Safety & Fraud Prevention
Slam Email Scams
The federal agency CISA (Cybersecurity & Infrastructure Security Agency) offers tips to help rescue you from email scams plus seven steps you can follow to zap other villainous email fraud attempts you may encounter down the road.
FBI Releases 2021 Internet Crime ReportIn the past year, there’s been a 7% increase in internet crime with close to 6.9 billion in reported losses, according to the FBI’s recently released 2021 Internet Crime Report. The top three cyber crimes reported by victims in 2021 were phishing scams, non-payment/non-delivery scams, and personal data breach. Victims lost the most money to business email compromise scams, investment fraud, and romance and confidence schemes. To report an online crime or view IC3’s annual reports and public service announcements, visit ic3.gov.
Disconnect From Phone Scams
Ready to pull the plug on phone scammers? The Federal Trade Commission offers tips to help you recognize phone fraud and steps you can take to disconnect yourself from future phone fraudsters:
The IRS “Dirty Dozen”
Every year, the IRS compiles the “Dirty Dozen” – the top 12 scams that taxpayers may encounter during peak filing season. Learn how to spot and avoid tax scams:
Link to IRS YouTube Video:Dirty Dozen Video
Link to IRS.gov:
Dirty Dozen Webpage
Phone Scams | FTC Consumer Information
Cupid or Con Artist?
Romance scams have been going on for centuries but online and mobile technology have helped spur a record number of cases in recent years. Scam artists create a fake online identity to gain a victim’s affection and trust. Then Rotten Romeos (and Lawless Lolitas) use the illusion of a romantic or close relationship to manipulate and/or steal from the victim.
The FBI offers tips on how to spot and steer clear of romance scams: Romance Scams | FBI
It’s Not True Love If They Ask For Money | FTC Consumer Information
The Lies Romance Scammers Tell | FTC Consumer Information
Your Bank Helps Keep You Covered.
Today’s banks use a mix of good customer service, federal regulations and high-tech tools to help reduce fraud and safety risks.
These days, algorithms, artificial intelligence authentication and biometric security measures are just a few of the tech tools banks across the country are using to help protect millions of dollars from con artists.
In addition, Patriot Act legislation and ongoing communications like scam alerts and notices reminding clients to stay in touch if they notice unusual account activity also help reduce fraudulent activity.
To learn more visit: How Banks Are Working to Protect You From Fraud | Banking Advice | US News
Don’t let your cloud storage security float away.
Wired® Magazine offers 9 tips for keeping your cloud storage safe & secure:
- Use Strong Passwords and Two-Factor Authentication Activate two-factor authentication (2FA) and choose long and unique passwords that are difficult to guess, use a password manager and be wary of any attempts to get you to part with them (in an unexpected email, for example).
- Audit Your File and Folder Shares Be careful who you share files and folders with, and add passwords and expiry dates to your shares, if these features are available, and run a regular audit of all the shares that are currently active on your account.
- Clear Out Your ‘Deleted’ Files While many cloud storage services run a recycle bin of sorts, keeping deleted files around for a few days or weeks just in case you want them back, you might want to make sure certain sensitive files are completely obliterated and no longer able to be recovered.
- Check Your Connected Apps and Accounts Even if hackers can’t get into your accounts through the front door, they might try and gain access through a side window—in other words, through another account that’s connected to your cloud storage. Make sure you’re regularly checking which third-party applications have access to your cloud storage and remove any that you’re not actively using (you can always add them again if you need to).
- Turn on Account Alerts Most cloud storage services will be able to send you alerts about significant account events, such as new sign-ins, and it’s important to make sure these are switched on. You might also be able to subscribe to alerts about activity inside your accounts, such as new shares that have been created, or files and folders that have been removed.
- Deactivate Old Devices That Still Have Access Most cloud storage services let you sync files from multiple devices, so if you upgrade your phone or switch jobs and use a new laptop, it’s important that you properly disconnect and deactivate the old ones
- Enable Account Recovery Options Your cloud storage account is only as secure as the weakest link attached to it, which means you need to keep the account recovery options as well protected as your login credentials.
- Sign Out When You’re Not Using Your Accounts It’s important that you sign out to stop anyone else gaining access to your files—especially if you’re on a computer that’s shared with other people (such as the rest of your household).
- Protect Your Devices, Too Physical security is important too. Keep the phones, laptops, and other devices where you use your cloud storage accounts guarded against unauthorized access.
‘Tis The Season to Watch Out for Swindlers!
Don’t let swindlers snatch away your holiday joy. AARP® shares 4 common holiday season scams to watch for:
- Charity scams: Network for Good, a leading charitable fundraising organization, reports that 1/3 of all charitable giving is done in December. Scammers set up sham charities to exploit the ‘season of giving’ via fake websites and pushy telemarketers so be sure to use caution when you receive donation requests.
- Delivery scams: As holiday packages crisscross the country, scammers send out phishing emails disguised as UPS, FedEx or U.S. Postal Service notifications of incoming or missed deliveries. Links lead to phony sign-in pages asking for personal information, or to sites infested with malware.
- Travel scams: According to a recent survey, 27% of Americans plan to travel during the holidays in 2021. Spoof booking sites and incredible email offers proliferate. When travel deals look too good to be true, they probably are.
- Letter from Santa scams: A custom letter from jolly old St. Nick makes a holiday treat for the little ones on your list, and many legitimate businesses offer them. But so do many scammers looking to scavenge personal information about you or, worse, your kids or grandkids, who may not learn until many years later that their identity was stolen and their credit compromised.
Score a Secure Credit Report
Here are some Better Business Bureau recommendations published in USA Today that can help you avoid getting caught up in ‘Free Credit Score’ phishing scams:
- Always check the domain name. Government agencies usually communicate through the mail, not text or email. (One common scam involves a fake email claiming to be from the Internal Revenue Service and requesting information.)
- Use the official free credit report website, AnnualCreditReport.com. The only free credit report service BBB recommends is https://www.annualcreditreport.com/. The government requires that consumers have access to their credit report once every 12 months from each of the three credit bureaus: Equifax, Experian and TransUnion.
- Avoid links and attachments. If you receive any unsolicited attachments or links, the BBB recommends avoiding them. If you want to log into your bank, for example, type in the url directly on your browser instead of clicking on any embedded hyperlink, which could take you to an impostor site.
- Don’t provide your credit card. If a credit score site does require your credit card information before sharing your credit score, it could be a sign that it plans to charge you or enroll you in a monthly service.
- Skip sites that are not secure. The BBB also recommends never entering your personal information, including your Social Security number, address or banking information, on websites that are unfamiliar or non-secure. The url should include “https” in it. If you are ever suspicious , turn to a more traditional mode of communication – the telephone – to check on it. But don’t call the numbers included in emails, which could be fake.
- Password-protect your phone. Your phone probably contains a lot of personal data, which is why you should password-protect it, just in case you lose it. You wouldn’t want a stranger having access to all your emails and accounts.
Download these mobile device security tips.
The Cybersecurity & Infrastructure Security Agency (CISA) has some helpful guidance on how to improve mobile device and app security and reduce exposure to fraud: Privacy and Mobile Device Apps | CISAWhat are the risks associated with mobile device apps? Applications (apps) on your smartphone or other mobile devices can be convenient tools to access the news, get directions, pick up a ride share, or play games. But these tools can also put your privacy at risk. When you download an app, it may ask for permission to access personal information—such as email contacts, calendar inputs, call logs, and location data—from your device. Apps may gather this information for legitimate purposes—for example, a ride-share app will need your location data in order to pick you up. However, you should be aware that app developers will have access to this information and may share it with third parties, such as companies who develop targeted ads based on your location and interests. How can you avoid malicious apps and limit the information apps collect about you?
Before installing an app
- Avoid potentially harmful apps (PHAs). Reduce the risk of downloading PHAs by limiting your download sources to official app stores, such as your device’s manufacturer or operating system app store. Do not download from unknown sources or install untrusted enterprise certificates. Additionally—because malicious apps have been known to slip through the security of even reputable app stores—always read the reviews and research the developer before downloading and installing an app.
On already installed apps
- Review app permissions. Review the permissions each app has. Ensure your installed apps only have access to the information they need, and remove unnecessary permissions from each app. Consider removing apps with excessive permissions. Pay special attention to apps that have access to your contact list, camera, storage, location, and microphone.
- Limit location permissions. Some apps have access to the mobile device’s location services and thus have access to the user’s approximate physical location. For apps that require access to location data to function, consider limiting this access to when the app is in use only.
- Keep app software up to date. Apps with out-of-date software may be at risk of exploitation of known vulnerabilities. Protect your mobile device from malware by installing app updates as they are released.
- Delete apps you do not need. To avoid unnecessary data collection, uninstall apps you no longer use.
- Be cautious with signing into apps with social network accounts. Some apps are integrated with social network sites—in these cases, the app can collect information from your social network account and vice versa. Ensure you are comfortable with this type of information sharing before you sign into an app via your social network account. Alternatively, use your email address and a unique password to sign in.
What additional steps can you take to secure data on your mobile devices?
- Limit activities on public Wi-Fi networks. Public Wi-Fi networks at places such as airports and coffee shops present an opportunity for attackers to intercept sensitive information. When using a public or unsecured wireless connection, avoid using apps and websites that require personal information, e.g., a username and password. Additionally, turn off the Bluetooth setting on your devices when not in use. (See Cybersecurity for Electronic Devices.)
- Be cautious when charging. Avoid connecting your smartphone to any computer or charging station that you do not control, such as a charging station at an airport terminal or a shared computer at a library. Connecting a mobile device to a computer using a USB cable can allow software running on that computer to interact with the phone in ways you may not anticipate. For example, a malicious computer could gain access to your sensitive data or install new software. (See Holiday Traveling with Personal Internet-Enabled Devices.)
- Protect your device from theft. Having physical access to a device makes it easier for an attacker to extract or corrupt information. Do not leave your device unattended in public or in easily accessible areas.
- Protect your data if your device is stolen. Ensure your device requires a password or biometric identifier to access it, so if is stolen, thieves will have limited access to its data. (See Choosing and Protecting Passwords.) If your device is stolen, immediately contact your service provider to protect your data. (See the Federal Communications Commission’s Consumer Guide: Protect Your Smart Device.)
Don’t Let a Scam Artist Do a (PIN) Number on You.
Here are tips to prevent Personal Identification Number Scams.
Taking a few simple steps can help keep scam artists from using your ATM, phone or other login PINs (Personal Identification Numbers) and accessing your money or other personal information. Remember to NEVER write a PIN down where others may see it (on the card, on a paper kept in your wallet, or on a paper in general) and try to make the numbers easy for you to remember and difficult for others to guess. Avoid variations on your (or a family member’s) birthdate, sequential numbers, any part of your social security number, address, or phone number. Other tips include:
- Stand between the ATM keypad and the person around you so that they don’t see you in-putting your PIN.
- Guard your PIN as you enter it in the machine.
- If the ATM does not appear to be working correctly, contact bank staff. Don’t let a stranger assist you.
- Do not give your ATM PIN to someone else to run a quick errand for you. You give out your ATM PIN, you’ve just given access to your bank account.
- Do not leave your ATM card unattended.
- Use an ATM with adequate lighting.
- Never give out your PIN over the phone.
- Use the Word Method for PIN selection. Convert the digits of a word to the keys on the telephone. For example, if your word is DOGS, the equivalent from the keypad on your phone would be 3647.
- As soon as you’ve completed a Drive-Thru ATM transaction, get your receipt, roll up your windows and pull away from the machine. Do not sit in the area counting money or using your cell phone.
Report Identity Theft to the Federal Trade Commission (FTC) online at IdentityTheft.gov or by phone at 1-877-438-4338
Tips to Prevent ID Theft
IDENTITY THEFT happens when someone uses your personal information (name, Social Security number, credit card number, etc.) without your permission to commit fraud or other crimes. This is a serious crime that can have devastating consequences as some victims must spend hundreds of dollars and many hours repairing their good name and credit record. Bank of Labor will do whatever it takes to keep your online identity safe. The following are some helpful tips that will assist you in preventing identity theft. Tips to Prevent Identity Theft
Beware of Phishing
Phishing is a scam where online criminals try to lure personal information such as credit card numbers or bank account information from unsuspecting victims. Be aware of spoofed email or websites that look like they come from your bank or another trusted source in an attempt to deceive you.
If you contact us we may verify your information to confirm your identity but we will never contact you and ask for your debit/credit card number. If we need to contact you, it will always be done in a manner that protects your personal, confidential information and we will clearly identify ourselves. If you are unsure, contact us directly using our contact information on your card, statement or our website.
Protect Yourself Online
- Install anti-malware software including virus and spyware protection and be sure to keep it up to date.
- Ensure your mobile device and computer are updated with the latest software patches for your installed programs and Operating System.
- Be sure and use a firewall when browsing. Firewalls help prevent unauthorized internet users from accessing private networks.
- Never click on links in unsolicited emails.
- Don’t surf to pages you are unsure of.
- For additional information on what you can do to protect yourself online, go to www.onguardonline.gov.
Check Your Credit Report
Make a habit of checking your credit report. You can get a free copy of your credit report from the big three reporting agencies each year. Visit www.annualcreditreport.com to learn more.
Practice ATM Safety
As with all financial transactions, please exercise discretion when using an automated teller machine (ATM) or night deposit facility. For your own safety, be careful. The following suggestions may be helpful.
- Prepare for your transactions in advance (for instance, by filling out a deposit slip) to minimize your time at the ATM or night deposit facility.
- Mark each transaction in your account record, but not while at the ATM or night deposit facility. Always save your ATM receipts. Don’t leave them at the ATM or night deposit facility because they may contain important account information.
- Compare your records with the account statements you receive.
- Don’t lend your ATM card to anyone.
- Remember; do not leave your card at the ATM. Do not leave any documents at a night deposit facility.
- Protect the secrecy of your Personal Identification Number (PIN). Protect your ATM card as though it were cash. Don’t tell anyone your PIN. Don’t give anyone information regarding your ATM card or PIN over the telephone. Never enter your PIN in any ATM that does not look genuine, has been modified, has a suspicious device attached, or is operating in a suspicious manner. Don’t write your PIN where it can be discovered. For example, don’t keep a note of your PIN in your wallet or purse.
- Prevent others from seeing you enter your PIN by using your body to shield their view.
- If you lose your ATM card or if it is stolen, promptly notify us. You should consult the other disclosures you have received about electronic fund transfers for additional information about what to do if your card is lost or stolen.
- When you make a transaction, be aware of your surroundings. Look out for suspicious activity near the ATM or night deposit facility, particularly if it is after sunset. At night, be sure to use a facility (including the parking area and walkways) that is well lit. Consider having someone accompany you when you use the facility, especially after sunset. If you observe any problem, go to another ATM or night deposit facility.
- Don’t accept assistance from anyone you don’t know when using an ATM or night deposit facility.
- If you notice anything suspicious or if any other problem arises after you have begun an ATM transaction, you may want to cancel the transaction, pocket your card and leave. You might consider using another ATM or coming back later.
- Don’t display your cash; pocket it as soon as the ATM transaction is completed and count the cash later when you are in the safety of your own car, home or other secure surrounding.
- At a drive-up facility, make sure all the car doors are locked and all of the windows are rolled up, except the driver’s window. Keep the engine running and remain alert to your surroundings.
- We want the ATM and night deposit facility to be safe and convenient for you. Therefore, please tell us if you know of any problem with a facility. For instance, let us know if a light is not working or there is any damage to a facility. Please report any suspicious activity or crimes to both the operator of the facility and the local law enforcement officials immediately.
Need to reach us? Please contact us at the number below and our team will gladly assist you. If you would like to open an account or speak to a personal banker visit us at any of our locations located in the Greater Kansas City Metro Area.