Articles

Fake Invoice Emails (November 30, 2018)

Recently we have become aware of a fake invoice email scam where people receive emails that appear to be from a known business with an attached invoice. The attached invoice is actually a malicious file.

What is email spoofing?
Email spoofing is when an email is sent with a forged sender address. A real email address is used but the message is actually sent from a malicious server or a server that has been hacked. Because the main email protocol does not have an authentication system in place, this method is common for phishing emails to use to deceive the recipient.

Sending fake or spoofed emails is called “phishing” because the sender is “fishing” for your personal information. The goal is to trick you into giving up your personal, financial, or account information.  Phishing emails may ask you to visit a fake or “spoof” website or call a fake customer service number. Scammers also use phishing emails to get access to your computer or network by tricking you into downloading a malicious file. They then install programs like ransomware that can lock you out of important files on your computer.

Advice on how to protect yourself from spoofed email scammers

  • Don’t reply to the email, click any links, or download any attachments.
  • Always telephone the person you are intending to send payment to.
    Confirm with them the amount and bank details prior to sending any monies. Do not ask them to verify any of this information by email because if you are being targeted you will be communicating with the fraudster!
  • Ensure you have paid anti-virus protection on all computers and if you have a server, the same applies. Although anti-virus won’t protect you from users responding to fraudsters payment requests, it will help protect you from viruses entering your system.
  • Regularly change all your passwords and keep this information confidential. Do not share your passwords with anyone. The more complex your passwords are, the better!
  • Think carefully before making an instant decision. Read every email cautiously and don’t rush to send a payment without double checking first. Remember to call the person directly prior to sending any sum of money.
  • Always check the sender of the email. In most cases the criminal will try to mirror the legitimate email address as best they can. Spotting signs of spelling errors is a tell-tale sign. Here are some examples:

If for instance you normally communicate with someone called james@xyz.com and the email you receive is from jamess@xyz.com it’s easy for you to skim past this without spotting that an extra “s” has been added onto the end of James.

Another example:

accounts@thedeliverycompany.com
accounts@the-deliverycompany.com

The simple addition of a hyphen can easily go unspotted!

 

Telephone Spoofing Scam Requesting Account Numbers and Pins (November 27, 2017)

Please be advised of a recent telephone spoofing scam. In the past week, customers have received phone calls appearing to be from Jeff Bank on their caller ID. When these calls were answered, it was an automated message claiming that the customer’s account was seized due to fraudulent purchases. In some instances, the call also requested account numbers and a four-digit PIN. These calls are a SCAM.

The best advice to beat the scam is simple – hang up the phone. Never assume that someone is who they purport to be just because the number displayed on your caller ID matches that of an organization you know. Always be suspicious if you’re asked for your account numbers, four-digit PIN, or full online banking passwords. Same goes for transferring or withdrawing money or giving your card to a courier. Remember, your bank will never ask you to do any of these things.

Please contact your local branch or the main office at (845) 482-4000 with any questions or concerns.

 

Recent Telephone Spoofing Scams (October 2, 2017)

Please be advised of recent telephone spoofing scams. A customer received a call, which showed up on their caller ID as being from Jeff Bank. When the customer answered, the call was an automated recording pitching medic alert systems for older adults. This call is a scam. A unique type of technology now enables fraudsters to fake the number they are calling from by making a false number appear on your caller ID. It’s extremely effective, because the number displayed appears to be your bank’s correct contact number.

The best advice to beat the scam is simple – hang up the phone. Never assume that someone is who they purport to be just because the number displayed on your caller ID matches that of an organization you know. Always be suspicious if you’re asked for your four-digit PIN or full online banking passwords. Same goes for transferring or withdrawing money or giving your card to a courier. Remember, your bank will never ask you to do any of these things.

Please contact your local branch or the main office at (845) 482-4000 with any questions or concerns.

 

Equifax isn’t calling (September 14, 2017)

Ring, ring. “This is Equifax calling to verify your account information.” Stop. Don’t tell them anything. They’re not from Equifax. It’s a scam. Equifax will not call you out of the blue.

That’s just one scam you might see after Equifax’s recent data breach. Other calls might try to trick you into giving your personal information. To read the full article, click here.

 

Identity Theft Protection Following the Equifax Data Breach (September 9, 2017)
Millions of Americans have been impacted by the recent Equifax data breach. Whether or not your personal information has been stolen, there are steps you can take to protect yourself and your credit.

What is identity theft, and what can you do?
Sometimes criminals who steal data use it to engage in identity theft. It’s important to first understand what identity theft is. Identity theft occurs when someone uses your personal information, without your permission, and pretends to be you to commit fraud. Identity thieves may attempt to use your credit cards, open new accounts in your name, or attempt to access your accounts. It can be hard to notice that you were a victim of identity theft until you review your reports or statements and see charges you didn’t make, or are contacted by a debt collector about a debt that you don’t recognize. If you see anything out of the ordinary on your financial statements or credit reports, no matter how small, you should take action immediately.

To read the full article, click here.

 

The Equifax Data Breach: What To Do (September 8, 2017)
If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies.

Here are the facts, according to Equifax. The breach lasted from mid-May through July. The hackers accessed people’s names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. They also stole credit card numbers for about 209,000 people and dispute documents with personal identifying information for about 182,000 people. And they grabbed personal information of people in the UK and Canada too.

To read the full article, click here.

 

Avoiding Social Engineering and Phishing Attacks (October 22, 2009)
What is a social engineering attack?
In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. However, by asking questions, he or she may be able to piece together enough information to infiltrate an organization’s network. If an attacker is not able to gather enough information from one source, he or she may contact another source within the same organization and rely on the information from the first source to add to his or her credibility.

To read the full article, click here.

 

Preventing and Responding to Identity Theft (September 17, 2008)
Is identity theft just a problem for people who submit information online?
You can be a victim of identity theft even if you never use a computer. Malicious people may be able to obtain personal information (such as credit card numbers, phone numbers, account numbers, and addresses) by stealing your wallet, overhearing a phone conversation, rummaging through your trash (a practice known as dumpster diving), or picking up a receipt at a restaurant that has your account number on it. If a thief has enough information, he or she may be able to impersonate you to purchase items, open new accounts, or apply for loans.

To read the full article, click here.

WeatherIcon For: Weather

Change City

Cancel
×

Upcoming Community EventsIcon For: Events

SUBMIT AN EVENT

Event Name is required and must be a string.
Event Date is required and must be a string.
Event Date is required and must be a string.
Event Description is required and must be a string.

The following information is for Bank use ONLY and will not be published:

Name is required and must be a string.

By submitting an event, I acknowledge that you are under no obligation to post the event on your Event Calendar. You may edit the text for the event at your sole discretion.

×