. Meet our Experts. >