November 20, 2017, 10:48 AM
US-CERT reminds users to remain vigilant when browsing or shopping online this holiday season. Emails and ecards from unknown senders may contain malicious links. Fake advertisements or shipping notifications may deliver attachments infected with malware. Spoofed email messages and phony posts on social networking sites may request support for fraudulent causes.
To avoid seasonal campaigns that could result in security breaches, identity theft, or financial loss, users are encouraged to take the following actions:
- Avoid following unsolicited links or downloading attachments from unknown sources.
- Visit the Federal Trade Commission's Consumer Information page on Charity Scams.
If you believe you are a victim of a holiday phishing scam or malware campaign, consider the following actions:
- Report the attack to the police and file a report with the Federal Trade Commission.
- Contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account.
Source: United States Computer Emergency Readiness Team
- Immediately change any passwords you might have revealed and do not use that password in the future. Avoid reusing passwords on multiple sites. See Choosing and Protecting Passwords for more information.
October 12, 2017, 11:17 AM
Source: Federal Trade Commission
If you own a small business or work for one, you’re probably concerned with protecting your business’ data. You want to make sure that sensitive information isn’t accidentally deleted, turned over to a scammer, or hacked. So this week, during National Cybersecurity Awareness Month, let’s focus on making sure you know the resources the Federal Trade Commission (FTC) has to help you and your employees understand cybersecurity, maintain your business’ computers and networks safe, and keep sensitive information protected.
Earlier this year we launched FTC.gov/SmallBusiness, which makes it easy for you to access the privacy and security information you need. For example, at FTC.gov/SmallBusiness you’ll find:
- An article about computer security basics to keep your company’s files, devices and wireless network protected
- Guidance to help you develop a plan to protect your business’s data
- Videos that explain what you can do if your business is victim of a ransomware attack – when a hacker takes your data hostage – or a phishing scheme
- Steps to take in case of a data breach
- Blogs posts to keep you up to date on the latest advice
As we focus this week on small business’ cybersecurity, visit FTC.gov/SmallBusiness. Read the articles, download the videos, and show them to others. You can also order publications free of charge and keep copies available for your employees. And if you subscribe to the FTC’s business blog you’ll stay connected with us this week and all year long.
October 03, 2017, 10:10 AM
October is National Cybersecurity Awareness Month (NCSAM), an annual campaign to raise awareness about cybersecurity. The National Cyber Security Alliance (NCSA) has published general tips to help you increase your cybersecurity awareness—including whom to contact if you are the victim of cyber crime—and protect your online activities.
US-CERT encourages users and administrators to review NCSA’s guidance for online safety basics and the US-CERT Tip on Avoiding Social Engineering and Phishing Attacks for additional information.
September 15, 2017, 8:57 AM
Considering a fraud alert or credit freeze? In the aftermath of the Equifax data breach, many people are. You don’t need to be an identity theft victim to use them – but it’s helpful to consider your situation. If you’re not sure which is best for you, here are some things to think about.
What do fraud alerts and credit freezes do? With a fraud alert, businesses must try to verify your identity before extending new credit. Usually that means calling to check if you’re at a particular store attempting to take out new credit. With a credit freeze, no one – including you – can access your credit report to open new accounts. You’ll get a PIN number to use each time you want to freeze and unfreeze your account to apply for new credit.
How long do fraud alerts and credit freezes last? A fraud alertlasts for 90 days. You can renew it but you’ll need to remind yourself or it will expire automatically. Identity theft victims are entitled to an extended fraud alert, which last seven years. In almost all states, a credit freeze lasts until you temporarily lift or permanently remove it. In a few states, it expires after seven years.
How much do they cost? Fraud alerts are free. Credit freezesmay involve fees, based on state law. In most states, they’re free for identity theft victims. For non-victims, they cost about $5 to $10 each time you freeze or unfreeze your account with each credit reporting agency.
How do I place a fraud alert or credit freeze? To place a fraud alert, contact any one of the three major credit reporting agencies, either by phone or online. The one you contact is required to notify the other two. If you’re an identity theft victim placing an extended fraud alert, you’ll also need to mail or upload your Identity Theft Report which you can create at IdentityTheft.gov. To place a credit freeze, you must contact each of the three credit reporting agencies individually at their credit freeze portals.
How does this all add up? Credit freezes may be a strong tool but they may not be for everyone. Consider the cost and hassle factor. If you’re about to take out new credit (apply for a mortgage, car loan, student loan), then you’ll have to unfreeze and refreeze each time you want new credit. But if you won’t need new credit soon, then a credit freeze may be for you.
Source: Federal Trade Commission
September 15, 2017, 8:54 AM
Ring, ring. "This is Equifax calling to verify your account information." Stop. Don’t tell them anything. They’re not from Equifax. It’s a scam. Equifax will not call you out of the blue.
That’s just one scam you might see after Equifax’s recent data breach. Other calls might try to trick you into giving your personal information. Here are some tips for recognizing and preventing phone scams and imposter scams:
- Don’t give personal information. Don’t provide any personal or financial information unless you’ve initiated the call and it’s to a phone number you know is correct.
- Don’t trust caller ID. Scammers can spoof their numbers so it looks like they are calling from a particular company, even when they’re not.
- If you get a robocall, hang up. Don't press 1 to speak to a live operator or any other key to take your number off the list. If you respond by pressing any number, it will probably just lead to more robocalls.
If you’ve already received a call that you think is fake, report it to the FTC.
If you gave your personal information to an imposter, it’s time to change any compromised passwords, account numbers or security questions. And if you’re concerned about identity theft, visit IdentityTheft.gov to learn how you can protect yourself.
Source: Federal Trade Commission
September 08, 2017, 3:46 PM
City Bank is aware of the Equifax data breach involving the personal information of 143 million individuals that was first made public on September 6th, 2017. Equifax is one of the largest consumer reporting agencies in the world. Credit reporting agencies are authorized under federal law to collect and report credit histories and scores for consumers and businesses and are subject to various federal laws such as the Fair Credit Reporting Act.
According to Equifax, the data that was exposed in the breach includes names, addresses, social security numbers, dates of birth, some driver license numbers, and some credit card numbers. Equifax has also reported that at this time, they are not aware of any unauthorized access into their core databases that contain information related to consumer banking accounts and loans.
Equifax has provided an informational website for consumers to learn about the breach, determine if you were affected, and register for free credit monitoring services. In addition, the Federal Trade Commission has created a website to help consumers determine what they should do in response to the breach.
City Bank is closely monitoring the situation for any updated information or news that could impact our customers. While your City Bank accounts and related information are believed to be unaffected, we are recommending that all our customers follow the guidance provided by the FTC by visiting this resource page on their website. In addition, and as always, we recommend you contact us immediately at (800) 687-2265 if you suspect any suspicious activity related to your City Bank accounts.
For general information about keeping your account activity safe and secure, visit the Fraud & Security section of the City Bank website.