| | | |

Fun & Games for Kids

Internet Fraud Warnings


First Central Savings Bank welcomes the responsibility of protecting our customers' privacy. In an effort to educate our customers we have posted information on phishing and spoofing on our bank websites. Brochures have also been distributed with all of our checking account statements.

Phishing is the latest form of identity theft. It's when thieves act as if they are representing an organization and try to hook the consumer into providing personal information. Once the consumer is hooked, the thieves can do lasting damage to a consumer's financial accounts. They can dupe customers into providing their Social Security numbers, financial account numbers, PINs, mothers' maiden names and other personal information.

The thieves often pose as a:

  • Financial institution
  • Credit card company
  • Online merchant
  • Utility or other biller
  • Internet service provider
  • Government agency
  • Prospective employer

Estimated to cost consumers $1.2 billion last year, according to research firm Gartner, Inc., phishing is perpetuated by both phone and e-mail, although email is more prevalent.

Here's how it works: Consumers receive an email from an organization with which they do business. The email typically includes bogus appeals such as problems with an account or billing errors, and asks the consumer to confirm his/her personal information. Different approaches include things such as "We're updating our records," "We've identified fraudulent activity on your account," or "Valuable account and personal information was lost due to a computer glitch." To encourage people to act immediately, the email usually threatens that the account could be closed or canceled.

Most emails ask recipients to follow an embedded link that takes them to an exact replica of the victim company's Web site. Graphics on the counterfeit site are so convincing that even experts often can have a hard time distinguishing the fake site from the real one.

Despite the convincing appeals, consumers should not respond to unsolicited emails that direct them to divulge personal identifying information. Reputable organizations that consumers legitimately do business with generally do not request account numbers or passwords unless the consumer initiated the transaction.

Unfortunately, by hijacking the trusted brands of well-known and reputable organizations nationwide, phishers are able to convince up to 5% of recipients to respond to them, according to the Anti-Phishing Working Group. Gartner, Inc. recently reported that more than 57 million Americans think they have received a phishing email, and the FBI has called phishing the "hottest, most troubling new scam on the Internet."

Members of the Virginia Financial Group have learned through the FBI, FDIC and ABA (American Bankers Association) that there have been several instances of unsolicited email and telephone scams that have attempted to glean personal and banking information from the general public. These emails have the appearance of coming from one of the above mentioned agencies. For more information, you can visit the sites below:

FBI/FDIC Spoofing
ABA Fraud Alert
FBI Spoofing

We want to assure our customers that we do not send any email asking you to send us, via email, any personal or private identifying information.

Below are some security suggestions for Internet users:

If you encounter an unsolicited email that asks you, either directly or through a website, for personal financial or identity informatio (such as social security number, passwords, account numbers or other identifiers), DO NOT RESPOND.
If a web site address is not familiar to you, then it is probably not real. Only use the address that you have used before or start at your normal homepage.
Always report fraudulent or suspicious email to your Internet Service Provider. Reporting instances of spoof web sites will help get those bogus websites shut down before they can do any more harm.
Most companies require you to log in to a secure site. Look for the lock at the bottom of your browser and "https" in front of the website address.
Take note of the header address on the website. Most legitimate sites will have a relatively short internet address that usually depicts the business followed by .com, .net or .org. Spoof sites are more likely to have an excessively long string of characters in the header with a legitimate business name somewhere in the string, or possibly not at all.
If you have any doubts about an email or website, contact the legitimate company directly. Make a copy of the questionable web site's URL address, send it to the legitimate business and ask if the address is legitimate.
If you've been victimized by a spoofed email or website, you should contact your local police or sheriff's department and file a complaint with the FBI's Internet Fraud Complaint Center at www.ic3.gov
When creating your passwords, don't use information that could easily be linked to you (i.e. phone number, your date of birth, address numbers).
Change your password often. We suggest changing your password every 30 days.
Do not share your passwords or PINs with anyone.
Do not write your passwords or PINs down where they may easily be found by others.

To learn more about email scams and what you can do to protect yourself online, the Federal Trade Commission has information on its web site at www.ftc.gov
 


Access ID  

View Demo  |  En Español

GREAT RATES on
Commercial Loans!"


Please complete the application
and bring it to your local branch