Heartbleed Bug Information
The vulnerability called “Heartbleed” affects websites that use specific versions of OpenSSL, or open source encryption technology. ABE Federal Credit Union continually evaluates our systems for any potential vulnerabilities. We have contacted our vendors with access to member information and there are no current vulnerabilities. Members can be assured that ABE is acting to keep your account safe and secure. We will continue to monitor this situation and will keep our members updated. To make sure that you’re doing all you can to protect your personal information, take a moment and review these tips.
We have several layers of security on our home banking platform, some may lock you out of home banking even if you were the person logging in. If you are locked out of home banking, please click here for the phone number of your local branch for assistance.
Click for Free ABEFCU Member Security Education!
Helping members protect their privacy and financial security is a prime concern of ABE. Please read the following information on today’s dangers, how to avoid them and what to do if you are affected by them. Lastly, there is a list of Contacts for further information.
Some of today’s dangers include Identity Theft, Internet Security Concerns and ATM safety.
If you lose your card, report it to the below numbers, anytime day or night:
|ATM or Debit Card||(516) 763-7580|
|MasterCard Credit Card||(800) 627-8372|
|VISA Credit Card||(800) 237-6211|
Undoubtedly the best way to protect yourself is never to respond to phone calls, letters, e-mails or Internet offering for work-at-home opportunities, sweepstakes or other offers involving check and wire transfers. For more information, go to www.fakechecks.org .No matter the come-on, the bait in wire transfer scams is the same: You receive one or more checks, typically for less than $5,000 each, with instructions to deposit money in your account and quickly forward all or part of the amount to another party, usually by wire or personal check. Scammers depend on a quick turnaround to get your money before credit unions discover their checks are bogus.Check Fraud
Other ways to protect yourself:
- Don’t assume any checks you’ve deposited are in your account until the credit union decrees that “funds have been collected. ” Being told “funds are available” is not good enough.
- Trash any check claiming to be winnings from a lottery or sweepstakes in which you’re asked to pay “processing ” or ” handing” fees.
- Don’t deposit a check that exceeds the price of an item you sell online. If, s ay, you receive a $3,000 check for a $500 item and are asked to wire back the difference, assume the $3,000 check is bogus and you’ll lose money.
- Don’t respond to phone numbers listed in a letter explaining the reason for an unsolicited check. Scammers often avoid capture by using cell phones or toll-free numbers for only 30 days and then discarding them.
- Don’t trust purported cashier’s or government checks. Because they require the shortest “hold” time, their forgeries are especially common.
- If you receive a questionable check in the mail, contact your local U.S. Postal Inspection Service by visiting www.usps.com
Identity Theft occurs when criminals use the personal financial information of another person to masquerade as that person. These thieves steal people’s Social Security Numbers, Account Numbers, Physical Addresses, Email Addresses, PINs, Credit Card Numbers, Debit Card Numbers, Usernames and passwords, and other private information. Then they use that information to open credit card accounts, obtain loans, charge to credit or debit cards you already have. But there are steps you can take to keep this information out of their hands.
1) Always look at your monthly statements. Check all transactions for accuracy and immediately report anything suspicious. Keep your statements in a secure place.
2) Keep track of Billing and Statement Cycles. Missing statements may be caused by Identity Thieves submitting Change-of-Address forms to the Post Office. The mail may be diverted to hide charges from the victim or intercept private financial documents mailed to the victim.
3) Make sure your financial institutions have your current address and telephone number. If suspicious account activity is spotted by one of your financial institutions, you will need to be contacted right away.
4) Keep a list of verified phone numbers. For each of your accounts, write down the telephone numbers to reach that financial institution. Record the official numbers from the statements and other documents you directly received from your financial institutions.
5) Never respond to Unsolicited Phone calls. Never give out your personal information to someone unless you placed the call. If an unsolicited phone call sound legitimate, ask for the person name, position and phone number then call your financial institution. One of our members received a call regarding a shopping spree that she had won from the Health Department of Connecticut. This was an attempt to phish by telephone and the member alerted us and the Health Department properly.
6) Review your credit report at least once a year. Free credit reports are available through www.annualcreditreport.com
7) Use the post office or an official USPS mailbox. Outgoing mail with personal financial information such as bill payments or accepted credit card applications should never be placed in an unlocked mailbox. .
8) Incoming mail should be picked up promptly. When traveling, always have your mail held at your local USPS branch.
9) Protect your PIN and passwords for Debit, Credit or ATM cards. Memorize your PINs and passwords, don’t write them down. PINs and passwords should not personally connect to you. Don’t use the SSN, phone number, address, names, children’s names, car models of yourself, your family or your friends. Passwords should include letters and numbers where possible.
10)Shred your financial trash. Any piece of paper with personal financial information should be torn, or better yet, shredded before being thrown out. Pre-approved Credit card applications should never be placed in the trash unless destroyed first. Plastic cards such as Credit, Debit, or ATM cards should be destroyed with scissors.
11) Internet frauds. Never enter personal information into a webpage unless you have entered the webpage address yourself. Only enter personal information on secured websites. Beware of emails asking for personal financial information. Instead, call the company or enter their web address directly into your web browser.
12) Don’t keep all your Credit, Debit or ATM cards in your purse or wallet. Only carry the cards you would need in an emergency. If your purse or wallet is stolen, you will only need to cancel the stolen cards.
13) Don’t carry your Social Security Card, passport or birth certificate. Keep these documents in a secured place unless needed. Avoid giving out your Social Security Number wherever possible.
14) Don’t carry personal information on portable computers such as laptops or handhelds. These computers are easily stolen or lost. If financial information must be carried on one, encrypt the files.
15) Keep blank, cancelled and voided checks in a secure place. Shred before disposing. If possible, new checkbooks should be delivered to branch, not to an unlocked mailbox.
16) Clean out your glove compartment.Don’t leave your Vehicle registration, Insurance Card, old invoices, etc. where they can be easily stolen.
Internet Security Concerns
1) Phishing. In this scam, members receive false emails urging them to click on a link to verify their account information. The link leads to a counterfeit website that mimics the website of an authentic financial institution but is a fraudulent attempt to obtain member’s personal account information. Examples of sites that have been used are the Federal Reserve, Visa, NYCE, NCUA, PayPal, CUNA, EBay, MasterCard. None of these organizations will ask you for you personal information by EMail.
2) Unsecured networks. Public LANs, such as Internet Cafes, Libraries, schools. Also Wireless networks.
3) Email Scams. These are mostly classic regular mail scams that have been updated for the Internet age. A famous example is the “Nigerian Prince”. The victim receives an unsolicited email promising them a share in the riches of an African prince if they send money to help him flee to America. The scammers keep the money sent to them and disappear.
4) Auction Scams. People who sell items on the Internet are the target of these scams. The scammer pays for a purchase with an overpaid check or money order. Claiming a simple mistake, the scammer then asks for the return of the overpayment amount as soon as possible. By the time the scammer’s check is discovered as a phony, The scammer has disappeared along with the returned overpayment.
4) Malware, Spyware, keyloggers. Malware is Malicious Software that is piggybacked with another program. For example, a person downloads a game from the Internet. When that game installs, more programs such as Spyware or keyloggers are also installed without the person’s knowledge.
6) Viruses, Worms and Trojans. Programs that exploit cracks in your computer’s security. Some of these “Exploits” allow their authors to capture you financial information directly from your computer.
· Every computer should have installed an Antivirus program. The Antivirus program will also need it’s “Definitions” file updated on a regular basis.
· Install a firewall on each PC. Window XP comes with a built-in firewall.
· Use an encrypting program to protect any files containing personal financial information.
· When transmitting personal financial data over the Internet, make sure you are using a secure website.
8) Always use a secured Browser when entering personal Information. Make sure the URL in the Address bar starts with “https://”. Also, if using Internet Explorer, look for the “Lock” Icon on the bottom bar of your browser. If your browser session is secured in this way, your information is encrypted before being sent over the Internet connection.
1) Always remember to take your card and receipt with you when leaving the ATM. Never dispose of any trash with your name or any financial information at an ATM. Dispose of it properly at home.
2) Be aware of the ATM’s surroundings, especially at night. Use ATMs that are well lit and in high traffic areas.
3) Be on the lookout for “shoulder surfers”. People trying to see the keypad as you enter your PIN.
4) There’s safety in numbers. If using an ATM after dark, be accompanied by another person.
5) Don’t count your withdrawn cash at the ATM. Put it away in a pocket as soon as possible. Don’t count your money until you are in a secure location such as a locked car or your home.
6) Never use an ATM when your suspicions have been aroused. Go to another ATM or come back another time.
7) never use a tampered ATM. If the ATM has equipment attached to or near the keypad or money dispenser, especially if attached with adhesive tape, don’t use the machine. Contact the financial institution using the telephone number on the machine.
8) Never give your PIN or card to someone else. Be suspicious of anyone asking for them. No one at your financial institutions should ever ask for them.
9) If your PIN or card is ever stolen or lost, contact the financial institution right away.
10) Never write down your PIN. Memorize it.
Steps to protect yourself and your accounts
1) In a secure place keep the following:
· Photocopies of the forms used to open accounts
· Photocopies of the forms used to modify account info(change of address, etc)
· Photocopies of loan applications
· Photocopies of the front and back of all credit, debit and ATM cards.
· Photocopies of the front and back of your Social Security card.
· Blank, voided or cancelled checks.
2) Only give out your Social Security Number when absolutely necessary. There are valid reasons for asking for a SSN. For example, wage & tax reporting or to pull a credit report for a loan application. If asked for your social security number, ask the following questions to help you decide whether to give your number:
1. Why do you need it?
2. How will it be used?
3. How do you protect it from being stolen?
4. What will happen if I don’t give it to you?
5. Can we substitute another Identification Number?
3) An Anti-virus program and anti-spyware programs should be installed each on your PCs and updated regularly.
4) Install a software firewall on your PC, especially if you are using a high speed connection. If you have more than one computer using an internet connection, a hardware firewall should be considered.
5) Encrypt computer files holding personal financial information when possible.
6) Avoid keeping personal financial information on a laptop computer or other small portable devices that are easily stolen.
7) When disposing of an old PC, use a “wipe” utility to erase all information on the hard drive.
8) Be wary of promotional scams. Identity thieves use phony offers to get victims to supply personal financial information.
9) Check your invoice and statements for unknown charges.
If you suspect an attempt to steal your financial information
1) Contact your financial institutions immediately to close accounts that may have been compromised.
2) Contact the fraud department of one of the three major credit agencies, Equifax, Experian or TransUnion to place alerts on your accounts. Also ask for a copy of your credit report to be sent to you.
3) Using the credit report, your statements, etc., close any accounts showing suspicious activity and any accounts opened fraudulently.
4) File a police report. To help avoid being held liable for losses, send copies of the police report to your creditors.
5) File a complaint with the Federal Trade Commission. The FTC keeps a database of identity theft cases.
6) When reopening accounts, choose passwords that you have never used.
Consumer Credit Bureaus:
Equifax 800-525-6285 www.equifax.com
Experian 888-397-3742 www.experian.com
TransUnion 800-680-7289 www.TransUnion.com
For your free Credit report: www.annualcreditreport.com
Federal Trade Commission
Hotline 877-IDTHEFT(438-4338) www.consumer.gov/idtheft
Social Security Administration
Fraud Hotline 800-269-0271 www.ssa.gov
E-mail is not necessarily secure against interception. If your communication is very sensitive, or includes personal information such as your account numbers, credit card number or social security number, you may want to call us, send it through the U.S. Post Office, or use our Secure Contact Us Form.
Important Disclaimer: From time to time, we provide links to other websites for the use of our visitors, which have been compiled from internal and external sources. By clicking “continue” above, you will be opening a new browser window and leaving our website. Although we have reviewed the websites prior to creating the link, we are not responsible for the content of the sites.
Information on linked website pages may become dated or change without notice, and we do not represent or warrant that information contained on these linked pages are complete or accurate. We suggest that you always verify information obtained from linked websites before you act upon such information.